Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Fuzzy Avatars Solved! Please re-upload your avatar if it was fuzzy!

Anybody else get their account hacked?

SatariousSatarious Kansas City, MOPosts: 1,075Member
ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

«1

Comments

  • SovrathSovrath Boston Area, MAPosts: 18,452Member Uncommon

    No.

    As soon as I saw the first "someone tried to change your password" e-mail, I changed the password (edit: by logging directly into A-Net's site) to something that I have never ever used before in my history of passwords (or any permutation) and made it pretty solid.

  • OcenicaOcenica Cocoa, FLPosts: 96Member
    So someone else requested an email change and they let it happen.  Just like that?
  • GrootGroot OKC, OKPosts: 87Member

    Maybe you should learn to use a seperate email for any game accounts, and complex passwords.

     

     

     

  • SatariousSatarious Kansas City, MOPosts: 1,075Member
    I never got those "somebody tried to change your password" emails.  I haven't even logged in or played the game since the early access.  This is the first time I've ever had an account hacked.  It just seems to me that they have a pretty flimsy security if an account can be hacked so easily.  It's almost as if somebody can just call their customer support, claim that they own this account, and change the email/password without any questions.

  • FadedbombFadedbomb Aiken, SCPosts: 2,081Member
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    Means they had access to your email address.

     

    I got one of these too but didn't change my password to see what would happen (to double check my email's security).

     

    Turns out it was just a random fool spamming email requests and he somehow had my email address on his list. Too bad I use different passwords for my game accounts, email accounts, and forum accounts.

     

    Neither 3 types have the same pass, and I cycle my email password to something new once every 3months. :)

    The Theory of Conservative Conservation of Ignorant Stupidity:
    Having a different opinion must mean you're a troll.

  • BrokenSpoonBrokenSpoon LondonPosts: 205Member

    Hi! :D

    The Reddit below is explaining the issue! 

    http://www.reddit.com/r/Guildwars2/comments/z3qqm/guild_wars_2_status_thursday_august_30/

    Hope this explains a little more. 

    All hail the Barn Owl! oh.. and the RED SQUIRREL!!!

  • st3v3b0st3v3b0 Gainesville, FLPosts: 147Member Uncommon
    Has zero to do with ArenaNets security, but the lack of security on your part.  Whether it is a commonly used email address and/or unsecure password.
  • Atlan99Atlan99 Calgary, ABPosts: 1,323Member
    It definitely seems like Arenanet good have done a better job here. Most recent mmo releases have offered extra security. Hopefully they will learn from this and implement better measures.
  • DeathengerDeathenger atco, NJPosts: 462Member Uncommon
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    Yes its very sad in this day and age when people still do not know the basics of internet security. I would think that a gamer would have an "above the normal internet user" awareness on what needs to be done to keep their accounts secure.

    Phishers gonna fish and there is always someone to take the bait.

  • WorstluckWorstluck the valley, CAPosts: 1,269Member
    Originally posted by Satarious
    I never got those "somebody tried to change your password" emails.  I haven't even logged in or played the game since the early access.  This is the first time I've ever had an account hacked.  It just seems to me that they have a pretty flimsy security if an account can be hacked so easily.  It's almost as if somebody can just call their customer support, claim that they own this account, and change the email/password without any questions.

     

    Don't use the same password and email combo for multiple things.  You more than likely had the same password for your email as you did with the game and other sites..someone got that email and password combo from somewhere and that is all they need.  It's got nothing to do with Anet's account security.  It sucks, sorry not trying to be dink, but it's pretty common.  I am pretty sure I lost access to battle.net account  a while back to this same issue. 

    image

  • bound4hadesbound4hades Bolingbrook, ILPosts: 74Member Uncommon
    My guildmate also got the "change password request" and as soon as he got one, changed passwords with no other problems. They claim its not their doing, its hackers getting the info from other fansites and just recycling other games usernam/passwords.
  • SatariousSatarious Kansas City, MOPosts: 1,075Member
    Originally posted by Deathenger
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    Yes its very sad in this day and age when people still do not know the basics of internet security. I would think that a gamer would have an "above the normal internet user" awareness on what needs to be done to keep their accounts secure.

    Phishers gonna fish and there is always someone to take the bait.

    I haven't played an online game for about two years before I got this game.  I highly doubt that my username/password was phished from another game.  And no, I haven't foolishly responded to the typical phishing scams.  I've gotten plenty of those way back when I was playing World of Warcraft and those would always go directly to the trash bin.  The fact is that I have NEVER had my account hacked before.  It just seems a little suspicious that it happened so easily this time when I haven't played the game for awhile and without my knowledge.

  • teakboisteakbois Parlin, NJPosts: 2,154Member
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    I love how he goes and blames arenanet for something thats his fault.

     

    Although I do think authenticators should be standard and Arenanet could have better prevention, this has zero to do with their security.

  • teakboisteakbois Parlin, NJPosts: 2,154Member
    Originally posted by Satarious
    Originally posted by Deathenger
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    Yes its very sad in this day and age when people still do not know the basics of internet security. I would think that a gamer would have an "above the normal internet user" awareness on what needs to be done to keep their accounts secure.

    Phishers gonna fish and there is always someone to take the bait.

    I haven't played an online game for about two years before I got this game.  I highly doubt that my username/password was phished from another game.  And no, I haven't foolishly responded to the typical phishing scams.  I've gotten plenty of those way back when I was playing World of Warcraft and those would always go directly to the trash bin.  The fact is that I have NEVER had my account hacked before.  It just seems a little suspicious that it happened so easily this time when I haven't played the game for awhile and without my knowledge.

    Honestly answer this:  did you use the same password for gw2 that you used for WoW or any internet forum?

  • SatariousSatarious Kansas City, MOPosts: 1,075Member
    Originally posted by teakbois
    Originally posted by Satarious
    ArenaNet's security must be piss poor.   All it took was a request to change the email address on my account.  Sad.

    I love how he goes and blames arenanet for something thats his fault.

     

    Although I do think authenticators should be standard and Arenanet could have better prevention, this has zero to do with their security.

    I bet you won't be so quick to blame the victim when YOU are the victim despite all your safeguards.  The fact is, you don't have much control over your own personal online security as long as it's sitting on some database somewhere.  I guess you haven't heard about all these company websites being hacked with millions of credit card numbers being stolen.

  • majimaji ColognePosts: 1,994Member Uncommon
    In more than 15 years of MMORPGs? Nope, never got any account hacked.

    Let's play Fallen Earth (blind, 300 episodes)

    Let's play Guild Wars 2 (blind, 45 episodes)

  • emestoemesto HarkPosts: 55Member
    Hacking is just a fact of life. People will always find ways to get round any security measures. 
  • WarWitchWarWitch charlotte, NCPosts: 104Member Uncommon

    To make matters worse several people have waited  a week and not even gotten a responce from their support team.

     

  • SatariousSatarious Kansas City, MOPosts: 1,075Member
    Originally posted by maji
    In more than 15 years of MMORPGs? Nope, never got any account hacked.

    I haven't either.  This is the first time.  I doubt if it was any act of negligence on my part.  ArenaNet claims that it's a result of email address/passwords being harvested from "other games".  If that is the case, why is this the first time I've ever ran into this problem when I've played a variety of MMOs in the past?

  • miguksarammiguksaram Fort Meade, MDPosts: 826Member Uncommon

    Say what you will but the ONLY time I had any account I owned hacked (OLD WoW account) I was totally at fault for buying gold from a farmer site.  From that point on I have made myself wise in the ways of MMO phishing and unless you are a complete virgin (and like all virgins while you may never get it back, if it was a mistake you are forgiven), it's your own fault pure and simple.

    MMO 101:

    1. You receive an email from an unknown source that appears to be from a company you either a. own a game with, or b. have registered with in the past.  What do you do?  

    A. Login from the main homepage said account is suppose to be associated with to ensure the email which you received is legit.  Whatever you do, DO NOT CLICK ANY LINKS in the email sent to you.

    B. After doing the above ensure no date you orignally entered has been altered and in the case it has be sure to change it back  to it's required state and not only report this to the site admin but also change your private information (this can include PW, PW recall questions and in some cases CC information.  The last is MOST important).

    C.  If the above happened you need to be cautious of the fact your personal information (email, name, birthdate, SSN, bank account, credit card number, etc.  MAY have been comprimised in which case the best course of action is contact any/all companies/associations that have such data (to your knowledge) and request any further transactions in your name be denied/cancelled.  You may also wish (recommended if you aren't sure) to contact a fraud prevention business to ensure the potential problem hasn't gotten further than I have explained above.

    There are a LOT more steps in prevention of account theft that I don't feel like explaining at this time but the bottom line is this, if it happens to you there is a 99.9% (yes hackers such as anonymous have been active lately but if you believe they are targeting your GW2 account you serioulsy have bigger issue at hand) chance you made a mistake somewhere and THAT is why it occured.  At which point, as much as it sucks, you are at the burden of proof!

  • Loke666Loke666 MalmöPosts: 17,949Member Uncommon

    I blame NC soft, their policy of having username and Email the same is begging for it.

    Still, OP ÿou need to be more careful. I bet someone hacked your mail.

  • SatariousSatarious Kansas City, MOPosts: 1,075Member
    Originally posted by miguksaram

    Say what you will but the ONLY time I had any account I owned hacked (OLD WoW account) I was totally at fault for buying gold from a farmer site.  From that point on I have made myself wise in the ways of MMO phishing and unless you are a complete virgin (and like all virgins while you may never get it back, if it was a mistake you are forgiven), it's your own fault pure and simple.

    MMO 101:

    1. You receive an email from an unknown source that appears to be from a company you either a. own a game with, or b. have registered with in the past.  What do you do?  

    A. Login from the main homepage said account is suppose to be associated with to ensure the email which you received is legit.  Whatever you do, DO NOT CLICK ANY LINKS in the email sent to you.

    B. After doing the above ensure no date you orignally entered has been altered and in the case it has be sure to change it back  to it's required state and not only report this to the site admin but also change your private information (this can include PW, PW recall questions and in some cases CC information.  The last is MOST important).

    C.  If the above happened you need to be cautious of the fact your personal information (email, name, birthdate, SSN, bank account, credit card number, etc.  MAY have been comprimised in which case the best course of action is contact any/all companies/associations that have such data (to your knowledge) and request any further transactions in your name be denied/cancelled.  You may also wish (recommended if you aren't sure) to contact a fraud prevention business to ensure the potential problem hasn't gotten further than I have explained above.

    There are a LOT more steps in prevention of account theft that I don't feel like explaining at this time but the bottom line is this, if it happens to you there is a 99.9% chance you made a mistake somewhere and THAT is why it occured.  At which point, as much as it sucks, you are at the burden of proof!

    The fact that this is currently a huge issue and that ArenaNet has to put out a notice on it (http://www.reddit.com/r/Guildwars2/comments/z3qqm/guild_wars_2_status_thursday_august_30/) leads me to believe that there's something MORE going on here than just simple negligence on the customer's part.  Normally, I would just chalk it up to a lot of ignorant people responding to phishing scams, but I know for a fact that I never received an email even remotely related to Guild Wars 2 until I got the email telling me that my email address was changed.

  • miguksarammiguksaram Fort Meade, MDPosts: 826Member Uncommon
    Originally posted by Satarious
    Originally posted by miguksaram

    Say what you will but the ONLY time I had any account I owned hacked (OLD WoW account) I was totally at fault for buying gold from a farmer site.  From that point on I have made myself wise in the ways of MMO phishing and unless you are a complete virgin (and like all virgins while you may never get it back, if it was a mistake you are forgiven), it's your own fault pure and simple.

    MMO 101:

    1. You receive an email from an unknown source that appears to be from a company you either a. own a game with, or b. have registered with in the past.  What do you do?  

    A. Login from the main homepage said account is suppose to be associated with to ensure the email which you received is legit.  Whatever you do, DO NOT CLICK ANY LINKS in the email sent to you.

    B. After doing the above ensure no date you orignally entered has been altered and in the case it has be sure to change it back  to it's required state and not only report this to the site admin but also change your private information (this can include PW, PW recall questions and in some cases CC information.  The last is MOST important).

    C.  If the above happened you need to be cautious of the fact your personal information (email, name, birthdate, SSN, bank account, credit card number, etc.  MAY have been comprimised in which case the best course of action is contact any/all companies/associations that have such data (to your knowledge) and request any further transactions in your name be denied/cancelled.  You may also wish (recommended if you aren't sure) to contact a fraud prevention business to ensure the potential problem hasn't gotten further than I have explained above.

    There are a LOT more steps in prevention of account theft that I don't feel like explaining at this time but the bottom line is this, if it happens to you there is a 99.9% chance you made a mistake somewhere and THAT is why it occured.  At which point, as much as it sucks, you are at the burden of proof!

    The fact that this is currently a huge issue and that ArenaNet has to put out a notice on it (http://www.reddit.com/r/Guildwars2/comments/z3qqm/guild_wars_2_status_thursday_august_30/) leads me to believe that there's something MORE going on here than just simple negligence on the customer's part.  Normally, I would just chalk it up to a lot of ignorant people responding to phishing scams, but I know for a fact that I never received an email even remotely related to Guild Wars 2 until I got the email telling me that my email address was changed.

    I'm not calling you a liar but the information I presented has been true the VAST majority of the time no matter what the instance.  What MANY fail to realize is that a LOT of these phishing attempts do not take into effect until YEARS later knowing that the average person simply reuses the same name/PW year in/year out.

    Yes, there are always loopholes in the system, no matter what program is used.  But do intelligent people honestly believe that spending the time to figure out how to hack the account of a gamer (who according to you isn't making the normal mistakes) who's interest is in a game which is buy to play, thus could be perceived at tight compared to a pay to play customer, is really worth their time and effort?  I mean really?  If you had that kind of skill, devotion why the hell waste it on the B2P community as a whole, especially a new release that is sure to be bring a LOT of media attention.  Sometimes I wonder about todays society.

  • LethalJaxxLethalJaxx NijmegenPosts: 105Member
    You're all blaming the OP for having his account hacked, but let's be honest here, making your email account your GW2 user account is a very strange decision by ANet, removing a door for hackers. email databases are traded for a lot of money for many uses. So now in stead of somehow getting your user name as well, all hackers need to do is bomb GW2 login with those email databases, and profit. The authenticator is a nice try, but if they have access to your email, they'll have access to your account. Plain. Simple. There is no other barrier of security. The only security GW2 relies on, is the security provided by your email provider.
  • Loke666Loke666 MalmöPosts: 17,949Member Uncommon
    Originally posted by Satarious

    The fact that this is currently a huge issue and that ArenaNet has to put out a notice on it (http://www.reddit.com/r/Guildwars2/comments/z3qqm/guild_wars_2_status_thursday_august_30/) leads me to believe that there's something MORE going on here than just simple negligence on the customer's part.  Normally, I would just chalk it up to a lot of ignorant people responding to phishing scams, but I know for a fact that I never received an email even remotely related to Guild Wars 2 until I got the email telling me that my email address was changed.

    Noone is actually blaming you but lets focus on fixing the damage instead. At least it was just a few days silver they can take from you.

    Get a secure Email just for the game, and preferably a POP3 mail instead of a hotmail (which do have the worst security around). Get NC softs support to give you back control and change all your safety settings.

    Never use the mail somewhere else.

    POP3 servers are generally a lot more secure but as soon as you post it anywhere you are at risk.

    And yes, I been hacked myself and know that it sucks, it was in GW1 though but I also know how to avoid it since then.

«1
This discussion has been closed.