Account Hack?!?
#1
Wed, 08/29/2012 - 07:52
Account Hack?!?
I got an email this morning that someone requested a password reset. Don't know if anyone else got this, but I was surprised that this early in the game people are trying to hack. I wasn't even on yesterday, so I'm not sure if it was someone with a similar email addy, or what that was trying to get in. I logged in this morning to make sure everything was kosher, and it was. Not like I have any really cool items or anything, i'm still just a lvl 12!
Has anyone else gotten this yet?
I received one yesterday.....no biggie as long as you don't click to actually make the change in the e-mail. It is suprising that it is happening this early!!!
Sorry guys, I'm just trying to steal your loot.
Good luck on that one, i think i have some green goo for you. That also may be some white goo, but i'm not really looking
It's probably not a real email anyway. More then likely just a phishing email trying to get you to click. Basically don't ever answer any email sent that says arena net or guildwars2 on it. Only make changes directly through the site. Hopefully they come out with an authenticator sooner then later.
Check this out fish...
https://twitter.com/GuildWars2/status/240766357006868482
cool, yea, I get a ton of these for other accounts, and i normally go to the source, and don't clicky linky. Good to know, thanks for the twitter feed, i guess it's good for something! ;) I still won't sign up for one tho.
I hear you. I will say, twitter does allow a direct feed to devs, companies and more importantly me. Not nearly as bad as face book. There you have to get to know lala on a personal level; and that's far worse then any twitter account.
One of the things that makes this different from other games is Anet's lax security. If you attempt to change your pw with your email address, it will tell you upfront that either a)an email has been dispatched, or b)there is no account. From what I've been reading, bots have been hammering anet's site with email addresses. If the address kicks back that an email has been sent, then the hacker has your username and then can brute force their way in. Anet really needs to add another layer of security. This is a pretty serious issue, and once they know that your account name is legit, they probabably are already working on brute forcing their way in. If I got one of those emails, I would really think about beefing up my password until Anet does something. There's quite a few posts on reddit about this. http://www.reddit.com/r/Guildwars2/comments/z0nl4/something_needs_to_be_done_immediately_to_help/
Couldn't agree more. In this day and age you MUST have an authenticator for your MMO. Everyone uses it. Its even more insane when you realize that the gem store can store your CC data.... Boggles the mind.
Wow, so it apears that a 0-day hack in java has allowed a fuck ton of account to be hacked... Do yourselves a favor and change your password to something insanely long and completely different than any other password you use.
I changed mine to Doodilikesboys1. The capital D and the 1 make it complex.
When is the mobile authenticator coming out?
Gonna get on that as soon as I get home.
BTW, I'd also recommend running your Windows updates, Flash and Java.
As of yesterday, Anet disabled password recovery until they have more security in place.
I received two emails this morning and I don't even have the game.