HELP! I GOT HACKED! GAMEMASTER HELP?

[Canadane]

One time my mom called me, saying she got a call from Microsoft:
"Microsoft is calling me honey -- they need my credit card to get rid of a virus on my computer."
I was so proud she didn't and called me instead.

My wife once told me that her corworker came in late to the office, he was on the phone wit hthe FBI saying his taxes were done incorrectly and they'll put out a warrant for him unless he can pay the difference... in Walmart gift cards. I'm glad my wife was able to talk some sense into him.

[StriderShinryu]

Sucks to hear you got caught by this, OP. But thank you for posting here regardless. I haven't received any message like this (yet) but it's good to know it's going on out there just in case.

For those who aren't aware, Square has already stated that the game development is delayed and they have taken measures to work safely as best they can. There is no need to worry about the staff or to take part in petitions, etc. on their behalf.

[Iscah]

EDIT: I reported it to SE already using the support desk in game, we also found out not only my game was compromised but they hacked into our IP address and took out information, they sent a threatening message TO HIS PHONE NUMBER to my fiance saying "youre next, all your gil will be gone too!" and the thing is we dont have any friends in FFXIV and we dont know anyone who plays it either why do they do this sort of stuff?

That's definitely disturbing, whether they've "hacked the IP" or gotten into your information some other way. Do you use your game password for things other than FFXIV? What else might they have gotten into?

Question to everyone: if the scammers got the IP address from the victim visiting their site, would they potentially start poking around in it on the assumption that anyone who would fall for the scam also probably has poor internet security overall?

[Klaleara]

No I mean, you have to put in the code it gives you when you log in right?

If you give them the code when you "log in" to the phishing site, then the 2fa is pointless because you gave them the code to get in.

A lot of (And my preferred method) of 2FA tokens are pushed. Meaning, you'll get a text, or a push to your 2FA app. Meaning, it can't get scammed like this due to the fact that the site would tell you to put in your 2FA, but you couldn't receive your 2FA token since you actually didn't attempt to sign in.

The scammers would get your login info, but they wouldn't actually be able to get into your account, due to the fact that they didn't get your token.

[Klaleara]

That's definitely disturbing, whether they've "hacked the IP" or gotten into your information some other way. Do you use your game password for things other than FFXIV? What else might they have gotten into?

Question to everyone: if the scammers got the IP address from the victim visiting their site, would they potentially start poking around in it on the assumption that anyone who would fall for the scam also probably has poor internet security overall?

If they were diligent enough, they could get your general location of where you live. Basically they could get your zipcode, which they could use along with your credit card information if they managed to get that too. If they JUST got your public IP and that is it, pretty much nothing would happen to you.

If you happened to be a multi-billionaire without proper security, a serious hacker could potentially get through the firewalls, and get a tunnel into your system. But no hacker who is able to do that is going to care about anyone less.

[Selova]

Why in the name of the twelve would you ever click on any link whispered to you in-game from someone suspicious? I hope they sort everything out, but this should be a learning lesson. Do not EVER click on any links from a source you are not familiar with, ever. It will save you a headache (like this one) in the long run.

[AduroT]

My wife once told me that her corworker came in late to the office, he was on the phone wit hthe FBI saying his taxes were done incorrectly and they'll put out a warrant for him unless he can pay the difference... in Walmart gift cards. I'm glad my wife was able to talk some sense into him.

Got a phone call I’d won a free cruise, just needed to give them my credit card info.

[Curisu]

A while ago I used the same ID and Email on a other platform I forgot about.
Then I received a email that random persons worldwide tryed to log in into this unused, worthless account.

When I got home from work, I was not able to log into my SE account because of to many false log in attempts.

That was the moment I activated 2f.

Btw, is it possible to change the login ID?

[Sylve]

My wife once told me that her corworker came in late to the office, he was on the phone wit hthe FBI saying his taxes were done incorrectly and they'll put out a warrant for him unless he can pay the difference... in Walmart gift cards. I'm glad my wife was able to talk some sense into him.

Where i work, we have regular announcements warning customers about fake tax calls wanting to be paid via itunes and other gift cards.

We even have signs around the place warning people about it. It baffles me how people can fall for it so hard that we actually need to do public announcements and ram the warnings down their throats.

[Katalyn]

That's definitely disturbing, whether they've "hacked the IP" or gotten into your information some other way. Do you use your game password for things other than FFXIV? What else might they have gotten into?

Question to everyone: if the scammers got the IP address from the victim visiting their site, would they potentially start poking around in it on the assumption that anyone who would fall for the scam also probably has poor internet security overall?

I would say it's much more likely they could be using their phishing website to push malware to unsuspecting people. You don't have to download anything they could install it to the victim's system by exploiting software vulnerabilities. I don't know if that's what they do or not, but it would be a far easier way to infect and gain access to someone's machine than trying to use the IP address to penetrate it.