Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Fuzzy Avatars Solved! Please re-upload your avatar if it was fuzzy!

These hackers got our emails from one of these websites.

rimaxo14rimaxo14 chicopee, MAPosts: 118Member
So these hackers got our emails somehow hmmm i wonder from which Website! 

EVGA FTW-3 MOBO X58
EVGA GTX 580
G.SKILL RIPJAW 12GB
INTEL I7 950
CORSAIR H70 CPU COOLER
CORSAIR 1200W 80+GOLD

image

Comments

  • LoktofeitLoktofeit Stone Mountain, GAPosts: 13,670Member Uncommon
    Originally posted by rimaxo14
    So these hackers got our emails somehow hmmm i wonder from which Website! 

    Any of the databases floating around from last year's hackings would be a good guess.

    There isn't a "right" or "wrong" way to play, if you want to use a screwdriver to put nails into wood, have at it, simply don't complain when the guy next to you with the hammer is doing it much better and easier. - Allein
    "Graphics are often supplied by Engines that (some) MMORPG's are built in" - Spuffyre

  • ReizlaReizla AlkmaarPosts: 3,301Member Uncommon

    Let me give you a small list of big hack the last 5 years:

    • AionBlah - was hacked a year before Aion's release and eMail addresses were stolen
    • SOE - April last year, all eMail addresses were stolen. SOE claims they were from 2007, but I doubt that
    • Battle.NET - only recently. All current eMail addresses were stolen
    Enough choice of sources where those 'hackers' (phishers actually) might have gotten your eMail address from...

    AsRock 990FX Extreme3
    AMD Phenom II 1090T ~3.2Ghz
    GEiL 16Gb DDR3 1600Mhz
    ASUS GTX970 3x HD monitor 1920x1080

  • WickedjellyWickedjelly Yahoo, COPosts: 4,990Member
    Battle.net was pretty significant. God knows how many e-mails and other info the hackers got from that one.

    1. For god's sake mmo gamers, enough with the analogies. They're unnecessary and your comparisons are terrible, dissimilar, and illogical.

    2. To posters feeling the need to state how f2p really isn't f2p: Players understand the concept. You aren't privy to some secret the rest are missing. You're embarrassing yourself.

    3. Yes, Cpt. Obvious, we're not industry experts. Now run along and let the big people use the forums for their purpose.

  • RavenRaven LondonPosts: 1,974Member Uncommon

    I will just that is pretty much near impossible for anyone to access your account through YOU resetting your password. It seems more like they are checking to see if you have an account or something, no idea if the website warns you if the email is does have an account or not ( it shouldnt if it does ). 

    So I would expect lots of phishing emails coming in soon after.

    image

  • NaqajNaqaj Frankfurt am MainPosts: 1,673Member

    No, but they could get access to your mail account as well. I was hacked due to that a few years ago. Made the age old mistake of reusing the password. Learned my lesson though.

    Got a lot of change password requests today too, so I just changed the email. Problem solved.

  • AdoniAdoni Tucson, AZPosts: 349Member Uncommon
    I keep getting emails requesting to change my Guild Wars 2 password, and I don't even own the game.

    image
  • LoktofeitLoktofeit Stone Mountain, GAPosts: 13,670Member Uncommon
    Originally posted by Raven

    I will just that is pretty much near impossible for anyone to access your account through YOU resetting your password. It seems more like they are checking to see if you have an account or something, no idea if the website warns you if the email is does have an account or not ( it shouldnt if it does ). 

    It returns a failure message if the email address isn't valid. I think you're spot on in that they are likely building a new master list of valid addresses to work from.

    So I would expect lots of phishing emails coming in soon after.

    We can bank on it.

     

    There isn't a "right" or "wrong" way to play, if you want to use a screwdriver to put nails into wood, have at it, simply don't complain when the guy next to you with the hammer is doing it much better and easier. - Allein
    "Graphics are often supplied by Engines that (some) MMORPG's are built in" - Spuffyre

  • RavenRaven LondonPosts: 1,974Member Uncommon
    Originally posted by Loktofeit
    Originally posted by Raven

    I will just that is pretty much near impossible for anyone to access your account through YOU resetting your password. It seems more like they are checking to see if you have an account or something, no idea if the website warns you if the email is does have an account or not ( it shouldnt if it does ). 

    It returns a failure message if the email address isn't valid. I think you're spot on in that they are likely building a new master list of valid addresses to work from.

    So I would expect lots of phishing emails coming in soon after.

    We can bank on it.

     

    Just realized how broken my english was on that  post :P

    Anyway I will add that if you have a google mail account and if you want to be on the safe side turn on the 2 step verification, it means you can authorize your home/work computer and android/iphone if you have one for full access without worries but any other new device needs to be authorized through a code they send you on a text message to your phone.

    image

  • UruktosUruktos EskisehirPosts: 153Member

    Last NCsoft game I purchased was Aion, today I found 2 Guild Wars 2 account password reset requests on my email. Thankfully I use different passwords everyone, but it was still a bit unsettling.

    If you use similar passwords on different accounts, change now.

    I know it wasn't Battle.net because I only ever played on EU, hackers stole US emails only afaik. I do have a SOE account on the same email, so its either that, or Aionsomething.com. I'd say its more likely it was that Aion site, SOE had 25 million accounts stolen, a lot of that would be hit and miss and wouldn't give accurate enough results for the hackers, on the other hand if you registered to a fan forums, you're probably more involved and more likely to try out the latest MMO's.

    It could be result of an entirely different leak, but I highly doubt that because I have 2 Guild wars 1 accounts, and the request was recieved from the account that also has Aion.

    Edit: Just to clarify, I haven't been involved in Guild Wars 2 events, last MMO I've played was EVE Online, I haven't recieved any phishing emails or anything, so its definitely has something to do with stolen emails.

  • jinxxed0jinxxed0 columbia, SCPosts: 838Member
    Originally posted by Raven
    Originally posted by Loktofeit
    Originally posted by Raven

    I will just that is pretty much near impossible for anyone to access your account through YOU resetting your password. It seems more like they are checking to see if you have an account or something, no idea if the website warns you if the email is does have an account or not ( it shouldnt if it does ). 

    It returns a failure message if the email address isn't valid. I think you're spot on in that they are likely building a new master list of valid addresses to work from.

    So I would expect lots of phishing emails coming in soon after.

    We can bank on it.

     

    Just realized how broken my english was on that  post :P

    Anyway I will add that if you have a google mail account and if you want to be on the safe side turn on the 2 step verification, it means you can authorize your home/work computer and android/iphone if you have one for full access without worries but any other new device needs to be authorized through a code they send you on a text message to your phone.

    Yeah I've been telling people that as well. That feature is pretty great. Changing your email for your GW2 account is probably a good idea as well for when theor sneaky phising emails come along. The legit emails will go to that new email and the fake ones will go to your current email address. It's a hassle But it seems like it'll be needed for things that are getting so much attention.

  • RavenRaven LondonPosts: 1,974Member Uncommon
    Originally posted by Nickless_man

    Last NCsoft game I purchased was Aion, today I found 2 Guild Wars 2 account password reset requests on my email. Thankfully I use different passwords everyone, but it was still a bit unsettling.

    If you use similar passwords on different accounts, change now.

    I know it wasn't Battle.net because I only ever played on EU, hackers stole US emails only afaik. I do have a SOE account on the same email, so its either that, or Aionsomething.com. I'd say its more likely it was that Aion site, SOE had 25 million accounts stolen, a lot of that would be hit and miss and wouldn't give accurate enough results for the hackers, on the other hand if you registered to a fan forums, you're probably more involved and more likely to try out the latest MMO's.

    It could be result of an entirely different leak, but I highly doubt that because I have 2 Guild wars 1 accounts, and the request was recieved from the account that also has Aion.

    It could be a million things by now, I have had the same email address since pretty much the stone age of the internet, so it is gonna be hard to pin point where it went public, hell I give out my email address on cards sometimes so I mean its out there, that however isnt enough to get me worried, anyone can go and put my email address into the reset box, unless I give them my password or they already have my email password there is no chance they are going to access it.

    image

  • UruktosUruktos EskisehirPosts: 153Member
    Originally posted by Raven
    Originally posted by Nickless_man

    Last NCsoft game I purchased was Aion, today I found 2 Guild Wars 2 account password reset requests on my email. Thankfully I use different passwords everyone, but it was still a bit unsettling.

    If you use similar passwords on different accounts, change now.

    I know it wasn't Battle.net because I only ever played on EU, hackers stole US emails only afaik. I do have a SOE account on the same email, so its either that, or Aionsomething.com. I'd say its more likely it was that Aion site, SOE had 25 million accounts stolen, a lot of that would be hit and miss and wouldn't give accurate enough results for the hackers, on the other hand if you registered to a fan forums, you're probably more involved and more likely to try out the latest MMO's.

    It could be result of an entirely different leak, but I highly doubt that because I have 2 Guild wars 1 accounts, and the request was recieved from the account that also has Aion.

    It could be a million things by now, I have had the same email address since pretty much the stone age of the internet, so it is gonna be hard to pin point where it went public, hell I give out my email address on cards sometimes so I mean its out there, that however isnt enough to get me worried, anyone can go and put my email address into the reset box, unless I give them my password or they already have my email password there is no chance they are going to access it.

    I use 3 emails specifically for gaming, yes It could've been a million other things, but the accuracy of the attacks suggests hackers have high signal to noise ratio, which can only mean they have some sort of list from at least one source.

    You cannot try millions of email without completely getting blocked or shutting down the website through ddos.

  • RavenRaven LondonPosts: 1,974Member Uncommon
    Originally posted by Nickless_man
    Originally posted by Raven
    Originally posted by Nickless_man

    Last NCsoft game I purchased was Aion, today I found 2 Guild Wars 2 account password reset requests on my email. Thankfully I use different passwords everyone, but it was still a bit unsettling.

    If you use similar passwords on different accounts, change now.

    I know it wasn't Battle.net because I only ever played on EU, hackers stole US emails only afaik. I do have a SOE account on the same email, so its either that, or Aionsomething.com. I'd say its more likely it was that Aion site, SOE had 25 million accounts stolen, a lot of that would be hit and miss and wouldn't give accurate enough results for the hackers, on the other hand if you registered to a fan forums, you're probably more involved and more likely to try out the latest MMO's.

    It could be result of an entirely different leak, but I highly doubt that because I have 2 Guild wars 1 accounts, and the request was recieved from the account that also has Aion.

    It could be a million things by now, I have had the same email address since pretty much the stone age of the internet, so it is gonna be hard to pin point where it went public, hell I give out my email address on cards sometimes so I mean its out there, that however isnt enough to get me worried, anyone can go and put my email address into the reset box, unless I give them my password or they already have my email password there is no chance they are going to access it.

    I use 3 emails specifically for gaming, yes It could've been a million other things, but the accuracy of the attacks suggests hackers have high signal to noise ratio, which can only mean they have some sort of list from at least one source.

    You cannot try millions of email without completely getting blocked or shutting down the website through ddos.

    Ohh yeah I completely agree with you, it has come from somewhere, by some website selling my details on or by them being hacked, but to pinpoint where it came from its going to be hard. Because while there are these high profile cases we know of, smaller websites probably get hacked more often and do not really make it public.

    image

  • LeodiousLeodious Abingdon, VAPosts: 773Member

    If you have been "hacked," if you can access your NCSoft Master Account using your account username (not the NC email) then you can save your account. Whoever is doing this is not changing the NC master stuff, apparently.

    If you can log in to your NC account, you can see the email for your Guild Wars (and 2, if they are linked) accounts. You can also change the password for your GW account. Knowing the new email and having changed the password, you can log into the guildwars2 website and change your email to something else (I would NOT use the same email as before).

    If this works, you should change your GW password, your NCSoft password, and any other game passwords that are the same or similar. Having breached you once, they are more likely to try again to get that account in the near future. It would also be a good idea to update your security questions at NCSoft, and de-authorize all locations. You might also want to change any fansite passwords to a third, different password to prevent future attempts later. Remember to make fansite passwords and game passwords different, and make those different from master account passwords. Make all these different from real-world services like banking. You can never be too safe, and even if you have several passwords like I do, it is better safe than sorry.

    "There are two great powers, and they've been fighting since time began. Every advance in human life, every scrap of knowledge and wisdom and decency we have has been torn by one side from the teeth of the other. Every little increase in human freedom has been fought over ferociously between those who want us to know more and be wiser and stronger, and those who want us to obey and be humble and submit."

    — John Parry, to his son Will; "The Subtle Knife," by Phillip Pullman

  • majimaji ColognePosts: 2,003Member Uncommon

    I don't know. As I said, I play MMORPGs since about 15 years, and never got hacked. Never had to use any authenticators either.

    • don't give any login information of your account to anyone (I guess that about two third of the MMORPGs do this anyway)
    • don't click open mails or click on links of that MMORPG unless you expected them. If it looks interesting, don't open that mail anyway, but check out the official site, if there is any information about what sparked your interest
    • don't use the same password for everything
    • don't use an easy to guess password
    • change your password every once in a while
    • don't go to any websites people in the game tell you to check out
    • don't believe people who tell you that you won something, and have to do something to claim your prize
    • don't install mods and addons unless you are 100% sure that you know what they do. Quite a number of them include viruses, trojan horses or whatnot
    • have an up to date virus scanner, that costs a bit of money. Not the crappy cheap ones
    • have an up to date OS
    • don't use internet explorer
    • have an up to date browser
    • about those security questions, like "name of your birthplace": try to use custom ones only you can answer. If not possible, choose those that people can't guess, despite googling your name. Birthplace is a crappy security, for example.
    Well, and some other things. I guess that 95% or more of the people who play MMORPGs don't follow that list, because they think "meh, too much work". *shrugs* I never got hacked in any game ever.

    Let's play Fallen Earth (blind, 300 episodes)

    Let's play Guild Wars 2 (blind, 45 episodes)

  • redman875redman875 illinois, ILPosts: 230Member

    Anyone who has actually talked to these scum gold farmers will tell you there is one perferd way they get your account.

     

    They hack a 3rd party site.  They then basically check the email and password and run them through the game in hopes that some idiot used the same email and password as a log in.  Its how so many Diablo accounts got hacked. People blame viruses or bad security on the game publishers side.

    Truth is they get most their hacked accounts from dipping into a weak security 3rd party site you may be registerd to.  Then its basically a crap shoot to see who has used the same login info for the hacked site as the game they are trying to get into.

     

    PROTIP:  create a unique email address, user name, and password that is only used for registering to websites.  Never ever use the same email as you use for games to register to any website.  Never ue the same login name/user name or password.

     

This discussion has been closed.