Please clear your blacklist!

Quote:

---

Originally Posted by Spoolx

/snip

---

do you visit sites with ads? You know even the best sites can be hacked and or if there are ads in them those ads can contain virus' key loggers and anything malicious to them. Also with the people going on about Phishing emails... seriously if it's asking you to sign in or asking you for your password you AUTOMATICALLY know it's a phishing email. Remember and square enix has said this multiple times. They will NEVER send any email asking you for your password and I can spot a phishing email a mile away. (they're just as bad as the lottery emails or the ones about the relative in Nigeria dying though those are hilarious to read most of the time due to terrible grammar)

Quote:

---

Originally Posted by Animation

I'm currently lodestoning people with normal names and if there account seems somewhat decent then I'll unblacklist it.

---

Sounds like a lot of work

are you sure you can get your account back after being hacked?
i don't have a long blacklist (hence i'm on a JP server), but i realize that some of them have disappeared
i remember that i have at least 5 or 6 on my blacklist, but yesterday i only saw 2 left
did SE delete them or something?

Um...nope.

I never blacklist anyone for the exact reason OP mentioned. I did, however, get about ten tells over the course of today from someone who seemed to have a normal name. I was tempted to blacklist this person, but honestly more surprised that they weren't reported/suspended over the course of a very long day. It's pretty sad that the RMT spam is so rampant in this game... I mean, it exists in every MMO but I thought it would die down a little bit with time. I guess all the 'hacked' people are going to have to start grabbing security tokens (or smartphone apps) to put this to an end. I've heard of a few RARE cases where people with one-time security passwords are getting hacked, but it's far less frequent than when you have no token at all...

And by the way, to the people claiming it's ridiculous that you are getting hacked... There are scripts people used to 'crack' passwords. My WoW account was once hacked over two years after the last time I logged in. To make things even more interesting, I did not share my e-mail/login/password on that account with any other account I have. How a hacker got my password TWO YEARS after the last time I played (which was on a DIFFERENT computer entirely) is beyond me. It happens, though. So don't be so quick to judge.

All you people saying "I'll clear my blacklist when it says <Deleted>" are missing the point. People who recover their accounts after they've been compromised will never show up as Deleted, because they don't get deleted. They got their character back.

Quote:

---

Originally Posted by Xehlwan

Stuff.

---

Totally false. While it CAN mean that someone is lucky...it absolutely can mean that someone is too smart to have it happen.

Don't blind people by telling them that there is no way to protect themselves. There absolutely is, and if you do everything right, no trojan/keylogger will ever make it into your computer. And no fake login will make it into your browser.

Heck, if you really wanted to go extreme you could even thwart keyloggers(assuming you let them make it into your computer) by having a word doc with your username and password in it that you copy and paste. A keylogger would be rendered useless.

In the end, computer safety IS within your hands. Nobody can do anything to your computer without you letting them.

Quote:

---

Originally Posted by Rhysati

In the end, computer safety IS within your hands. Nobody can do anything to your computer without you letting them.

---

Yeah, but you can't do anything about it when some other site is compromised and they get your info from that... Well, except never using the same username and password for any two logins, besides all of the stuff you mentioned, because if some site is compromised they probably have enough info to phish you more effectively, or possibly social engineer their way into your account.

security token... Even if they have my account name and password won't mean a damn thing. I suggest if you've been hacked already you look into getting one.

Why would I remove someone who was hacked from a blacklist?

There is a chance that such a hacked person was buying gold or power leveling.

Then if I do not have them on ignore, I might sell them something, and then when square enix investigates them, they will see the transaction, and ban my account.

Quote:

---

Originally Posted by Animation

I was typing out a reply about how people get hacked but I'm not going to bother. I'm currently lodestoning people with normal names and if there account seems somewhat decent then I'll unblacklist it.
Getting hacked is pretty pathetic in this time and age, I mean security on stuff is so high the only thing I can think of is a) Virus from downloading bots or buying gold or b) Very, very weak password.

It's nice to see you apologizing though, I do wish you'll take more precaution in the future.

---

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

Quote:

---

Originally Posted by Sylve

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

---

Which is why security tokens and account lockouts (say after 5 wrong guesses) are a good idea.

Quote:

---

Originally Posted by Sylve

To be fair, 'hacking' these days is done via bots that run every combination of letters and numbers currently usable by computers, doesn't matter how 'strong' your password is, its only a matter of time before a bot comes up with the right string to let it in.

---

I don't think they're brute force hacking peoples accounts... thats so inefficient...

Quote:

---

Originally Posted by Sovereign

Which is why security tokens and account lockouts (say after 5 wrong guesses) are a good idea.

---

But they're not perfect. Which is all I'm saying. You can be the safest guy in the world with strong AV, tokens and stupid long passwords changed daily, but you'll still get done in by a determined hacker. Just a matter of time.
I still think using Email addresses for Usernames was a bad bad idea. Usernames or logins were literally an extra password a potential hackbot needed to get right.
@Rydin,
No, maybe they're not brute forcing *all* the accounts, but i would wager many accounts are lost to it.

Quote:

---

Originally Posted by Spoolx

Lots of us were banned for RMT spam because our accounts were hacked, eventually we will be back online. My request is that you frequently clear your blacklist, especially if the name is a normal name and not just a jumble of characters.
There is no point keeping these names on your blacklist because they all get banned quick so you shouldn't see that name ever spam again.

---

The problem is that the name generator also generates realistic names. While I feel sorry for you that your account was compromised, I'm more than willing to take the chance that I've blacklisted 6 real players if it blocks 30+ gil sellers.

Quote:

---

Originally Posted by Pandemonium

You (and many others) seem to forget phishing and how rife that is.

You can't blame people for being gullible and falling for a phishing scam, then following the dodgy links and entering crucial information. These people are clearly legit players, if a little on the dim witted side - they don't all deserve to be written off as "RMT/Botting scum - you deserve my /blist!"

---

Yes, I can blame them. It's easy. [x] didn't bother looking at links before entering information no company should need to ask for. That would be their fault. I'm totally blaming them.

Quote:

---

Originally Posted by Sylve

But they're not perfect. Which is all I'm saying. You can be the safest guy in the world with strong AV, tokens and stupid long passwords changed daily, but you'll still get done in by a determined hacker. Just a matter of time.
I still think using Email addresses for Usernames was a bad bad idea. Usernames or logins were literally an extra password a potential hackbot needed to get right.
@Rydin,
No, maybe they're not brute forcing *all* the accounts, but i would wager many accounts are lost to it.

---

The reason brute force attacks are not reliably effective is that you can put a time sensitive authentication code on the account. If you're performing a brute force attack against an account with an even reasonably secure non-dictionary password the authenticator code should change before a Brute Force can reasonably work out that combination.

Quote:

---

Originally Posted by Naunet

I think you need to read this comic: http://xkcd.com/936/

---

This is hilariously true. I love the horse

What I can't stand is getting spam shouted by somebody that's already SUPPOSED to be on my blacklist, and I have to remove it and put it back on again.

Quote:

---

Originally Posted by Alkoun

I have over 100 blacklisted people, ALL of them RMT, and I add more every day.

I prefer to see a message from SE saying "we've banned" or "we've recovered X amount of RMT accounts" before I clear my list. I'm sorry, but please wait a little longer!

---

http://na.finalfantasyxiv.com/lodest...33498e43afd6f4

Period: Aug. 24, 2013 to Sep. 5, 2013
-Accounts receiving disciplinary action for RMT advertisement: 518 Accounts -Action Details: Permanent ban from FINAL FANTASY XIV

http://na.finalfantasyxiv.com/lodest...095a614312461a

Sep. 5, 2013 to Sep. 10, 2013 (PDT)
- Accounts receiving disciplinary action for RMT advertisement: 828 accounts
- Action Details: Permanent ban from FINAL FANTASY XIV

Your just missing them.

Quote:

---

Originally Posted by Animation

In all my years I have never fallen for a phish. Oh Square Enix is going to give me the best gear in the game all I have to do is give them my password and username? Seems legit.
They already have it & it's encrypted in their database nor do they need my account information to access my account.

Common sense just isn't common enough.

---

In all your years you've never fallen for a phish? WELL DONE SIR! *Slow Clap for you*

Oh wait, neither have I though! *Slow clap for me too*

Phishing isn't all about "Dear member, please reply with your account details and password so we can give you free relics..."

It is more about:

"Dear SE Member,
There have been attempts to hack your account, please log into here and change your password to a more secure one..."

Quote:

---

Originally Posted by Animation

I've been a website designer for awhile, which is probably why I don't fall for such pathetic hacking attempts.

---

Not everyone is a clued up as you, or has that privilege.

So don't be such a condescending arse-head just because you are smarter than some of the more gullible people out there. Yes, they may have fallen for a phish, quite innocently, which still means they don't deserve you and others writing them off as RMT/Cheaters/Pay2Winners etc.

Quote:

---

Originally Posted by moody

Yes, I can blame them. It's easy. [x] didn't bother looking at links before entering information no company should need to ask for. That would be their fault. I'm totally blaming them.

---

You are a really horrible person.

Not gonna happen.

Some of us have different skills in life, just because someone isnt a pro computer user doesnt make them an idiot.. I guarantee I have skills or know things that some of you pro computer guys dont. I am fairly proficient but as far as knowing about hacking or things like that I am weak.

Anyhow, this thread wasnt created for the elitist "I dont want to play with people that got hacked because theyre stupid or they are all gil buyers or cheaters" group of people, this post was made for the sensible players that might not have realized that certain people will eventually get their accounts back and that chances are if someone has been on your blacklist for a while that account has been banned (as long as it was for RMT spam).

Quote:

---

Originally Posted by ventlus

i doubt your name online is dkfdkfhdfkdfkhdhkf dkfhdjfkhkdfhkdhfkdk

i think its fine i keep them on their till it says deleted

---

I doubt the characters on banned accounts get deleted.

Quote:

---

Originally Posted by Kenze

I'm not clearing my blacklist until SE adds better filtering and make sit easier to report people.
maybe you should just ask for a name change.

---

name changes also change the names on the friendlist/blacklist

Quote:

---

Originally Posted by Felis

I doubt the characters on banned accounts get deleted.

---

They will, I have already removed a few entries from my blacklist that said <Deleted>.

They need to but in a spam filter in this game that works better than just changing the last 5 characters....

Quote:

---

Originally Posted by Calyanare

All you people saying "I'll clear my blacklist when it says <Deleted>" are missing the point. People who recover their accounts after they've been compromised will never show up as Deleted, because they don't get deleted. They got their character back.

---

And it is their own fault for loosing it. Every single 'hacked account' story usually boils down to they didn't use 2-factor, are not using AdBlock or no script to protect their browsing, or download questionable programs.

You only get off my blacklist if it says <Deleted>. Period.

@Shirai
The deleted names could be an rmt deleting to make space for more characters. I've got 89 names on my blacklist, of that I've only had about 5 saying deleted. They also aren't going to delete peoples characters if they are indeed hacked users.

Edit: Thought I'd hit the quote option...