HELP! I GOT HACKED! GAMEMASTER HELP?

[TyrTry]

Pretty crazy to me how people put this much effort in developing phishing scams to steal gil in FFXIV, is there really that much money to be made for the effort? (Assuming it's RMT related)

Unfortunately, yeah. It must be as it just seems to be never-ending. A quick fix that tends to come at a price (and I mean a lot more than your wallet or gil).

[ShadowPrincessD]

i did get hacked BTW look at the edit i just did on the post

[Canadane]

i did get hacked BTW look at the edit i just did on the post

No, you took the phishing bait. I'm sorry I know you don't wanna place the blame on yourself but we've probably all gotten these tells multiple times by now. The website TLD is not identical to anything SE uses.
Knowledge is power here, and understanding what happened is only going to help you and others not also fall for this.

I'm sorry for what happened I feel for you, but understanding exactly what happened to you is important. Your edit makes...little sense. Your IP cannot be hacked per se. Getting your personal information and getting threats is almost unheard of from RMT they kust want to empty your gil and use your character to spam the same RMT message you got in the first place. But if they did have your account access they could also in turn log into your account management and see your personal information. This is likely how they sent you a message, if any.
If you had used a security token on your account, it wouldn't have helped your initial character loss. You would have still had someone log into your character. But it may have stopped them from logging into your SE account management as the OTP would have changed and your personal information wouldn't have been accessible.

Again, it sucks to have happen, but be wary of suspicious links. You can stop it from happening again.

[Klaleara]

No, you took the phishing bait. I'm sorry I know you don't wanna place the blame on yourself but we've probably all gotten these tells multiple times by now. The website TLD is not identical to anything SE uses.
Knowledge is power here, and understanding what happened is only going to help you and others not also fall for this.

I'm sorry for what happened I feel for you, but understanding exactly what happened to you is important. Your edit makes...little sense. Your IP cannot be hacked per se. Getting your personal information and getting threats is almost unheard of from RMT they kust want to empty your gil and use your character to spam the same RMT message you got in the first place. But if they did have your account access they could also in turn log into your account management and see your personal information. This is likely how they sent you a message, if any.
If you had used a security token on your account, it wouldn't have helped your initial character loss. You would have still had someone log into your character. But it may have stopped them from logging into your SE account management as the OTP would have changed and your personal information wouldn't have been accessible.

Again, it sucks to have happen, but be wary of suspicious links. You can stop it from happening again.

If they hit the scammers website from their computer, the scammers could have gotten their IP. Just, nothing they could really do with their IP lol.

Secondly, pretty sure a security token on the account would have helped the initial character loss, as it's required to use the token to login to the game and get access to the character. A note, there are already plenty of ways to get around two-factor authentication, decent hackers get by it with fair ease. However, anyone with those skills aren't going to give 2 f's about someones final fantasy character.

[Valkyrie_Lenneth]

If they hit the scammers website from their computer, the scammers could have gotten their IP. Just, nothing they could really do with their IP lol.

Secondly, pretty sure a security token on the account would have helped the initial character loss, as it's required to use the token to login to the game and get access to the character. A note, there are already plenty of ways to get around two-factor authentication, decent hackers get by it with fair ease. However, anyone with those skills aren't going to give 2 f's about someones final fantasy character.

Nah, they capture the code with the fake login site then immediately enter it into the client. That's how they login.


2fa won't help you if you give them the code lol.

[Avatre]

Nah, they capture the code with the fake login site then immediately enter it into the client. That's how they login.


2fa won't help you if you give them the code lol.

That's also assuming the site that you are "logging" into has the spot to enter 2fa. If they don't, then there would be no way to get into the account. As I haven't even looked at those phishing links, I don't even know if they have a field for that.

[Klaleara]

Nah, they capture the code with the fake login site then immediately enter it into the client. That's how they login.


2fa won't help you if you give them the code lol.

Depends on the 2fa you have? Most 2fa's is just a text to your phone, not an actual token. It seems that FF14 uses the token version though, which is meh imo.

[Valkyrie_Lenneth]

Depends on the 2fa you have? Most 2fa's is just a text to your phone, not an actual token. It seems that FF14 uses the token version though, which is meh imo.

No I mean, you have to put in the code it gives you when you log in right?

If you give them the code when you "log in" to the phishing site, then the 2fa is pointless because you gave them the code to get in.

[Canadane]

If they hit the scammers website from their computer, the scammers could have gotten their IP. Just, nothing they could really do with their IP lol.

Exactly, that's not "Hacking an IP" that's just seeing it.

That's also assuming the site that you are "logging" into has the spot to enter 2fa. If they don't, then there would be no way to get into the account. As I haven't even looked at those phishing links, I don't even know if they have a field for that.

They do, a friend with the token has been compromised one drunken night he wasn't too smart. He assumed the site just auto-logs in to a client with the credentials without human intervention, which would make sense considering the speed which would be required to use the information.