TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

It is on the end user to protect the account. Not the dev. If ZOS started refunding stolen items that could be exploited pretty easily. So the current model for handling hacked accounts seems reasonable.

Yeah its odd for an online game company not to care about this, I think every online game company should keep a backup of your account and be able to restore it anytime you want.

Dragath wrote: »

Slick_007 wrote: »

martinhpb16_ESO wrote: »

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

unless its changed, thats not correct. friend of mine was hacked while we were playing WOW. i even tried to get GM attention as my friend was logged in while he was at work, and he wasnt responding. i rang his home looking for him to ask him how come he was at home and was told nope, hes not here. GMs told me nothing they can do about it at the time even with a live hacked report.
fairly sure he did not have all items restored. they did not tell him how his account was hacked either. and you saying they CAN tell you means you made this up. How the hell would blizzard know that someone hacked your email for instance and got your password from that. (yes, people use the same passwords)

Hi ZOS, i sent all my stuff to my friends account, err, got hacked. can i have my account restored please.

can tell you from personal experience:
one of my twink accounts, which didnt have good pw, because i didnt really care, was hacked in wow. totally my own fault. got everything back from blizzard. gold and items per mail. gm also told me the account was used by a gold seller to advertise. happened during wotlk.

WotLK was the height of customer service in WoW. Things went downhill ever since.

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Or installing cheat engines, other unsupported third party applications, or even obscure addons.

TheMaster wrote: »

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these viruses and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

Yeah or if anyone did even get hacked as well, I've heard people making fake hacked posts just to get back at the companies for some odd reason.

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

Very often, it is their own fault.
Shady websites
Using the same PWs
No extra authentication (not just ZoS 2step auth)

notimetocare wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

Ahh so when people are hacked they deserve it? They were just asking for it to happen because of their own negligence? They deserve everything they get? We have no way of knowing how accounts get hacked unless Zenimax tell you.

I read on forums that In WOW when an account is hacked, Blizzard get back to you within hours, restore all your items and tell you how your account was hacked. In LOTRO they also restore all your items.

There are threads about how accounts get hacked. I cant answer that for you.

https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1

This thread is about Zenimax policy on hacked accounts.

Very often, it is their own fault.
Shady websites
Using the same PWs
No extra authentication (not just ZoS 2step auth)

So when a crime is committed its the victims fault. That argument failed in law hundreds of years ago.

TheMaster wrote: »

Johnfred24 wrote: »

TheMaster wrote: »

martinhpb16_ESO wrote: »

Asardes wrote: »

How do people get their accounts hacked? For example if I try to login the game account from another address - I sometimes log on the web site from work - I get a prompt to input the code received in mail. If someone had their game account hacked then almost surely the also had their mail hacked. Which is their own fault.

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

you have no information on how accounts are hacked, just making assumptions. Read some of the other threads and you will see it is more common than you think.

As far as how someone could’ve gotten into an individual ESO account without getting the person’s private info, no I don’t. I thought I made that clear in my post. Problem is, clearly you don’t either since you have yet to tell me how this could’ve happened. If dude just gave out his password like an idiot, I’m really not all that concerned. The concept of “natural selection” can loosely apply here.

What you are writing here is plain stupid. Apparently multiple people from the Czech Republic got hacked. And just because you can't understand how somebody would hack into an account you assume that all of them handed there password to strangers... Yeah sure total legit explanation.

There is no perfect security system for online servers, hackers have been able to get into better securities of bigger corporations with much more money on the line. To say "I don't understand how they would do it, so it doesn't happen" is just very ignorant

Except that’s not what I said. I said I didn’t know, but if that’s what happened, there is no problem to be solved here. There is no cure for stupidity and people need to stop looking for one. The OP has intentionally given no details on how their friend got hacked, which is what leads me to believe that’s all this is. Hackers don’t target security and then only get into a few accounts. They especially don’t do it just so they can take one guy’s gold and materials. They don’t give a *** about that; that’s a waste of time and effort. They’re after credit cards. If there was a point where they’d breached security, we’d all know about it.

Cpt_Teemo wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

You do realize websites have worms, viruses, malware and such like that steal information even if you have a virus program?

Again, that’s a complete waste of time and highly unlikely. Those guys lure people into these malicious sites and don’t care about people’s fake MMO currency. Still, I suppose it can’t be entirely ruled out. Though the OP still hasn’t said how this person got hacked, which contrary to his belief, is important when trying to get a company to change a longstanding, terrible policy. If this was in any way a result of the person’s own actions, wittingly or unwittingly, he may as well just forget it.

I know first hand of a few MMO's where mass hacking and countless phishing sites have been made and numerous server breaches. You know why? Because of black item market. MU Online comes to mind - one of the oldest running MMOs in existence. It's black market is more live than in-game market. Because some items are so rare to get, require ludicrous amounts of grind and RnG it can't be sold with in-game currencies. There simply is not enough space to store nor safely trade the sheer volume of currency some of those items cost. And those items have price in thousands, sometimes dozens of thousands of Dollars/Euros. I myself got my hand on an item once that was so rare I was offered 10k dollars for it.

There is a real and tangible benefit for mass account hacks and phishing in such games and is very rampant because it translates to lots of $$$ irl. Not far off from hacking a bank, but with much less severe repercussions.
Same can be done here. Though to a much lesser extent (one of reasons BoP/E system exists in a MMO) but hack or phish some info from a few well established accounts yet not too many as not to start a mass panic.
You have enough in-game goods to sell on in black market and gold seller websites to get yourself some nice can of beer (metaphorically speaking). Sure it doesn't compare to hacking a bank, but neither does it hold the same reprecussions - for a decent hacker with some spare time on his hands and as a way to fight boredom it's an easy way to get some pocket change relatively safely. At the worst he will get found out and those accounts banned/removed - no big loss as opposed to a jail sentence.

Not all hackers go all-in and hack only the Pentagon or to obtain credit cards.. Many just choose a easy and safe way to make a living or some side-income. And there is no better or easier way than doing it in a game.

How to get hacked:

1. Don't set up multi step verification
2. Give out your password to other players
3. Download a keylogger on your computer

Cpt_Teemo wrote: »

MLGProPlayer wrote: »

How to get hacked:

1. Don't set up multi step verification
2. Give out your password to other players
3. Download a keylogger on your computer

You forgot #0

0. Watch *** with no anti virus program

That's how #3 happens.

LegendaryMage wrote: »

Tavore1138 wrote: »

LegendaryMage wrote: »

If someone's going to take over your account, first they need to know which email address you use with that account. Then they need to break into that email account, and then on top of that, they need to break into your game account that probably has a different password as well.

So we're talking 2 password cracks and you must know the email address in the first place, which won't be easy if you don't go around and tell everyone about it all the time.

Use a different email for your ESO account, and a different password. If you get compromised, someone was very good at phishing and you fell for it.

edit; Zeni's policy is not good either, incredible that they don't want to help with this.

To be fair they only need your account access details - half of which is freely visible to everyone in the game. if they have those they can access you account and alter the email address to which the confirmation for a new IP: access is sent.

So really they just need to crack a password which given the average level of complexity many people use is probably just a numbers game - and even then we are assuming that ZoS have no security leaks either human or electronic at their end. It is not at all unusual for this sort of breach to be a disgruntled employee sharing details of accounts for cash.

What do you mean change the email of the account before you enter the access code? Access code comes first.

It doesn't have to be - if you have the username/password combo rather than logging into the game itself and triggering an account code to an email you can't access you instead log into the account management page, change the password there and only then try to log into the game once you have changed it to a friendly mail you can see. Obviously you still have to get another piece of info to answer the security query but it's potentially a lot more fish-able than an email account and password combo.

My wife and I had noticed a recent flurry of threads on people being hacked so we both went and reset ours in case it was something like an employee who left and took a stack of account info with them because whichever route you choose to hack in it's a lot of pieces of info to acquire just to get into a game account.