Account got hacked yesterday

[Kaes]

I like blizzard security system.

I like how Square Enix included this with the CE.

[Bizniztyme]

Bro, when your guilders got hacked? I post here with 2 purpose.
1. Warn others
2. See if anyone know the Answer,does SE recovery player account or not if their account got hacked.

I'm sure if you call them (if you can get a hold of them) they can probably look into it by tracking IP addresses that your account was logged in from, probably take them weeks to months though. Sorry you got hacked, definitely not a great feeling.

[nasomi]

He could have earned 20mil with low levels. I was fishing and grabbing up those difficult to find pieces that bound materia to gear, when no one knew where to get it or the logic of it. I made a fortune, and my fishing was only in the 30's. Since a lot of them were well below my level i didn't get xp or got very little xp for it, and farmed the crap out of it to slowly release to the public for a great deal of gil.

[neoreturn]

Yesterday, he logged in and all his gil was gone. He contacted support but he hasn't gotten a clear answer yet. Will let you know if he does.

Same to me. Thx for the info.

[Ehllfhire]

Why should SE recover anyones gil when it was their lazy or ignorant computer habits that got them hacked in the first place.

[Xatsh]

Guide to Never (or almost never) being hacked:

1) Do not use internet explorer ever
2) Make sure you have a script blocked installed on your internet browser (firefox or crome)
3) Do not use the same password as every other site you visit
4) Use a 1 time password (renders nearly all key-loggers irrelevant)
5) Never let a friend or anyone else use your account
6) Do not use rmt leveling services (this should be a given, that and you can be banned for doing it)
7) Check hyperlinks to make sure it is legit. example if it is this test . com and when you hover over it and it says www test .asia.facesmashkeys.com do not click on it.

I heard norton mentioned, the truth about virus scanners is this. If the virus ID is not in the virus scanner it will not be detected. If you use one of the big ones Norton/McAfee for example most talented coderspe writing programs to steal your stuff will test thier virus to make sure those scanners do not detect it. Most keyloggers on sites are Java Script based, script blockers while annoying will nearly 100% block them... I never got another virus since I started using them... do not want to say 100% because I believe that is impossible.

[Huginn]

in FFXI, before the RSA tokens were available, I was hacked by an exploit in Adobe Flash Player. This happened just after Adobe acquired Flash from Macromedia. The site "Somepage.com" had an infected ad that targeted users of FFXI and i had an outdated version of Flash. It need not be the traditional "keylogger" to take your account info.

In short, the Security Token is invaluable. The mobile phone security application is a good start, but it can be hacked as well, your physical token can not be remotely hacked (with the very rare exception of a breach of the original keys, which should not be exposed in the first place.)

If you use your mobile phone and the security application on it... DO NOT EVER log into any SE account page on your phone, EVER! if you do not allow an attacker to know what account your key is good for, then even knowing your key does not allow them access.

[Xatsh]

snip

somepage got me as well, that is what got me off explorer and using noscript. Worst experience ever. 2 weeks of arguing with SE on the phone ( over 20hrs of calls and being hold) and them telling me nothing I can do, finally got 1 person with common sense who at least reset my password. To find out I had all my gil stolen (thankfully no gear yet) and $50 real life money stolen from me from illegit transfers that SE refused to reverse of give me a refund on (they even admitted it was when I was hacked on the phone......). SE told me if I did a charge back they would perma ban my account... so I was forced to eat it.

After I finally got the account back I had to wait 3 rl months to play with my guild on my main account again due to the transfer cooldown.

To note I do hand it to SE, while their customer service is still subpar in response time and such... it is 1000 fold better then it use to be back in the day.


My advice is GET THE TOKEN... the 2secs to input the code is more then worth the potential nightmare for not using it.

[Kayo]

I use the OTP but it comes with its own risk. Losing it or breaking/losing your phone = even bigger headache, at least with a hack you can change your password, virus check, and continue playing. When I set up mine it pretty much said to come up with a master password to remove the OTP from my account should I ever need to. Kind of defeats the purpose if you ask me .... /shrug.

Still worth it IMO, just saying, take care of your code gen, be it one your phone or the pchysical one. And make sure you remeber to turn it off before you switch phones.