Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
I almost got hacked, but I use the built in anti-hack feature
khameleon
Member UncommonPosts: 486
I am also very careful and never fall for phishing scams, but I got a message from SE stating that they noticed a strange computer/location trying to login or change password on my account.
At that time I was in game. I made sure it was a legit e-mail and confirmed it came from SE.
So, it said my account will be frozen until I click their link to update my account info(password). I logged out of the game and tried to login, sure enough wouldn't work. So that also confirmed they froze my account until I did what they said.
I went to the link provided in the e-mail, changed my password and logged back in and nothing bad happened to my account in the end.
Why? I use the one-time password and that stopped the hacking attempt.
USE ONE OF THESE IN EVERY MMO YOU PLAY AND YOU WILL NEVER BE HACKED!!!!
You can even use them through your cell phone for most games.
It is 2013, get with the times and use the features provided by the game makers to protect your account. They put them there just for this reason.
GAME TIL YOU DIE!!!!
Comments
My gaming blog
Yea... its a shame people buy gold and support these lowlifes.
That is why the accounts get banned, the hackers take over the hacked account and use it to spam world chat with gold buying links and info, etc.
So, the people complaining have to understand the bans of the account is actually SE support doing its work.
They are just slow at fixing the account back up for the original owner i guess.... that sucks, but like I said if they had used the on-time password feature they wouldn't be in this situation.
GAME TIL YOU DIE!!!!
I don't think you even read my post, this is about how to stop hackers no matter if they have your username or not.
If you use the one-time password feature, the only way to login is to use a piece of hardware to login. You press a button either on the digipass or your phone and it creates an instantaneous combo of numbers that allows you to login. You have username, pasword, and the numbers. Nobody else in the world has your phone or the digipass linked to your account.
So, if they had my username or not I don't care, my account is protected and cannot be hacked.
GAME TIL YOU DIE!!!!
Really, this should be implemented in ALL MMOs for FREE, looking at you greedy blizzard. I mean offering security for your customer shouldnt come with a price tag.
How mch is the authenticator for WoW, 15$ I think?
Your account can still be compromised but it will be that much more difficult to compromise with the security token in place that it's a less desirable target for hackers. There were some cases of players in FFXIV 1.0 that had their account comprised after they received a phishing email that asked them to put in their token code. Hackers then had a small window of opportunity to hack your account because the token code is actually "live" for a set period of time and that's where the vulnerability of the token lies.
SirCampsalot
$6.50 shipping included.
On topic:
Every time a new MMO comes out we have these magical claims from people who "got hacked" and they "never fall for phishing schemes" or "never bought gold/powerleveling services" but yet, virtual currency selling is a billion dollar a year industry.
Why are there no customers for this virtual currency, while so much "hacking" is taking place? Kinda weird right? Someone is buying virtual currency from these currency farmers, otherwise they'd go out of business and stop farming because it's a waste of time.
It would only make sense that people who have their accounts compromised are likely customers, or they are more gullible and are phished. It's really odd that so many innocent, often InfoSec IT professionals who have brand new computers with fresh OS installs, authenticators AND 78 character long passwords are the ones getting hacked.
I really don't get why they don't just lock accounts on an IP change.
Im not talking about how some games do it where if you run CCleaner it doesn't recognize you. Just log the IP's accessing the account on their side.
Hell I bet if they only locked your account if an IP registered outside your region was trying to log on...it would stop 99% of these issues without additional steps needed by the players.
Additionally, when you tried to log on and your account is frozen, it would be smart to give an in game pop up window with a short code, and then state that only the email with this code is the legit one. Only give this code when the original IP trys to access the game.
Im not some tech guru so it might not be possible. I just think that while getting a code thing is good, ive heard of people getting hacked when using them, all the hacker has to do is register another device to the account...think I heard it happened in FFXI a bunch.
This would inconvenience people who travel and play or whatever, perhaps an option to turn it off or whatever.
I remember when rift went though the same thing, they coin locked accounts. You could log in, but you couldn't trade, mail money, or do anything other than play basically...
I wouldn't mind this, but theirs was annoying since any time I ran CCleaner if locked my account, and then I have to go to email and fix it...and going to an email is always a risk.
You know those "lowlifes" are people trying desperately to make a living right ? working under terrible conditions. Realize the world isn't so centric around you and it becomes a much darker place.
"Spare a thought for the poor criminals ?"
If you honestly believe that people do crime only because they're desperate and can find NO other way to earn a living, then you have a lot to learn about the world. The executives of Enron are a fine example of "desperate criminals", no ?
This is not a case of a starving man snatching an apple off a market stall. These gold seller syndicates consist of organised groups of quite intelligent people who use their cyber skills for criminal purposes, often with absolutely no fear of prosecution.
Finger to nose...
lol they are only stealing from the people who went to their website to buy gold in the first place.
There is basically no Security messure against stupid people that fall for phising emails! Sorry, but there isn´t.
I can understand old People from the older generation falling for these. Hence, why banks stopped using TAN code sheets and switched to SMS / Hardware token only.... as too many stupid and old People were handing out their TAN codes to phising sites.
But People playing Online games should know better by now. /shrug
GW2 does something similar. If you attempt to login from an IP that has never accessed the account before, it says so and you have to do an email confirmation. Once you do so successfully you have the option of adding it to the list of allowed IPs on the account so the message won't come up again (or you can just play and not allow it, which means it'll ask again next time, good if you're traveling on hotel wifi or something)
DHCP. Some countries actually have their IPs change at specific times so it could change while they play. This is a feature used in Path Of Exile and it did not go over well with European Players because of this.
Edit: Not from Europe myself so the explanation may be off but that's how I understood it working for some countries. In most areas DHCP will change your IP but I believe only after a ip renewal/drop or reboot etc...
I dunno what people are doing to get hacked. Up to today I never needed security tokens and similar things to keep my accounts safe.
So again. What are you guys doing? Are you opening every eMail you get? Are you installing all kind of 3rd party software you find on the internet? Are you playing in an internet cafe? Do you play using some public WLAN?
It is free, the physical one cost money but thats because youre paying for the device to be made.Whohonestly doesnt have a smart phone these days?
Quotations Those Who make peaceful resolutions impossible, make violent resolutions inevitable. John F. Kennedy
Life... is the shit that happens while you wait for moments that never come - Lester Freeman
Lie to no one. If there 's somebody close to you, you'll ruin it with a lie. If they're a stranger, who the fuck are they you gotta lie to them? - Willy Nelson
i don't have a smart phone.. or any type of mobile phone tbh, which is why i have the 'key fob' security code tokens, do i begrudge paying a few quid for them, hell no! Of course the fact mobile phones don't really work where i live is kind of an added disincentive to actually owning one
Use an e-mail account that is only for MMO's and games. Set a very good password for it.
For your account names and passwords have a different good password.
If anyone goes to the PCtools website you can use a free tool that creates random passwords if you are no good at making your own. Generate some, save it to a txt file and put it in a secure spot. That should help.
Momo sucks, I have proof.
SirCampsalot
Yeah honestly, if you fall for that you deserve to lose your account. I know that is harsh but seriously the very basics of on-line is: never share personal information. If you go a step further and share your back up security measures without confirming, you are begging to be hacked.
If you want a new idea, go read an old book.
In order to be insulted, I must first value your opinion.