Anyone ever do a rollback? I got phished..

[Mikey_R]

A OTP is active for a little while, so if you put all your details onto a phishing site, they can use a script to quickly log into your account whilst the OTP is active before it changes. From there they can change what they want.

[Tierala]

lol i used to play PSU...we "did the rollback" all the time XD

[Vahlnir]

lol i used to play PSU...we "did the rollback" all the time XD

Devs: "Oh, you got that shiny new S-class weapon?...Well, that's just too dang bad. Better luck next time, champ. *hits the rollback button*"

God I hated that "feature".

[Fellgon]

Hello, i have a question so i got phished... yeah.. they hacked into my account luckily i emailed square and they removed the token and i changed all my stuff and got my account back.
I logged backed in and all my gill was gone alot of it so i filled the forum for a rollback but now I'm seeing that it takes a super long time and really have no idea where the rollback would be, i am wondering if anyone has experience on this.... my whole thing is to with the ffxiv collab event coming up i don't want to miss that's like 10 days away and whatever i do get will just be deleted nothing more i have been waiting to get that regila for a long time LOL

Also any advice or information or experience would truly help on this matter thank you guys.

i know i feel so stupid...... i took precautions now.. what's done is done.

I had this experience back in wow classic in 90's, wen i didn't had a token, i clicked in a mail inside the game...they removed all my gold and armor, luckily i contacted support, they gave all my items back but gold was lost forever...this in classic wow was like a nightmare, but at least, after that, i never clicked in anything inside the game, delete suspicious mail, and bought a token myself to be safe. An advice for you: dont post links inside the game in your web browser. its better research by yourself than trust in links in the game.

glad you have your account back!

[Sirfoxeh]

For anyone seeing this thread with questions as I did. I want to leave my perspective as the process can be mysterious. I was phished in a similar way to OP. Even though I had phishing training, I still let my guard down. I wasn't cognizant, perhaps half asleep.

Dec 28, received a tell about a community event through the forums. I blindly followed the link to see what it was about, it looked like these forums. The thread was indeed looked like a community event and there were multiple replies and updates to the page. In infinite hindsight the attackers went through extensive lengths to setup this phish. I was reading through some of the replies etc. Everything seemed pretty normal, not much looking like bots. It was several years since I've been to the forums, and the URL was similar to the actual forums URL but with a tiny difference. It wasn't obvious until after I tried to login.

It was immediate from the instant I hit login that I had been phished. There were several redirects until it landed me on the EU forums (I'm NA) with a bad one time token prompt. I was in game still at this point, and I got the black screen with the authentication error. It had dawned on me, sinking feeling and all.

I was quick to try to change my password from the launcher's "forgot your ID", it was too late. A token was added to my account (Yes I didn't have one, few years back I lost my phone, was a pain to get removed, still recommend one).

Using the launcher seems like a good Idea, but its very difficult to be fast enough to counter the attack. The phish also had a token field, attackers are advanced enough figure out the next entry on the token. The best counter for Sqex might to add email verify before new token is added as my email was never compromised.

I was on customer service fast. Within ~10 mins I was in customer support chat explaining the situation. The rep unlocked the account enabling login. I saw my characters gil missing and transferred to a different server. So the rep put my account on suspension since it was compromised. There were numerous identity verification steps in there, many password changes. I had read through various other third party forums and these ones that this suspension could take a long time, but for me it was 3 days.

From the lifting of the suspension on Dec 30th I filled out the character rollback form roughly within a quarter day from the lifting. It's only been 4 days since then so I'll update this when the character gets rolled back so there's an account of how long it took me.
I was advised not to play as I would lose progress, mostly stuck to that but have done raids/trials to get experience, passing on all loot as I wouldn't keep it. I created another character and have done some small leveling. I don't know if that character will be affected, I'm ok with it. Just practicing on a class I haven't played in forever.

Well, hopefully its not too long until my follow up on the roll back.

[Rayne6665]

Advice: if you ever see those again, dont fall for those fake forum links from a scammer on a person’s hacked account name that sent you a tell/whisper about the 300M Gil giveaway, its fake to steal your logins. Blacklist them and go on about your day. These hackers are a lowlife pos. Sorry that has happened to you tho :3

[Katt_Felista]

People thinking a random person really gonna give them 600mil gil from the forums of all places.
A massive red flag should be when you have to log in lol. But people some how fall for that.

When all it takes is to notice the forum link and how different it is from the official one. On the internet, every time there is mention of stupid amounts of money or currency, you should allways have your spidey sense tingling. It is 1000% of the time sketchy.

[Sirfoxeh]

Ok so to follow up and give players an idea of how long to get a character recovered from a roll back based on my experience:

• 28 Dec 2021: Customer Service locked the account
• 30 Dec 2021: Suspension lifted and requested character rollback
• 4 Jan 2022: Email requesting confirmation of rollback
• 5 Jan 2022: Placed in rollback queue
• 18 Jan 2022: Character rollback finished

I am pretty thankful that the CS team got me back up and running in about 15 business days. There was an issue with the rollback where two of my job crystals are missing because the rollback landed before I started playing them, but I'm confident the GM's will help me out.

[Eraden]

I've gotten tells of this sort at least three times already. I have ignored them and will continue to ignore them. However, is there nothing that SE can do to stop this vile activity?

[Jojoya]

I've gotten tells of this sort at least three times already. I have ignored them and will continue to ignore them. However, is there nothing that SE can do to stop this vile activity?

They cannot control what people do. They can only respond to what has been done. In the end, the only thing that will stop scammers is for people to get smart and stop falling for the scams.

I know many have suggested SE should implement a message blocking system similar to chat filter plug-ins but that risks blocking legitimate communication between players. If the individual player wants to risk blocking chat messages, that's their choice.