Account got hacked yesterday

Printable View

Show 40 post(s) from this thread on one page

09-06-2013, 03:31 AM
Kaes

Quote:

Originally Posted by neoreturn

I like blizzard security system.

I like how Square Enix included this with the CE.

http://i.imgur.com/a2dMCtm.jpg
09-06-2013, 03:32 AM
Molly_Millions

Quote:

Originally Posted by HamHam

One of the things I have asked SE to do is to unregister my token. I lost my token and have bought a new one, but in order to remove my lost token, I have to use a code generated by that said lost token. Which is not possible, since I DON'T HAVE THE ORIGINAL TOKEN...

But, so far, all I get is:

"Dear Customer,

Due to the overwhelming volume in regards to the upcoming launch of FINAL
FANTASY XIV: A Realm Reborn, we have been regretfully unable to respond to your
request within the expected 48 hours. Because of this, your ticket has been
closed in order to prioritize time-sensitive issues being reported during Early
Access. If you have not yet found a self-resolution for your issue, we ask that
you create another ticket after searching our Knowledge Base. Please also select
the best category and sub-category pertaining to your issue for accurate
delivery of your ticket.

We sincerely apologize this inconvenience and thank you for your understanding.

Thank you,
The SQUARE ENIX Support Center"

So, I'm having a back and forward with this.

I don't want to be on the same situation as the OP. I hope SE doesn't kick back my second email.

You need to call. In my experience they cannot handle this via email.
09-06-2013, 03:42 AM
Xatsh

Guide to Never (or almost never) being hacked:

1) Do not use internet explorer ever
2) Make sure you have a script blocked installed on your internet browser (firefox or crome)
3) Do not use the same password as every other site you visit
4) Use a 1 time password (renders nearly all key-loggers irrelevant)
5) Never let a friend or anyone else use your account
6) Do not use rmt leveling services (this should be a given, that and you can be banned for doing it)
7) Check hyperlinks to make sure it is legit. example if it is this test . com and when you hover over it and it says www test .asia.facesmashkeys.com do not click on it.

I heard norton mentioned, the truth about virus scanners is this. If the virus ID is not in the virus scanner it will not be detected. If you use one of the big ones Norton/McAfee for example most talented coderspe writing programs to steal your stuff will test thier virus to make sure those scanners do not detect it. Most keyloggers on sites are Java Script based, script blockers while annoying will nearly 100% block them... I never got another virus since I started using them... do not want to say 100% because I believe that is impossible.
09-06-2013, 03:55 AM
Huginn

in FFXI, before the RSA tokens were available, I was hacked by an exploit in Adobe Flash Player. This happened just after Adobe acquired Flash from Macromedia. The site "Somepage.com" had an infected ad that targeted users of FFXI and i had an outdated version of Flash. It need not be the traditional "keylogger" to take your account info.

In short, the Security Token is invaluable. The mobile phone security application is a good start, but it can be hacked as well, your physical token can not be remotely hacked (with the very rare exception of a breach of the original keys, which should not be exposed in the first place.)

If you use your mobile phone and the security application on it... DO NOT EVER log into any SE account page on your phone, EVER! if you do not allow an attacker to know what account your key is good for, then even knowing your key does not allow them access.
09-06-2013, 04:01 AM
HamHam

Quote:

Originally Posted by Molly_Millions

You need to call. In my experience they cannot handle this via email.

Thanks I will try to do that. Hopefully I'm not stuck on the 2 hour waiting period I've heard ppl have had.
09-06-2013, 04:03 AM
Xatsh

Quote:

Originally Posted by Huginn

snip

somepage got me as well, that is what got me off explorer and using noscript. Worst experience ever. 2 weeks of arguing with SE on the phone ( over 20hrs of calls and being hold) and them telling me nothing I can do, finally got 1 person with common sense who at least reset my password. To find out I had all my gil stolen (thankfully no gear yet) and $50 real life money stolen from me from illegit transfers that SE refused to reverse of give me a refund on (they even admitted it was when I was hacked on the phone......). SE told me if I did a charge back they would perma ban my account... so I was forced to eat it.

After I finally got the account back I had to wait 3 rl months to play with my guild on my main account again due to the transfer cooldown.

To note I do hand it to SE, while their customer service is still subpar in response time and such... it is 1000 fold better then it use to be back in the day.

My advice is GET THE TOKEN... the 2secs to input the code is more then worth the potential nightmare for not using it.
09-06-2013, 05:15 AM
Kayo

I use the OTP but it comes with its own risk. Losing it or breaking/losing your phone = even bigger headache, at least with a hack you can change your password, virus check, and continue playing. When I set up mine it pretty much said to come up with a master password to remove the OTP from my account should I ever need to. Kind of defeats the purpose if you ask me .... /shrug.

Still worth it IMO, just saying, take care of your code gen, be it one your phone or the pchysical one. And make sure you remeber to turn it off before you switch phones.
09-06-2013, 06:38 AM
Chaneke

Quote:

Originally Posted by HamHam

One of the things I have asked SE to do is to unregister my token. I lost my token and have bought a new one, but in order to remove my lost token, I have to use a code generated by that said lost token. Which is not possible, since I DON'T HAVE THE ORIGINAL TOKEN...

It's actually a different code. It's not generated by the token. When you get access to your account you can see the removal password or removal code or w/e is the name. If you don't have it or didn't save it somewhere (which probably you didn't), you must wait for SE to remove it for you. Sorry for you pal.
09-06-2013, 06:46 AM
Chaneke

Quote:

Originally Posted by Kittra

I have a question. How did you make 20 million gil in around 50 days back when the game was literally still version 1.0, with a highest battle class of 34 Pugilist max, and a highest craft class of 34 Blacksmith max?

*On a more serious note*
You realize they reduced everyone's gil to 1/10th the original right? (Having 2 million gil in 2 months I can believe.)

Yeah that's true.. I got a lot of gil by selling crafting weapons (blsm here, 37 only tho... and played for around 4-5 months). And I barely managed to get around 10... and I was really selling a lot...

Show 40 post(s) from this thread on one page