How are they hacking my brothers account

[Rogue3x]

I've changed the password 3 times. Each time from a different pc and even changed it once from my tablet and they are still logging on to his character. I have already bought him a security token. I tried the software token but for some reason it's telling me his ID/Bday don't match (lol?)

Is there no choice but to wait until the physical token gets shipped?

[BlackEdelweiss]

Do you have a smartphone? If so, I would suggest downloading the SQEX Token. This way you don't have to wait until the physical token gets shipped.

[gigi_frana]

what antivir / protection are you using?
one of the best (my choice) is:
http://www.kaspersky.com/pure

[FFLink]

Reformat Windows.

[zenmetsu]

How to avoid getting hacked:
1) Don't use the same password on multiple sites.
2) Don't enter your username/password on 3rd party sites.
3) Don't use a simple password: 8 character minimum with mixed case, numbers and symbols. Definitely no dictionary words.
4) Don't install pirated software on your machines.
5) Don't install questionable software on your machines (game cheats, etc).
6) Install a well-known and trusted antivirus package.

Seriously though, most people get hacked because of #1 and #2.

[Rivienne]

On point 6, which I agree with, I would add:
7) install the ad-aware and the like plugins to your browser, and if using chrome make sure to have "Enable phishing and malware protection" enabled.

Typically the ad blockers like adware still enable "trustworthy" ads like google adsense, and blanket block anything else. It isn't a perfect fix, but it has saved me from malware in the past, and I usually do my browsing on a Mac. (Most known exploits for mac involve web browser exploits)

To explain this a bit further, most people misunderstand this market and how it works.

A good many times passwords and information have been stolen through malware, which is distributed through browser exploits, such as by embedding in ads on otherwise legitimate (if poorly managed) websites. This information isn't necessarily stolen by the gil sellers directly (though it could be), but rather the people stealing the information are known to sell it to many such companies. E-mail addresses, common id's associated with them, and any passwords, (not to mention personally identifiable information that can be used for identity theft) are all valuable commodities that aren't merely stolen for direct use, but for sale value.

This is what most who people who assume that this is the result of falling for the gil sellers miss: this isn't a self-contained company. There is a literal black-market of account and personal information, that is traded or sold by these companies, who in turn use any and all means needed to acquire not a single persons personal account, but as many peoples accounts as they can. It is data mining at its worst. They don't care about a single phish. They want as many people as they can get. If this were about just the people who fell for it, the market would dry up very quickly through normal security measures.

[Nin-Lil-izi]

I'll a number 8 to this:

8) Never access the web from your gaming machine. Windows is just not a great idea for web browsing, if the machine is used for anything of value at all. I don't even have a web browser installed on mine.
If I need to be looking at websites or downloading files. I'll do it with one of the Linux boxes at my desk and transfer files over the network.

It's a very effective stratergy. You won't catch anything from visiting dodgy or compromised sites ever. And your OS install on the gaming machine will remain clean, shiny and fast as the day you built it long past the lifespan of its harddrives themselves.
Sure, you have to change your behaviour slightly. But the anxiety and worry of trojans and such nasties ruining your day will be gone almost overnight.

[Rogue3x]

I should be more clear I guess. My brother was at work, his computer is sitting next to me not being used. I changed his password from my Tablet and watched his character log off from my pc and watch him log back on again even after the password change.

No one has touched his pc to type in the new password so I know they aren't getting it from a keylogger on his system (which is clean BTW I ran multiple scans with different programs).

[Conradus]

I should be more clear I guess. My brother was at work, his computer is sitting next to me not being used. I changed his password from my Tablet and watched his character log off from my pc and watch him log back on again even after the password change.

No one has touched his pc to type in the new password so I know they aren't getting it from a keylogger on his system (which is clean BTW I ran multiple scans with different programs).

Perhaps it's your tablet that's compromised?

[Xendros]

If it's anything like WoW and GW2 they can bypass the login system completely. My WoW account was frozen at one point after Cata launched and gold sellers managed to add free game time to my account while it remained frozen. Not once did I get a notification about my password or email being changed. In fact my account was still frozen when I finally called Blizzard to reclaim my account and get it unbanned. The status changed from banned back to frozen.

*Conjecture*
I suspect the gold sellers have created a script that can access the character database and look for accounts that don't have authenticators tied to them in WoW. From there they use another program to add free game time and change the character status to logged in. Then they just use a modified client to use the account they've jacked and go about their gold farming and selling.
*End Conjecture*

It's possible the same thing is happening here in FF14. I seriously doubt so many have been hacked due to user error.


EDIT: I should also add that the Blizzard rep I talked to the phone told me directly that game time had been added to my account. I asked how that was possible considering my account was frozen and I was never notified for a change in account status. He couldn't/wouldn't give me a straight answer. He only helped me recover my account, add a new authenticator and restored all my items and gold.