So My acc was hacked...

failkiwib16_ESO

Whenever I log on with my female character, I get more often friend-requests and guild-membership requests from strange nicks. I think ESO should drop the 30 day or prohibit people from power leveling during the first 3-4 days of the game. That may put an end to all that spam and hacking in this game.

I've had around 6-7 emails offering me ingame gold in return for 109usd (what an imperial edition costs in Denmark). These people are probably trying to collect money to buy more accounts, and then start to gain profit in it. The spammers also contact my characters to trade gold

I wonder if the hackers are the same people as those who spam gold, to me it seems logical, since they're the ones who gain most from other peoples accounts.

Myxril

Every response from ZOS in regards to this issue I'm having has literally referred to my bank/inv issue. They keep saying it's a known issue, and that players who lost bank slots shouldn't buy more. Blahblahblah.

The thing is, I didn't lose bank slots. I didn't state I lost bank slots. I was outright accessed and cleaned out. But they insist on telling me my loss of bank slots is being worked on and all of my stuff will be replaced in an upcoming patch.

Do these *** actually read what's submitted to them? 3.5 days now and I'm still broke, with no potions or materials of any kind (aside from what I gathered while getting skyshards).

I didn't realize that this 'missing bank slot issue' involved not losing bank slots, but, instead, losing all of your runes, ingredients, gold and CE items (as well as gold from mail for item sales). Not to forget the emails telling me my account was accessed from a new IP when this occurred.
Yeah, that _is_ a huge 'missing bank slot issue' right there.

Bansheedragon

casselna_ESO wrote: »

Before I had to authenticate my computer, I was once hacked too. Luckily, I was online and was booted out because: "Someone else has logged into this account from a different computer."

I quickly relogged in, which I hope booted them out. Then I went to the website and quickly changed my password. Shortly after that, I had to authenticate my computer, which I assume is due to people hacking into accounts. It was the first time I have EVER been hacked, ever, and I have used the same password for many a games in the past. Games notorious for being hacked and hacked often. I was never hacked, not once.

Also, I never ever have gone to suspect websites, I do not, nor will ever buy gold.

This is the first time, which tells me that their servers are not as secure as they would like. I still play and I have had no further attempts since I changed my password.

Still, this is disconcerting.

The text I put it bold here, that is the cause of your problem right there.
Never, ever, ever use the same password.

Dont matter if you didnt visit any suspect sites or not, they could have hacked your account in a game you no longer play and you would not know it.
Or if you use that same password on other websites you visit regularly, it could be any website dont have to be a suspect site, they could have hacked the database there and gotten your password that way
They would then try to use that password on other games to see if they could get a match, which they did here.

I'm sorry to say this, but this is your fault and yours alone, nobody else.
Change the password to something thats easy to remember but hard to guess or brute force.
I know the truth can hurt sometimes, so please dont hate me or get angry at me for saying it, because I'm doing it to help you.

If you have problems remembering or coming up with good passwords, then I recommend you try Lastpass.
It not only stores your passwords securely, but it can also generate passwords as well as auto fill login details or even auto login on websites.
I use it myself and I'm very satisfied with it.

Edit, one last thing I forgot.
Change the password on ALL the games you play, and use different passwords for each game, or you will soon see yourself losing all your game accounts.

Arawn

cstk wrote: »

Like in the topic, my acc was hacked today. I managed to retake it using secret password. But hey, all of my gold is gone. My items not bound are gone. Well... yeah, that sucked. Too bad I did not take a screenshot of the guy in my contacts, who I DID NOT have yesterday. I bet he was the one responsible of that hack. Jeeez. Anybody had similiar issue since ESO launch? Or am I the only one?

Uhm the guy in the list is normally the one that has ya gold. Report that situation.

wean

I dont feel very secure logging into ESO right now. All you have to do is send a mail and type @ and it start autopopulating names as you type with a dropdown. A username to login with is already half the battle for these hackers. Please add the idea of authenticators to ESO as is already in a few MMO's already.

Odditorium

Get KeePass. ESO has a 200 character limit. I use it to it's full capacity and change it every few days.

raglau

Same here but I use Lastpass. Random long complex password changed every few days.

WarlordsOfMarsub17_ESO wrote: »

Get KeePass. ESO has a 200 character limit. I use it to it's full capacity and change it every few days.

Arawn

WarlordsOfMarsub17_ESO wrote: »

Get KeePass. ESO has a 200 character limit. I use it to it's full capacity and change it every few days.

Uhh you remember 200 character? o.O
*Gosh* that's gonna be a long log in.

Socratic

Sakiri wrote: »

Socratic wrote: »

Using the same password with other games, or using it on other non official forums isn't a bright idea. Different password for everything, try different usernames, get a pad and write them down.

Ex father in law worked for IBM.

Finding out you wrote your password down anywhere was grounds for firing.

I don't write any of mine down anywhere. It's a terrible idea. Especially when you have scenarios like siblings and parents that can and/or will get into your stuff.

Like said roommate's mother. If she had his passwords when he was still living at home you can bet your butt she'd have cleaned him out to get him to quit WoW because "just put it on pause and come do this" didn't work.

I suppose so but I live by myself in a studio flat with my fridge behind me and a magnet holding a piece of paper with some passwords on it :P

VYMM

The main problem that nicks of friends in list are GAME LOGINS!
It meant that your friend @*** got login "***". And if he has pretty simple password its just a question of luck and time. Another epic fail from ZOS. What a FAIL company.../facepalm

Myxril

Bansheedragon wrote: »

casselna_ESO wrote: »

.... and I have used the same password for many a games in the past. Games notorious for being hacked and hacked often. I was never hacked, not once.
......

The text I put it bold here, that is the cause of your problem right there.
Never, ever, ever use the same password. ......

I can't help but notice the massive assumption here; you're assuming that his UserID here is the same as any of the other games he's played that he's referring to, let alone email address.

If he's been using different usernames in the past then it would be nearly impossible to guess that his current UserID is linked to any of them. And if he's using the same account email for ESO as he used for previous games, there's no way to directly link said games to the ESO account via knowing the email address.
So, basically, unless he's been using the same username or had his email hacked, everything you said is generic default advice, and not an actual diagnosis provided by an internet phd.

7788b14_ESO

There is/was a bug going around that players would log into their account only to find themselves on someone else's account. It was in the lost my bank inventory thread. I bet that's what happened to you. So no ip/computer check. It was also happening in beta if I recall correctly.

7788b14_ESO

wean wrote: »

I dont feel very secure logging into ESO right now. All you have to do is send a mail and type @ and it start autopopulating names as you type with a dropdown. A username to login with is already half the battle for these hackers. Please add the idea of authenticators to ESO as is already in a few MMO's already.

Ah, that's how gold sellers message and email me!

Lone_Wanderer

Your account security is much more likely to get compromised through forums such as this one than through the game itself. For this reason you should use different passwords, and dont make them too obvious (eg: praisetalos).

Then again you might have been affected by one of the major bugs that occurred after a recent maintenance. People reported losing most their items, skill points, etc.

Soren

this is what happens when your login name is shared with the whole of the gaming world.... hackers already have half the puzzle by looking at @names.

@names seriously need to be changed to character names or some sort of 2 step authentication enabled

Valethar

Rapscallion74 wrote: »

Kortak wrote: »

strange...because if they access your account from diff IP they have to enter a code

Was just going to say that as well. Not only did they guess his password, but they spoofed his IP? Sounds a little fishy.

If they had access to his email, they wouldn't need to spoof anything. All they would have to do is log into the game, wait for it to send the authentication email for the new machine, grab that from his mail )then delete it to cover their tracks) and they're in.

It's always a bad idea to use the same credentials for a game as you use for your email. I'm not saying that this is the case here, but it is a possibility.

wrlifeboil

squicker wrote: »

Same here but I use Lastpass. Random long complex password changed every few days.

WarlordsOfMarsub17_ESO wrote: »

Get KeePass. ESO has a 200 character limit. I use it to it's full capacity and change it every few days.

If you are willing to put up with the inconvenience of an authenticator and are using Google or Outlook/Hotmail/Live.com, attach the Google authenticator to the account using the smartphone app. You could attach it to your Lastpass account too.

I got slightly paranoid when I looked my email login history and saw failed logins from China for my other account. So I'm willing to put up with the minor inconvenience of an authenticator.

wrlifeboil

Valethar wrote: »

Rapscallion74 wrote: »

Kortak wrote: »

strange...because if they access your account from diff IP they have to enter a code

Was just going to say that as well. Not only did they guess his password, but they spoofed his IP? Sounds a little fishy.

If they had access to his email, they wouldn't need to spoof anything. All they would have to do is log into the game, wait for it to send the authentication email for the new machine, grab that from his mail )then delete it to cover their tracks) and they're in.

It's always a bad idea to use the same credentials for a game as you use for your email. I'm not saying that this is the case here, but it is a possibility.

If OP is using a half decent email provider, he should be able to check the recent login history of his email account.

Moobs

Considering its so easy to find out another players login name, and the access code apparently has a workaround, I'm not surprised this happened.

Sakiri

YourNameHere wrote: »

There has been a strange rash of random friend and group invites. I ignore them all and urge people to do so as well.

And don't think you can't be hacked through it. Happened to my sister in WoW. She got a random tell in game and answered. She was hacked literally a minute later and lost everything. I don't think it was a coincidence.

I think I shall make my PW a bit longer and stronger.

Also I encourage people to NOT keep themeselves logged into their account page (you know when you log into the main site, you enter your Username and PW? Unclick the save info thing.) Don't be surprised if sniffers get your stuff through there.

My forum and game login are two different passwords.

Ive already gotten password reset request emails.

Sakiri

7788b14_ESO wrote: »

wean wrote: »

I dont feel very secure logging into ESO right now. All you have to do is send a mail and type @ and it start autopopulating names as you type with a dropdown. A username to login with is already half the battle for these hackers. Please add the idea of authenticators to ESO as is already in a few MMO's already.

Ah, that's how gold sellers message and email me!

They mostly get people that talk in /zone.

kittybockub17_ESO

ijRoberts wrote: »

Putok wrote: »

I'm pretty sure the, "IP check" is not actually an IP check, but rather a computer check.

This hasn't been the case for me. I only have one computer I play this on and I've been asked twice now to verify my account.

My hubby and I have been asked repeatedly to verify ours...I thought it was a Uverse issue, then noticed that when the Router was reset (we had storms) and we DID get a new IP yesterday, we DID NOT get this email. Over the weekend, there was an occasion where I had received and he did not, etc...yet neither PC had restarted, nor had I reset the router...unless the lease had expired on the IP arbitrarily (and i hope they are not that picky) is someone mimicking the email validation? Just a thought....

m2super_ESO

No reason in this day and age an MMO does not launch with token support either through a hard token or iphone/android app to help further secure an account.

asuitandtyb14_ESO

Did you buy gold? Be honest...

imalwayswishing

i have had an issue where my account has been hacked and completely seized from me and i am unable to obtain it.

customer support are being very slow in resolving it which is a real shame as my trust and respect for Zeni is wavering and is now walking a thin line. The game has so much potential, however there are gaps in the security which leads to sensitive information falling into the hands of gold sellers and hackers which if isn't resolved could kill the game. (im not factoring in the numerous amounts of bugs, as i personally find these as bearable.)

VYMM

I was really shocked when realized that ingame friend name @john, for example, is account LOGIN! Epic security fail. Absolutely unacceptable moment for MMORPG. ZOS seems just team of amatures...