Zenimax policy on hacked accounts

Alexandrious · October 2017

martinhpb16_ESO wrote: »

Recently a member of my trade guild has his account hacked. From the forums It seems that other accounts were also hacked within a few days.

The guild-mate lost millions in gold and resources. He asked Zeni to investigate the resources where the gold and items were sent to, an obvious request. Zeni's reply was that they are under no obligation to investigate hacked accounts. They also failed to restore his items and gold, giving him a nominal amount of mats as compensation.

This policy needs a serious review.

In LOTRO when there was a spate of accounts hacked Turbine would restore all of the players materials and gold. Why does Zenimax not restore a players items and gold?

Many guilds carry multiple millions in gold in their guild banks. What happens when a GM or officers account is hacked and this money is stolen?

I would suggest that Zenimax need to be clear about their policies on hacked accounts and fully compensate players.

Thanks

My advice? wait for Pantheon or Ashes of Creation *if its not a scam* or go play XIV which is superior, though XIV's GMs are really really bad as well.

[Edit to remove bashing and misinformation]

Johnfred24 · October 2017

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

kyle.wilson · October 2017

Alexandrious wrote: »

My advice? wait for Pantheon or Ashes of Creation *if its not a scam* or go play XIV which is superior, though XIV's GMs are really really bad as well.

I forgot about Ashes, but when I look at the pre-alpha it appears to be more of a glamor shot of the Unreal engine than a game.
UE4 is a good engine, but outside that the gameplay looks terrible.
$3.5 million is barely enough money to hire programmers and keep the lights on. I'm not sure where they will get money to buy the needed servers to host a game. But, then again it may be a game that has no intention of release.

Cpt_Teemo · October 2017

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

KingMagaw · October 2017

This policy is simply bad - there are many ways for your details to get compromised and it's not always the fault of negligence on the player.

It is not hard to bypass firewalls when your email account would be stored, or is it hard to aquire old information like your MSN messenger that you may used the same account/password for Zenimax. Many of these details are wilfully sold on to companies or acquired by illegitimate people.

If i play from the same IP for 2.5 years and some fool logs into my account from overseas, cleans it out i would totally expect my account to be rollback, even by 1/2months to restore it.

The response from ZoS here shows they are only willing to take your money but give you back the least in return.

Personally i have sent in maybe 10 tickets over the last year and have had 0 constructive replies from them. Personally i think there should be stricter laws governing companies like ZoS so they have to provide some basic care to people who spend money to gain some service.

rustic_potato · October 2017

It is on the end user to protect the account. Not the dev. If ZOS started refunding stolen items that could be exploited pretty easily. So the current model for handling hacked accounts seems reasonable.

Alexandrious · October 2017

kyle.wilson wrote: »

Alexandrious wrote: »

Brah, Zenimax does not care, they just want more of your monies to spend less than 30 percent of it for game development and over 70 percent towards making Fallout Online.

My advice? Flip Zenimax the bird, and wait for Pantheon or Ashes of Creation *if its not a scam* or go play XIV which is superior, though XIV's GMs are really really bad as well.

I forgot about Ashes, but when I look at the pre-alpha it appears to be more of a glamor shot of the Unreal engine than a game.
UE4 is a good engine, but outside that the gameplay looks terrible.
$3.5 million is barely enough money to hire programmers and keep the lights on. I'm not sure where they will get money to buy the needed servers to host a game. But, then again it may be a game that has no intention of release.

Beh, reason I believe its a scam is BECAUSE they are using Unreal 4. Unreal just was not designed for MMO use, Vanguard Saga of Heroes and TERA is a testament to that.

But yea, Fallout Online. wooo. Just mentioning it makes my girlfriend wet, but eh, it aint happening. Kek

Cpt_Teemo · October 2017

Yeah its odd for an online game company not to care about this, I think every online game company should keep a backup of your account and be able to restore it anytime you want.

Graydon · October 2017

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

CalydorEstalon · October 2017

Dragath wrote: »

Slick_007 wrote: »

martinhpb16_ESO wrote: »

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

unless its changed, thats not correct. friend of mine was hacked while we were playing WOW. i even tried to get GM attention as my friend was logged in while he was at work, and he wasnt responding. i rang his home looking for him to ask him how come he was at home and was told nope, hes not here. GMs told me nothing they can do about it at the time even with a live hacked report.
fairly sure he did not have all items restored. they did not tell him how his account was hacked either. and you saying they CAN tell you means you made this up. How the hell would blizzard know that someone hacked your email for instance and got your password from that. (yes, people use the same passwords)

Hi ZOS, i sent all my stuff to my friends account, err, got hacked. can i have my account restored please.

can tell you from personal experience:
one of my twink accounts, which didnt have good pw, because i didnt really care, was hacked in wow. totally my own fault. got everything back from blizzard. gold and items per mail. gm also told me the account was used by a gold seller to advertise. happened during wotlk.

WotLK was the height of customer service in WoW. Things went downhill ever since.

Cpt_Teemo · October 2017

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Any other MMO company that i've played rolled your account back if you got hacked no matter if it was from they're end or yours

Swtor, WoW, FF14, Lotro, AoC, Swg, and more

Tandor · October 2017

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Or installing cheat engines, other unsupported third party applications, or even obscure addons.

ThePrinceOfBargains · October 2017

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these malicious sites and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

Cpt_Teemo · October 2017

TheMaster wrote: »

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these viruses and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

Yeah or if anyone did even get hacked as well, I've heard people making fake hacked posts just to get back at the companies for some odd reason.

Tandor · October 2017

Cpt_Teemo wrote: »

TheMaster wrote: »

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these viruses and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

Yeah or if anyone did even get hacked as well, I've heard people making fake hacked posts just to get back at the companies for some odd reason.

I suspect falsely claiming your account was hacked is a common defence to disciplinary action by a developer (as in it wasn't me who exploited, my account got hacked) as well as a means of justifying your situation to your friends and guildmates.

UnseenTruth · October 2017

Tandor wrote: »

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Or installing cheat engines, other unsupported third party applications, or even obscure addons.

lol
maybe dont turn on your pc at all?

SydneyGrey · October 2017

Sometimes when an account is hacked, it's because they gave their info to gold sellers. (But not all the time, of course.)
So when someone is hacked, ZOS should look for evidence that they bought gold from gold sellers. If they find evidence, they shouldn't feel obligated to completely restore the account. If they do NOT find any evidence, then they should restore the account completely, 100%.
That's just my take on it.

TheMaster wrote: »

Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Well, actually if it's a gold seller, then yes, they do care about taking one guy's gold and materials, because then they re-sell those for real money. I know most hackers are just after credit cards, but in this case, there is an alternate reason for them to want to hack players.

notimetocare · October 2017

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

Very often, it is their own fault.
Shady websites
Using the same PWs
No extra authentication (not just ZoS 2step auth)

starkerealm · October 2017

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

There was a spat of hacked accounts, that were geographically localized. It was all in the same Eastern European country (though, I can't remember which one, for the life of me.)

Anyway, in a situation like that, it's possible that someone managed to execute a man in the middle attack, and was picking up credentials to their email and game (along with anything else that got shuffled around cleartext.)

It's also possible that these people were using the same password in some other system, and that was compromised. Particularly if the login data there was stored cleartext.

Basically, if you use a password for a service, do not reuse it elsewhere. This doesn't stop people from doing exactly that, and having their accounts compromised, but it's a bad practice. That said, it's also an understandable one. If you're basing all your security on a single password because it's easy to remember... that's a reasonable mistake to make, if you're not tech savvy, and the idea that someone would compromise your password and gain access to other systems via that.

Bonus points when you're dealing with someone who thinks the only way their password can be compromised is if their computer is turned on. (Yes, I've seen that before.) $:\$

Malic · October 2017

Cpt_Teemo wrote: »

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Any other MMO company that i've played rolled your account back if you got hacked no matter if it was from they're end or yours

Swtor, WoW, FF14, Lotro, AoC, Swg, and more

Yes youre right. I know people in other games who have been hacked and been restored. The problem here isnt ZOS its the gamer, not that they got hacked but they expected the industry standard from ZOS.

If you want them to change get your guild together, do a guild email and list the user names, amount they spend on the game and a date on which you will stop spending money on the game unless he is restored. Now Im betting you wont do this, but thats the language they will understand.

When you have a company who takes your patronage for granted, you have to be willing to withhold future patronage to affect change. Otherwise they arent going to move.

martinhpb16_ESO · October 2017

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

If your bank account is compromised its your fault simple pimple. if your car is broken into you shouldnt have parked there simple pimple. If your house is robbed you shouldnt of gone o holiday simple pimple. If your mail is stolen on the doorstep you should have been in when it was delivered simple pimple. If your pc gets a virus you shouldnt have clicked on that phishing email simple pimple. If you get beaten up you shouldnt of looked that guy in the eye simple pimple. If your car gets in a crash you were driving on the wrong stretch of road simple pimple. If your bag gets stolen on a night out you shouldnt have had a drink simple pimple. If your granny gets mugged she shouldnt of got old simple pimple. If you get stalked its your fault for looking damn fine.

Yeh its always the victims fault - never the criminal. Lame.

martinhpb16_ESO · October 2017

notimetocare wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

Very often, it is their own fault.
Shady websites
Using the same PWs
No extra authentication (not just ZoS 2step auth)

So when a crime is committed its the victims fault. That argument failed in law hundreds of years ago.

idk · October 2017

TheMaster wrote: »

How did he get hacked?

Good question.

I know of only one player that has been hacked. His comment was it was Zos's fault because he his password was a good password since it has not been hacked since early WoW days.

Of course he used the same password for his email as well which is a major issue in itself since anyone doing that basically gives their account to someone who gains access to their email.

Personal responsibility is what comes first. Unless someone breaks into your home and uses your PC they need both your game and email PWs.

To be clear, Zenimax would consider the above when making their policy.

martinhpb16_ESO wrote: »

notimetocare wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

Very often, it is their own fault.
Shady websites
Using the same PWs
No extra authentication (not just ZoS 2step auth)

So when a crime is committed its the victims fault. That argument failed in law hundreds of years ago.

If the player is lazy about securing their account is it Zenimax's fault?

Your examples in posts above are not a good comparison. However, if someone steals your car or breaks into your home there is no guarantee anything will be returned.

Using your example, Zos can report this to the police and if they find anything then the criminal can be prosecuted. Simple Pimple.

Egonieser · October 2017

TheMaster wrote: »

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these malicious sites and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

I know first hand of a few MMO's where mass hacking and countless phishing sites have been made and numerous server breaches. You know why? Because of black item market. MU Online comes to mind - one of the oldest running MMOs in existence. It's black market is more live than in-game market. Because some items are so rare to get, require ludicrous amounts of grind and RnG it can't be sold with in-game currencies. There simply is not enough space to store nor safely trade the sheer volume of currency some of those items cost. And those items have price in thousands, sometimes dozens of thousands of Dollars/Euros. I myself got my hand on an item once that was so rare I was offered 10k dollars for it.

There is a real and tangible benefit for mass account hacks and phishing in such games and is very rampant because it translates to lots of $$$ irl. Not far off from hacking a bank, but with much less severe repercussions.
Same can be done here. Though to a much lesser extent (one of reasons BoP/E system exists in a MMO) but hack or phish some info from a few well established accounts yet not too many as not to start a mass panic.
You have enough in-game goods to sell on in black market and gold seller websites to get yourself some nice can of beer (metaphorically speaking). Sure it doesn't compare to hacking a bank, but neither does it hold the same reprecussions - for a decent hacker with some spare time on his hands and as a way to fight boredom it's an easy way to get some pocket change relatively safely. At the worst he will get found out and those accounts banned/removed - no big loss as opposed to a jail sentence.

Not all hackers go all-in and hack only the Pentagon or to obtain credit cards.. Many just choose a easy and safe way to make a living or some side-income. And there is no better or easier way than doing it in a game.

Slick_007 · October 2017

martinhpb16_ESO wrote: »

So when a crime is committed its the victims fault. That argument failed in law hundreds of years ago.

you're taking that out of context.

the time i got a virus, i know where it came from. it came from the dodgy websites i clicked on. i knew it was dodgy and i got done. had i not clicked on the links i would have been fine. yes, that was my fault and yes there are things you can do to prevent that from happening (i had AV, it didnt work that time)

hackers will get you if they really want to. but hackers dont target individual normal regular people. its just not worth it. so 99% of people will never get hacked. Yahoo got hacked and apparently finally admitted how bad it was. ISPs get hacked. because those places have enough information for ID theft. Once a hacker gets one part of your information, they use that for others and the most common is the same password. YOU can deal with that by not using the same password, like everyone tells you not to. strong, different passwords means they dont get everything. Yes, if they have access to your email they may be able to reset some passwords, but it becomes harder and time consuming. and once they start, time is not their friend.

There are things you can do to prevent most of the bad things happening. If you fail to do those things, then yes, you are partly responsible for the consequences.

MLGProPlayer · October 2017

How to get hacked:

1. Don't set up multi step verification
2. Give out your password to other players
3. Download a keylogger on your computer

Cpt_Teemo · October 2017

MLGProPlayer wrote: »

How to get hacked:

1. Don't set up multi step verification
2. Give out your password to other players
3. Download a keylogger on your computer

You forgot #0

0. Watch *** with no anti virus program

MLGProPlayer · October 2017

Cpt_Teemo wrote: »

MLGProPlayer wrote: »

How to get hacked:

1. Don't set up multi step verification
2. Give out your password to other players
3. Download a keylogger on your computer

You forgot #0

0. Watch *** with no anti virus program

That's how #3 happens.

zaria · October 2017

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

This, and this is how you keep customers. its pretty trivial to do as they probably have backups, probably.
In many ways ZoS behave like an pug dungeon group, One who wipe repeatably on first trash in Wayrest sewer 1 normal.
Yes its nicer to say than bumbling idiots with their head so far up their ass that they see light.
Another example is the level requirements for normal dungeons who is stuck in 2014 and require changes of some 30 values in database.

Note that account restore also hurt account selling very hard, you buy an account, now the bad news is that the seller can take it back any time. This is done in WOW.

Tavore1138 · October 2017

LegendaryMage wrote: »

Tavore1138 wrote: »

LegendaryMage wrote: »

If someone's going to take over your account, first they need to know which email address you use with that account. Then they need to break into that email account, and then on top of that, they need to break into your game account that probably has a different password as well.

So we're talking 2 password cracks and you must know the email address in the first place, which won't be easy if you don't go around and tell everyone about it all the time.

Use a different email for your ESO account, and a different password. If you get compromised, someone was very good at phishing and you fell for it.

edit; Zeni's policy is not good either, incredible that they don't want to help with this.

To be fair they only need your account access details - half of which is freely visible to everyone in the game. if they have those they can access you account and alter the email address to which the confirmation for a new IP: access is sent.

So really they just need to crack a password which given the average level of complexity many people use is probably just a numbers game - and even then we are assuming that ZoS have no security leaks either human or electronic at their end. It is not at all unusual for this sort of breach to be a disgruntled employee sharing details of accounts for cash.

What do you mean change the email of the account before you enter the access code? Access code comes first.

It doesn't have to be - if you have the username/password combo rather than logging into the game itself and triggering an account code to an email you can't access you instead log into the account management page, change the password there and only then try to log into the game once you have changed it to a friendly mail you can see. Obviously you still have to get another piece of info to answer the security query but it's potentially a lot more fish-able than an email account and password combo.

My wife and I had noticed a recent flurry of threads on people being hacked so we both went and reset ours in case it was something like an employee who left and took a stack of account info with them because whichever route you choose to hack in it's a lot of pieces of info to acquire just to get into a game account.