I got hacked for the first time in Final Fantasy XIV

[JuneStarwind]

As the title shows, I was recently hacked. I was foolish enough to copy and paste a link that was sent to me via "Tell". The tell stated something along the line of the player quitting the game soon and will be doing a 300M Gil giveaway. Me thinking that the link sent to me was the official Final Fantasy Forum turned out to be a fake. I entered in my account log in, and I found it odd that it wasn't logging me into the forum no matter how many times I entered in my login correctly. I noticed that I was disconnected from the game moments later, and so I tried to log back in. Oddly enough, it kept saying my password was incorrect. Turns out I received an email saying that a security token was just registered to my account. I never registered any security token. I realize I was just hacked. IMMEDIATELY I got in contact with Square Enix and they were able to remove the security token from my account, and I was able to log in with all my gear and gil still intact. I have now put a security token on my account so that this never happens again.

Has anyone or know of anyone that experienced this?

[Stormpeaks]

Did you at least get the 300 mil ?

[dspguy]

Consider yourself fortunate. These stories rarely end with "and I kept my stuff."

FFXI (2003 MMO) accounts used to hacked all the time. Gil lost. Gear lost. Characters deleted, etc. From the day security tokens became a thing, I've never read a post that went "I got hacked even though I had a security token." That's the lesson learned for other readers. Use a security token, never lose your account.

[JuneStarwind]

Did you at least get the 300 mil ?

Lol! Nah, I didn't. It was too good to be true.

[JuneStarwind]

Consider yourself fortunate. These stories rarely end with "and I kept my stuff."

FFXI (2003 MMO) accounts used to hacked all the time. Gil lost. Gear lost. Characters deleted, etc. From the day security tokens became a thing, I've never read a post that went "I got hacked even though I had a security token." That's the lesson learned for other readers. Use a security token, never lose your account.

Yup, I don't know how I was so fortunate. I logged back in and the dude had my character in his world server. I assume they were in the process of transferring gil and gear?

[Ryaze]

As the title shows, I was recently hacked. I was foolish enough to copy and paste a link that was sent to me via "Tell". The tell stated something along the line of the player quitting the game soon and will be doing a 300M Gil giveaway. Me thinking that the link sent to me was the official Final Fantasy Forum turned out to be a fake. I entered in my account log in, and I found it odd that it wasn't logging me into the forum no matter how many times I entered in my login correctly. I noticed that I was disconnected from the game moments later, and so I tried to log back in. Oddly enough, it kept saying my password was incorrect. Turns out I received an email saying that a security token was just registered to my account. I never registered any security token. I realize I was just hacked. IMMEDIATELY I got in contact with Square Enix and they were able to remove the security token from my account, and I was able to log in with all my gear and gil still intact. I have now put a security token on my account so that this never happens again.

Has anyone or know of anyone that experienced this?

Just so you know, adding a security token wont stop this from happening again. The false website you went to also has a field for the one-time password incase you have one added. If that's the case, they will use that info and login to your account just the same. The only way to not get compromised is to not fall for phising scams and follow good password security.

[JuneStarwind]

Just so you know, adding a security token wont stop this from happening again. The false website you went to also has a field for the one-time password incase you have one added. If that's the case, they will use that info and login to your account just the same. The only way to not get compromised is to not fall for phising scams and follow good password security.

For future reference, I have the security code authenticator so it changes the one time password every minute or so. Will that help? Of course, I won't be clicking on any links anyone sends me via game anymore though.

[Avatre]

For future reference, I have the security code authenticator so it changes the one time password every minute or so. Will that help? Of course, I won't be clicking on any links anyone sends me via game anymore though.

It doesn't help if you enter it into the fake site though. Since it's all scripted to log into your account in that timeframe that the token is still valid. The only way to REALLY protect yourself from these things, is understand that there is NEVER a 300m gil giveaway, or a petition for anything that "cannot believe SE is allowing this at this time" to be stopped. Also knowing that SE never has username, password, and OTP, on the same page. It always, ALWAYS, authenticates your username and password before requesting the OTP. That....and if there is ever a link that goes .com-xy/ then it is fake. SE will NEVER have anything other than .com/

[fafrir]

To add on, official forum threads start with https://forum.square-enix.com/ffxiv/threads/ and then some numbers with the thread titles following. Fake links (I have encountered those /tells in the past but never went to any links) tend to sneak some characters in the link to look authentic.

Glad you have managed to get your account back but please do be careful in the future.

[Vav2021]

Snip

I can't make fun of someone or belittle them for falling for these tricks, because they're getting more and more creative now. It hasn't happened to me yet, and I take very strong measures to make sure it doesn't. I'll share some with you and everyone else.

1. Closely inspect external links. If it doesn't have .com/.org, it's supicious. However even if they do have them, it's best not to go to them.

2. If you DO go to them, look at the website you're on. They somehow have the ability to mimic a landing page to make it seem legit. This goes for people using search engines too, be aware of the landing page.

3. If they have time to whisper, they have time to respond. You will notice that they don't often respond if you ask questions, and if they actually do, they are very simplistic, ranging from one word to just a mundane sentence.

4. If you don't recognize them, be wary. There's no harm in being cautious, and when it comes to ANY external links, ask a friend.

5. Do a character search. If you're all the way in Ishgard, and someone you don't know from the Central Shroud is sending you a message, something's off.

I'm horribly horribly sorry this happened to you, and nothing is more alarming than that cold feeling of having your account compromised. It's a hurdle that more people than you'd believe end up experiencing. And as I said, they are getting extremely creative. I tend to get very angry about it because sometimes they throw in emotional stuff to manipulate people. Humans are emotional creatures, and stuff like that reaches us really easily sometimes. HOWEVER, some good news comes from this experience, and particularly your experience. These bots and scammers result to using the same method across many, many, many accounts. You've alerted everyone to their new method, saving many potentially compromised accounts in the process. I'm glad that you got everything taken care of. Everyone be wary out there, it's only a matter of time until they have response systems that seem so convincing, you'd swear you're talking to a coherent person.