My account was hacked!

Mrtoobyy

Hi.
I tried to login to the game today but it says my password/account name was wrong. My fears were real... My account has been hacked, I can see in my hotmail removed objects there were mails regarding password change etc on Saturday March 29th. Everything seems ok on the account EXCEPT all of my in game gold are gone? I had like 300 k before and now I have 21. Is there any way to get this gold back? Can one see to wich player this in game gold has been transferred to? And is there more ways to ensure account safety then just the secret question?

JamieAubrey

Not a lot can be done TBH

ZaroktheImmortal

Not sure if you can get your gold back or anything could try contacting support. There's a page on the support page of the page on if you get hacked which has what to do after to get your account back but as for gold I guess all you can do is ask. Maybe try opening a ticket

https://help.elderscrollsonline.com/app/answers/detail/a_id/21560/kw/hacked

Mrtoobyy

It's so sad that people do this.... Hiding behind computers and do all sort of things, if they only were to do it in person I wouldnt mind giving them the treatment.

I sent a ticket to Zenimax and hopefully they will get back to me asap. Thanks guys for the fast replies.

idk

^^^

And take note they sugget changing passwords for every web service you use. Your email as likely hacked (had to happen) for someone to gain access to your account. That means everything tied to your email is compromised (bank accounts, FB, more).

Do not choose easy passwords, nothing dictionary based. The more important the account the better the PW should be. Do not make your email the same as any other PW.

witchdoctor

Seems they hacked more then just your game info, they'd need email too.

Did you 'lend' your account?

Other than reporting it, there is nothing going to happen on the forums.

Mrtoobyy

idk wrote: »

^^^

And take note they sugget changing passwords for every web service you use. Your email as likely hacked (had to happen) for someone to gain access to your account. That means everything tied to your email is compromised (bank accounts, FB, more).

Do not choose easy passwords, nothing dictionary based. The more important the account the better the PW should be. Do not make your email the same as any other PW.

Yeah I know... Found a trojan on the virus scan. Must be from when I downloaded xpadder last week since I only use this PC for gaming and paying bills. Time to secure everything

Turelus

If you submit a support ticket they will be able to see exactly where the gold went. Head over to support page here:https://help.elderscrollsonline.com/app

It's also worth changing all your passwords on emails and anything you have a password which you shared with ESO. The game has two factor authentication which requires access to an email if logging in from a new machine/IP.

Make sure whichever email you're using also has two factor authentication turned on so people can't log into that easily.

Mrtoobyy

witchdoctor wrote: »

Seems they hacked more then just your game info, they'd need email too.

Did you 'lend' your account?

Other than reporting it, there is nothing going to happen on the forums.

Nope. I am a "lonely" ESO player so I havent and I wouldnt let someone else use my account.

SaintSubwayy

"Hacked" seems quite an overreaction.

as in most IT problems, they culprit is in front of the Display.

You either have given away your Accountinformations to other ppl (to play while youre on holidays or so)
OR your computer got completle cracked open by someone, if thats more likely, then all your Securitymeasurements are either super bad, or non existent at all.

You'd need to probably completly stomp the Computer back onto factory settings, and renstall everything. Change all logindatas you've used on the PC, Mails, Website, Ebanking etc.

You can ask ZOS Support to restore your 300k Gold, if they can proove that it hase been transfered away from your account. But changes arent very high tbh.

Turelus

Mrtoobyy wrote: »

witchdoctor wrote: »

Seems they hacked more then just your game info, they'd need email too.

Did you 'lend' your account?

Other than reporting it, there is nothing going to happen on the forums.

Nope. I am a "lonely" ESO player so I havent and I wouldnt let someone else use my account.

It's possible that some passwords you used have been exposed in a data leak elsewhere which is why it's worth changing them all.

Also (and not saying you have) be aware that it's a common tactic for RMT websites to hack their customers after sales. I have a friend who's done RMT in the past (I give them endless abuse for it) and after every transaction they saw attempts to access their account from new locations.

Mrtoobyy

Turelus wrote: »

Mrtoobyy wrote: »

witchdoctor wrote: »

Seems they hacked more then just your game info, they'd need email too.

Did you 'lend' your account?

Other than reporting it, there is nothing going to happen on the forums.

Nope. I am a "lonely" ESO player so I havent and I wouldnt let someone else use my account.

It's possible that some passwords you used have been exposed in a data leak elsewhere which is why it's worth changing them all.

Also (and not saying you have) be aware that it's a common tactic for RMT websites to hack their customers after sales. I have a friend who's done RMT in the past (I give them endless abuse for it) and after every transaction they saw attempts to access their account from new locations.

I had no Idea you could even do this. I'm a really simple guy, I go to work and hang out with my girlfriend, play games and renovate my house. Apparently my security on the computer was really weak.

Spacegato

Use Two-Factor Authentication for your Hotmail and never use the same password twice.
I hope you can get your gold back from ZOS.

Universe

Two-Factor authentication is a must-have in today's digital world.
Best of luck with your issue!

Karmanorway

Mrtoobyy wrote: »

Hi.
I tried to login to the game today but it says my password/account name was wrong. My fears were real... My account has been hacked, I can see in my hotmail removed objects there were mails regarding password change etc on Saturday March 29th. Everything seems ok on the account EXCEPT all of my in game gold are gone? I had like 300 k before and now I have 21. Is there any way to get this gold back? Can one see to wich player this in game gold has been transferred to? And is there more ways to ensure account safety then just the secret question?

that sucks mate if u are on EU we can go and farm some telvar later tonight , you will make that amount back easy

JinMori

Some time ago, there was one of the worst leaks in the history of the internet, something like 2 billion account pass were leaked, i suggest that if you didn;t change your email password in the last few months, do it, immediately.

pauli133

You can run your email addresses through https://haveibeenpwned.com and see if you've been caught up in any of the many dumps over the past few years. Chances are, you have.

(for a while, I had daily emails about people trying to get into my Epic account. Silly buggers.)

idk

Mrtoobyy wrote: »

idk wrote: »

^^^

And take note they sugget changing passwords for every web service you use. Your email as likely hacked (had to happen) for someone to gain access to your account. That means everything tied to your email is compromised (bank accounts, FB, more).

Do not choose easy passwords, nothing dictionary based. The more important the account the better the PW should be. Do not make your email the same as any other PW.

Yeah I know... Found a trojan on the virus scan. Must be from when I downloaded xpadder last week since I only use this PC for gaming and paying bills. Time to secure everything

That is even worse as they probably key logged all your logins. Good security software, updated, is a must. Not suggesting you did not have it.

Mrtoobyy

Spacegato wrote: »

Use Two-Factor Authentication for your Hotmail and never use the same password twice.
I hope you can get your gold back from ZOS.

Thanks alot! I hope so too.

Universe wrote: »

Two-Factor authentication is a must-have in today's digital world.
Best of luck with your issue!

Thanks mate! I have taken your advice and enabled it.

Defilted

That sucks OP. Hope you get some sort of resolution.

nine9six

No way. Email is a valid 2-factor method.

/s

starkerealm

nine9six wrote: »

No way. Email is a valid 2-factor method.

/s

Assuming you practice some basic system hygiene, and don't just use, "parabellum," as your password everywhere? Yeah, kinda.

More secure than using your cell phone, given how badly most US carriers botch resisting basic social engineering attacks. Call in with just enough info and they'll happily walk some stranger through how to switch your phone over to a new handset.

Granted, that's more of an issue with targeted attacks, so they're not going to be looking for your MMO accounts, but still.

nine9six

I hack your email.

I request a new PW with the email address.

I use the new PW to log in to said account.

I use the email account to supply the "2-factor code".

Profit.



Or...



We could use Google Authenticator or something of the like that's on a smartphone.

"But I lost my phone!" - Well, you save your 1-time use keys and log in, disable 2-factor and set everything back up on your new device when you get it.



Which of those sounds more likely to be compromised?

Obligatory: none of my passwords are the same and are all 25-digits or longer. Upper, Lower, Special, etc.

Hostee

Brah quit looking at pr0nhub

SilentRaven1972

There is a program that can manage and generate passwords called lastpass.

starkerealm

nine9six wrote: »

I hack your email.

I request a new PW with the email address.

I use the new PW to log in to said account.

I use the email account to supply the "2-factor code".

Profit.



Or...



We could use Google Authenticator or something of the like that's on a smartphone.

"But I lost my phone!" - Well, you save your 1-time use keys and log in, disable 2-factor and set everything back up on your new device when you get it.



Which of those sounds more likely to be compromised?

Obligatory: none of my passwords are the same and are all 25-digits or longer. Upper, Lower, Special, etc.

Someone calls up T-Mobile, "help, I'm @nine9six, and I lost my password. But, I remember this long collection of easily accessible public data that makes it sound like I'm me." "How can we help you?" "I've lost my phone, and I need to program this sim card to be my new phone." "Not a problem."

The real @nine9six, wakes up and discovers that their google authenticator has been reassigned to a new device.

The worst part is, this shouldn't work. You're in a customer support role, and some one calls in, starts spouting off information, that matches your records, that does not mean you can trust that the person on the other end of the line is the real customer. And yet, way too many CS reps will accept that info as authentication, and won't even fully verify the client. It's a mess, but I guess when you're only hiring the best that $11.50 an hour can buy, what can you expect?

Dunning_Kruger

Mrtoobyy wrote: »

Hi.
I tried to login to the game today but it says my password/account name was wrong. My fears were real... My account has been hacked, I can see in my hotmail removed objects there were mails regarding password change etc on Saturday March 29th. Everything seems ok on the account EXCEPT all of my in game gold are gone? I had like 300 k before and now I have 21. Is there any way to get this gold back? Can one see to wich player this in game gold has been transferred to? And is there more ways to ensure account safety then just the secret question?

Damn this happen on steam version per Chance?

starkerealm

Well, I'm torn. On one hand, I love your name, @Dunning_Kruger, on the other I can no longer use the phrase, "the toad licking end of the Dunning-Kruger spectrum," on these boards. Damn.

Jayman1000

Mrtoobyy wrote: »

Hi.
I tried to login to the game today but it says my password/account name was wrong. My fears were real... My account has been hacked, I can see in my hotmail removed objects there were mails regarding password change etc on Saturday March 29th. Everything seems ok on the account EXCEPT all of my in game gold are gone? I had like 300 k before and now I have 21. Is there any way to get this gold back? Can one see to wich player this in game gold has been transferred to? And is there more ways to ensure account safety then just the secret question?

To hack an eso account and change the password the hacker would need four things:

1. The account user id. This can be obtained in game.
2. Your actual password. If it is a compromised password, for example one that you have also used on other services that had a databreach and passwords and accounts stolen or if it's a commonly used password (for example "123456789" or "password" etc) then that's how they the hacker can guess it. This is probably the most common way hackers guess passwords.
3. Knowledge of and access to the email you have registered with zos so that they can obtain the one time code that is sent when they guess your password and tries to login (unless they are actually using YOUR pc to login from, because then obviously a one time code wont be needed. But that would require them to have access to your actual pc).
4. Your security question (to change the password). Again if the secret answer is something common like favourite tv-show: simpsons or similar, then that could possibly be how they also guess your security question.

It baffles me somewhat how they can guess all these information though. You sure you didn't share your login information with someone? Did others have access to your pc? Did you share your account with anyone? Are you using the same password for your ESO account as you do for your email that you have registered for the eso account? Is your eso account id the same as you mail (for example @MyAccountID and MyAccountID@mail.com)? These types of unsafe practices is basically the only feasible ways a hacker would be able to obtain the needed information to hack your account, so I am thinking you must have done something like this. Or maybe your pc was infected with malwares and keyloggers, are you not using any proper security measures programs to protect your pc?

Cpt_Teemo

Also be sure to have atleast one anti virus program and also a malware scanner as well for backup scanning

nine9six

starkerealm wrote: »

nine9six wrote: »

I hack your email.

I request a new PW with the email address.

I use the new PW to log in to said account.

I use the email account to supply the "2-factor code".

Profit.



Or...



We could use Google Authenticator or something of the like that's on a smartphone.

"But I lost my phone!" - Well, you save your 1-time use keys and log in, disable 2-factor and set everything back up on your new device when you get it.



Which of those sounds more likely to be compromised?

Obligatory: none of my passwords are the same and are all 25-digits or longer. Upper, Lower, Special, etc.

Someone calls up T-Mobile, "help, I'm @nine9six, and I lost my password. But, I remember this long collection of easily accessible public data that makes it sound like I'm me." "How can we help you?" "I've lost my phone, and I need to program this sim card to be my new phone." "Not a problem."

The real @nine9six, wakes up and discovers that their google authenticator has been reassigned to a new device.

The worst part is, this shouldn't work. You're in a customer support role, and someone calls in, starts spouting off information, that matches your records, that does not mean you can trust that the person on the other end of the line is the real customer. And yet, way too many CS reps will accept that info as authentication, and won't even fully verify the client. It's a mess, but I guess when you're only hiring the best that $11.50 an hour can buy, what can you expect?

That didn't answer my question of which of the previous scenarios is most likely.


Secondly, any real 2-factor Auth App is tied to the device. You can program a new device but it won't have the 2-factor app on it. So you're back at square one with no access to the account. The original device is still associated with the account, not the new device that doesn't have the App on it.

I said App. I requested the use of an App. I never said 'use SMS to send 2-factor requests'. That's no better than the email system we have in place, which doesn't work very well since email accounts can easily be compromised.

All I'm asking for is a better 2-factor system than what we have, which would better serve everyone. But anytime I bring it up I catch flak from the same people that'd be the benefactors of an improved system.

Other game support centers got tired of the volume of "hacked account tickets" and implemented a proper 2-factor system. Some even incentivize using it with in-game goodies to cut-back on the volume of support tickets.

Posting this now before the Mods close this thread and I can't reply...which happens in every thread we have about this...while I'm typing a response.