Please clear your blacklist!

[Naunet]

Considering you most likely compromised your account in some way by downloading a bot or buying gil, I will not be unblacklisting people even if they're not really the ones spamming RMT. With the free software version of the one-time password for iOS and Android, there is no excuse for getting your account hacked.

Not everyone has a smartphone, just so you know.

[Huginn]

I was using the same password for my email, facebook etc because having multiple passwords can be a huge pain.

I play on PS3, and surf the forums from work(which is a huge company and the internet is pretty tight so I doubt I got a virus on my work computer) and I still got hacked.

all my email comes through my iphone.

you want to be an elitist jerk.

I left the parts of what you said that are likely responsible... if you are telling the truth.

Facebook, FACEBOOK??? you really use the same password for bookface as you use for your online gaming? AND it's the same password as your email? the same email i assume you use for your SE account???

here's a tip, do not use facebook on any computer that you do anything you do not want compromised. do not use facebook with any password or email address you do not want compromised. better yet, do not use facebook.

You sure sound like an elitist jerk to me, you casual elitist casual. do you see how i can throw around meaningless names too?

a secure password looks more like this: bwLH41ctKE½☻☺§█ and uses an RSA token

[Cigaran]

When the blacklist reads (Deleted), then they get removed. Until then, the names remain. While I've blacklisted my fair share of Yaskjdhfaa Lohklsuiren or Abbaskyyds Ghoiuhaslkeu, I've also blacklisted a fair share of twits that I have zero interest in seeing take up a single pixel on my monitor again.

I'm sorry that you got hacked and that as a result that you got blacklisted but there's sadly not a whole lot that can be done about it.

[Naunet]

a secure password looks more like this: bwLH41ctKE½☻☺§█

I think you need to read this comic: http://xkcd.com/936/

[amnie]

If someone was dumb enough to get hacked in the first place, do they have anything to say worth my time?

/elitist jerk mode :B

guess who just ended up on my blacklist :]

[xwmstormx]

Only 2 people on my blacklist at the moment..

Every day I delete the ones from the last couple days. Hasn't caused any issues or repeats.. yet..

So no worries from me, even though we are on different servers.

[MStowastiqVahlshdeh]

See, if you have a keylogger on your PC, you did something wrong to get it there.

Windows isn't magical, a hacker can't just run something on your PC. You have to let it run, or tell it to run.

This is a bit of a myth and a straight up misunderstanding of how computer exploits and security work. There are many many exploits to let someone run something on your system without your giving explicit permission. From scripting, to buffer overflows, to web browser leaks. Even in the very recent past there have been many simple exploits where adobe flash allowed for malicious code to bypass browsers. There are web exploits found all the time, and it is perfectly possible you can get hacked by a zero-day exploit just by clicking the very first result from an innocuous google search, and not know about it for weeks or months.

There is a reason that there are always new security patches to every operating system on a regular basis, and they are rarely released immediately after the exploit is discovered. In fact usually they are patches to previously known exploits, meaning people may already have been compromised due to the exploit, before any system updates, or virus definition updates occur to block it.

Hacked accounts are not a cut and dry "it is always your fault", or even usually that simple. Most security is a never ending fight to anticipate the existence of exploits you haven't actually discovered yourself yet.

This is not to say "nobody who got hacked is at fault". But it is to say that to assume they are always at fault is simply incorrect. If you are connected to the internet you are at risk. It doesn't matter how many layers of protection you have setup, how up to date your antivirus, how locked down your firewall. All it takes is one exploit.

So please, be considerate. Realize not everyone is at fault, and that maybe if they aren't prepared, it is because they don't know as much as you. Don't berate others who don't have the same knowledge as you, instead educate them. It will go a long way to improving the forums, and the game in general.

I will admit that I was using the same password for my email, facebook etc because having multiple passwords can be a huge pain. I since changed that.
<...>
all my email comes through my iphone and I never click links in my email.

In my own experience with family and friends, your phone itself is the most likely culprit. Any account you use on your phone has an even higher likelihood of being hacked then on your pc, because phone exploits are really profitable. So many people have personal information, phone numbers, contacts, passwords, bank account information, all on the phone, so it is almost always worth the effort to find a way to bypass the security. I have known many people who had their facebook hacked from their iphone, because they walked through a public area (eg airport) with wifi enabled. Wifi + facebook exploit, now they have your password for everything.

So my suggestions: never use open wifi; never use the same password for any account (especially the ones you access from your phone); and use the iphone security token. (Make absolutely sure you keep the emergency recovery key and in more than one location though.)

Also: don't let the attitudes or assumptions of others drag you down to their level.

Most of these exploits want bank account info, or email accounts to hijack and spread mass emails. What are the chances that these are looking for an SE account so they can login to FFXIV ARR and sell Gil? Probably only going to pick one up going to a sketchy Gil buying site, or some other sketchy FFXIV ARR third party site.

Nope. Actually this also is a misunderstanding of this black market industry (yes industry). You assume it is one person doing the hacking for a specific purpose. But in fact, people who hack information, often hack it for the purpose of selling it.

Usernames and passwords are very lucrative, if not as much as money. People like the gil sellers don't do the hacking themselves usually, they buy the information from someone else who is selling it not just to them, but to those who are likely to use it for other purposes such as hacking your e-mail to send spam, or trying to get into your bank account, etc. I.e. the hacking of a game account is just one way the hacked information is likely to be used. If you get hacked, you should be clamping down on everything, because chances are very slim it was "just a gil seller" and that they only hacked this game.

Rivienne you are a breath of fresh air on these forums. Thanks for being so kind and patient and providing constructive information. Included your original post because helpful.

[RyuujinZERO]

If it hasn't been said yet, what if I put you on there for a reason and forgot why ~ gil seller or not!

You just want everyone to remove you from their blacklists...lawl

At least a few guys have gone on my list due to them getting in a shouting match with a bot:

Bot: "[Buy our gold! - only $1 million dollars!]"
Guy: "Shut up!"
Me: "It's a bot, he can't hear you"
Bot: "[Buy our gold! - only $1 million dollars!]"
Guy: "Shut up!"
Me: "Just block him, quit spamming or you're going on the block list too"
Bot: "[Buy our gold! - only $1 million dollars!]"
Guy: "Shut up!"
Me: "Welcome to blacklist: Population - you and 199 bots"

[Nadiya]

Today I saw someone who I blacklisted a week ago in a FATE, so I removed as he/she obviously got the account back.

[Cienna]

On Monday, to see how the RMT banning is going, I tried deleting 6 names I blisted 3 weeks ago, and reported- soon as I zoned into Ul'dah from my room 5 of the 6 spammed me. The other showed up when I zoned to the MB. Needless to say I now just delete the (deleted) ones. Those RMTs are still there after 3 weeks! I am sorry for players that had their account hacked. If there was a way to know you have gotten it back, I will gladly remove your name, as you will no longer be a RMT spammer, but a fellow player. I look forward to that day too.