I don't want to cross any lines here but my account was hacked, dealing with support was frustrating as always because of the wait and the lack information you receive BUT they did return my ADs and some stuff. The problem was I wasn't even sure I had been hacked just noticed that my ADs were about half of what I thought they were so I sent a ticket asking them to check , which they did and said my account had been accessed from someone/somewhere else but they were a little vague about what had actually happened. Plus I keep getting those one-time code notices and they won't address that either and I did NOT get one when my account was hacked
Now I'm only posting this because I could not get answers from support. I asked every which way I could think of and they just would not answer my specific questions and I reiterate they did take care of the problem.
I just want to know what happened? How did someone hack my account? NO ONE touches my laptop, NO ONE knows my password, very few people like 3 (my kids) know I play and they do not play. My puter is scanned regularly for viruses, trojans, keyloggers and other malware. I do NOT go to 3rd party sites, apps etc.
Sooo I guess my questions are How did they get access and can perfect world not log on and see what happened, like the history log of my account or something? I'm just feeling a little unsafe playing the game and looking for a little reassurance, support seems so swamped that they don't have the time for that which i completely understand.
if anyone knows thx for your help in advance
Nope never always from home on a secure network and I have NEVER had any account hacked and I am 54 yrs old. been on the internet since before it was the internet...remember bulletin boards or the imagination network then of course came AOL LOL
Nope never always from home on a secure network and I have NEVER had any account hacked and I am 54 yrs old. been on the internet since before it was the internet...remember bulletin boards or the imagination network then of course came AOL LOL
Heh. I was actually on it when it was the ArpaNet. :cool: (52 here).
Sounds like you're pretty secure.
No chance one of the kids borrowed it and did some web-browsing and Gateway had passwords filled by browser?
Some hackers can actually watch net-traffic in public wifis and "pose" as someone elses web-session.
And...Neverwinter/gateway password different from all other online passwords?
Never had laptop "in for service" anywhere?
Nothing else springs to mind.
Edit:
Oh -- support "said my account had been accessed from someone/somewhere else"
Not sure if they are allowed but you could ask if they have the IP address of "somewhere else"
...or at least maybe a city/country - that might give you something to go on.
spike0337Member, Neverwinter Beta UsersPosts: 2Arc User
edited June 2014
I'd like to know how they did it to.Do you know if your email account was hacked to?Because with out your email account they should never of been able to get into your neverwinter account.Isn't that what that one-time code is for ?As of getting the one-time code notices I get them ever time I clear me Internet cooks/history then log into gateway.
And umm i still have my old Aol account lmao.
0
yaaruMember, Neverwinter Beta UsersPosts: 10Arc User
edited June 2014
Just blurting out the obvious here, please don't be offended.
Is your password secure enough? Have you changed it to something even more secure since the hack took place? In that case, you should be secure.
Also, a secure wifi connection isn't 100% secure, you would be more safe with an ethernet cable instead of wifi.
0
berylgreenMember, Neverwinter Beta Users, Neverwinter Hero Users, Neverwinter Knight of the Feywild UsersPosts: 66
edited June 2014
My account was hacked during the last CTA. Major headache, and I lost progress, but Customer Support was great, and rolled my account back to before it was hacked. Unfortunately, it took 5-6 days, but I still have my characters, their gear and items, and currencies.
I only get emails about “new computer accessed” when I try to log into the Gateway from work. I have not received any odd ones. -_-
Because of this, I have changed all passwords, each is unique, and I now change my NW password, at least once per week. I have also cleaned out my Friends List, there are only people that I actually know in there. And I am declining all new Friend Requests, plus blocking those that I can tell are spammers. (GG---.com, etc. Do people really accept FRs from somebody who shows a website attached to their player account?)
I did not ask Support what happened, I can only figure that somebody was able to guess my password, or that there are data-miners along with bots in the game.
Just as an aside - I have a friend who had everything right. Unique password for only NW. He's been good for over a year. Then, when he downloaded ARC and it errored out on install (this was about 2 months ago) his account got hacked within the next 2 - 3 days. That password was only good for NW sign in and hadn't a problem until then.
It's rare for anyone to actually be hacked. In most cases the crooks get your info from other sources. Fan sites, guild sites, and game related forums are often targeted. It's much easier to break into those databases tables then the game itself. And it's shocking how many people will use the same login info in both places. Even partial info like having only your login name can be enough for a brute force attemp if your password isn't all that complex. With the way Email is tied to the game, it's best to protect yourself by keeping one Email account for the game only. Keep your normal Email account separate. Put nothing out there that can be help anyone use or identify your game account.
Not saying that this is what happened here. But folks really need to be aware of the sites they sign up to, and the various login creditials they use.
I've had several guild members have their accounts hacked - all say the same as you -- secure, no 3rd party stuff, never given out their login creds, etc.
Same thing happened with me, i installed <removed> and booya, 2 days later ALL my AD was gone. They had to roll me back.
The Legend of One-eyed Drin :NWS-DTS5YGGAQ
0
zebularMember, Neverwinter Moderator, NW M9 PlaytestPosts: 15,270Community Moderator
edited June 2014
When I had one of my accounts in UO stolen and then sold, EA Games gave me the address and phone number of the current person paying for the account and told me I would need to handle the rest through private legal means. So, it may not be out of PWE's realm to also give you legal information you're entitled to when someone violates your rights. I have no idea if PWE's privac policy or legal department has an allowance for such though, as each company is different. I was a UO Counselor Lord however, so that might have given me some weight dealing with EA support.
By the way, this was back in like 1999/2000 - my UO acount was stolen because I was sharing it with one of my two best friends. Without me knowing, he was also sharing his account and that account with his "online girlfriend" who in turn stole all his stuff from his account and sold my account to someone else. So, yeah... even if you think you can trust someone, you probably shouldn't.
Yeah, I'm old school too back when 7-10 bucks a month was all you needed to have the most fun you could have in an MMO.
Also, if you think you're secure on your Computer or Network... I'm sorry but you're wrong. No one is. Not anyone, anywhere - as much as you're assured by ISPs, Firewalls, etc. - the cold hard truth is: You're not.
I had a similar thing happen about a few months ago. Logged in to all of my AD and enchants being stripped from my toon. I too remember the good old days although I'm only 40. $6.95 an hour on the GEnie network, that's some MUD dedication right there. Anyway, customer service didn't provide me with details (I never expected them too) but had me rolled back inside of a few days so all in all I wasn't really disappointed. I had my year worth of grinding back minus a week or two of AD gain.
My account was hacked several months ago - they took ALL of my AD and gold from every toon I had! I, too, am very secure about my computer use - it is a hard-wired desktop that goes nowhere and has excellent firewall, etc.
The ONLY connection I could find was the fact that for the FIRST TIME EVER, I had recently traded with a stranger in-game for a Dragon Egg. That had occured about 5 days prior to the hack. I remember it taking the persno a while to finally trade with me (in hindsight, they may have been opening some sort of hacking software prior to the trade). When I logged on the day I was hacked, all of my toon were standing in Protector's Enclave next to the "town crier" guy. Maybe there is some glitch where people can hack in-game once a trade has been made? I have no idea, but maybe this will help someone.
myles08807 said, "Back in my day, we didn't have any of this fancy Mulhorand gear while we were leveling . . . we walked uphill both ways while dying once every five seconds while leveling, and we liked it fine!" . . . Now, get off my lawn, you kids!" pointsman said, "I don't rue the game. In fact I don't feel any regret for the game at all." looomis said, "I don't like people changing to alts and then bragging about their mains like schizophrenic role players."
0
zebularMember, Neverwinter Moderator, NW M9 PlaytestPosts: 15,270Community Moderator
edited June 2014
Moderator Notice: . . . Folks, please do not name companies or individuals as sources of malpractice. Such allegations are not legal in the U.S. (slander) and not allowed on these forums as we're based in the United States. Do no reply to this notice. Contact us by PM instead to discuss forum moderation. Thanks!
One question that I haven't seen answered is do you have one time code activated on your account?
I assume your NW password is not the same as your email password?
I also assume, you never received any emails notifying you of a new computer accessing the account?
Considering the fact that they are doing the rollback implies they found the unusual IP accessing the account. The all important question is, how can they access the account without tripping the new one time code. If they have a way around all that then ..... well it speaks for itself.
One question that I haven't seen answered is do you have one time code activated on your account?
I assume your NW password is not the same as your email password?
I also assume, you never received any emails notifying you of a new computer accessing the account?
Considering the fact that they are doing the rollback implies they found the unusual IP accessing the account. The all important question is, how can they access the account without tripping the new one time code. If they have a way around all that then ..... well it speaks for itself.
I have been wondering if account guard even works with the actual game accounts , it works for gateway every time I clean my computer I have to put in a new code to get back onto gateway but I never get asked to put in a new code to get back onto my game account ,if it is supposed to work like that it seems to be pointless.
Most stupid setup:
Being forced to have the same username/password in the web (browser for forum and gateway) and for the game client.
This is just insane, the browser is basically - even with NoScript, Cookiesafe etc. the easiest thing to attack.
So having the same password for the browser and the actual game client ... sorry, very, very insecure setup.
Alas, we are forced to this setup.
Imaginary Friends are the best friends you can have!
One question that I haven't seen answered is do you have one time code activated on your account?
I assume your NW password is not the same as your email password?
I also assume, you never received any emails notifying you of a new computer accessing the account?
Considering the fact that they are doing the rollback implies they found the unusual IP accessing the account. The all important question is, how can they access the account without tripping the new one time code. If they have a way around all that then ..... well it speaks for itself.
I still think there is some sort of in-game method that works with the player trade process - maybe in conjunction with some hacking software. Why else would all of my hacked toons be standing in the exact same spot in Protector's Enclave and the hacking event only happened after the ONLY time I ever traded with anyone in the game?
myles08807 said, "Back in my day, we didn't have any of this fancy Mulhorand gear while we were leveling . . . we walked uphill both ways while dying once every five seconds while leveling, and we liked it fine!" . . . Now, get off my lawn, you kids!" pointsman said, "I don't rue the game. In fact I don't feel any regret for the game at all." looomis said, "I don't like people changing to alts and then bragging about their mains like schizophrenic role players."
0
beckylunaticMember, NW M9 PlaytestPosts: 14,231Arc User
I still think there is some sort of in-game method that works with the player trade process - maybe in conjunction with some hacking software. Why else would all of my hacked toons be standing in the exact same spot in Protector's Enclave
Because that's where the hacker left them. Other people who get hacked report that they were left at a mailbox, or were right where they left themselves, or whatever.
YES Account Guard (one-time code) works for Game Logins also, it always has for me years ago when they first introduced it I was playing Star Trek and I also just rebuilt my computer from scratch again on Tuesday and had to go back to the Best Microsoft ever did: Windows XP - and sure enough: It prompted me for the code before even the brightness preference would show.
@OP you can work with support all you want to make attempt at missing AD return, but unless you've done it already: I'd change my password real fast. Like this very moment. Sure, chances are low that it is compromised, but is that a chance you're willing to take?
If I see anything ever in any of my accounts that doesn't look right (AD Balance is not what I remember, for example) the first thing I do is change my password. THEN, after that, I'll investigate further. Changing password is so easy a thing to do. And if you don't and you're wrong then you actually lose total control over your entire account.
So I reiterate: is that a risk worth taking for you?
nope no one touches this but me, never been in for service, never been out of the house (cept when I brought it home) password is unique to all other accounts. ALTHOUGH I did find out why I get those one-time code things, my isp changes my IP address from time to time as it is a dynamic address
see my question is , if they got my password why didn't they hit my other toons and get the other real valuable stuff, like some companions that were not bound yet? they could have been sold for a large amount of AD's. I mean I'm still not sure I was hacked. I told them I might have spent those ADs and maybe accidentally deleted my stack of altars thinking it was just a stack overflowed from my 99 stack. Nothing else I could tell was gone and they didn't roll me back they just gave me the ADs which was nice of them. I just asked them to SEE if it had been hacked and they never really said it had been just that it had been accessed from another computer but that may have just been my ISP changing my IP but still a little odd that I did not get a one time code notice on that, but what can you do I do everything they reccommend and more to stay secure so all good I guess
while we have security suggestions listed here in the forums and PWE has some of their own in the knowledge base, account security is entirely your responsibility. yes, getting your account stolen does suck but there are some basics that you can do to lower the risks of it happening to you.
use a different email address for gaming that you don't use anywhere else.
use unique passwords and change your passwords often. one of the biggest mistakes people make is using the same password for all of their secure accounts online. that's just a terrible idea. also, don't use obvious things like your name, your birthdate, parts of your address or your phone number, your kids names, your wife/girlfriend's name, etc.
if your games use extra security features, utilize them. don't disable them because they seem like a nuisance. account guard does work, but if your email password is the same as your account password, it sort of defeats the purpose.
don't visit questionable websites. this includes gold seller sites. if they have no respect for a game's terms of service, what makes you think you can trust them with anything else? do not ever enter your account information in any site or for any prompt that pops up asking for your account login. this goes for email links, email in general and random pop ups no matter what site you're on. there is no function on any PWE site that asks you to re-enter your account information for a re-connect or that you've lost connection. be mindful of such things.
also, kids will be kids. if your laptop isn't secure with a password to lock them out, they might get a little curious or might get a little bold with your computer. anything is possible as far as security is concerned. but to be honest, i doubt you're going to find the answer as to what happened here. check your internet history logs. check the event viewer. if you don't know how to get into those logs, look online or get a professional to help you. support can determine when and where the incident happened. that likely determines what actions they take from that point.
Comments
Ever logged into Neverwinter OR Gateway from a public wifi spot?
Is your home wifi totally secure?
Encounter Matrix | Advanced Foundry Topics
Heh. I was actually on it when it was the ArpaNet. :cool: (52 here).
Sounds like you're pretty secure.
No chance one of the kids borrowed it and did some web-browsing and Gateway had passwords filled by browser?
Some hackers can actually watch net-traffic in public wifis and "pose" as someone elses web-session.
And...Neverwinter/gateway password different from all other online passwords?
Never had laptop "in for service" anywhere?
Nothing else springs to mind.
Edit:
Oh -- support "said my account had been accessed from someone/somewhere else"
Not sure if they are allowed but you could ask if they have the IP address of "somewhere else"
...or at least maybe a city/country - that might give you something to go on.
Encounter Matrix | Advanced Foundry Topics
And umm i still have my old Aol account lmao.
Is your password secure enough? Have you changed it to something even more secure since the hack took place? In that case, you should be secure.
Also, a secure wifi connection isn't 100% secure, you would be more safe with an ethernet cable instead of wifi.
I only get emails about “new computer accessed” when I try to log into the Gateway from work. I have not received any odd ones. -_-
Because of this, I have changed all passwords, each is unique, and I now change my NW password, at least once per week. I have also cleaned out my Friends List, there are only people that I actually know in there. And I am declining all new Friend Requests, plus blocking those that I can tell are spammers. (GG---.com, etc. Do people really accept FRs from somebody who shows a website attached to their player account?)
I did not ask Support what happened, I can only figure that somebody was able to guess my password, or that there are data-miners along with bots in the game.
Change your passwords, people. Change them often.
Not saying that this is what happened here. But folks really need to be aware of the sites they sign up to, and the various login creditials they use.
The one thing they ALL had in common: <removed>.
So... do you use <removed> by chance?
Sekhmet@kvetchus_
Guilds: Greycloaks, Blackcloaks, Whitecloaks, Goldcloaks, Browncloaks, Spiritcloaks, Bluecloaks, Silvercloaks, Black Dawn
Tredecim: The Cloak Alliance
By the way, this was back in like 1999/2000 - my UO acount was stolen because I was sharing it with one of my two best friends. Without me knowing, he was also sharing his account and that account with his "online girlfriend" who in turn stole all his stuff from his account and sold my account to someone else. So, yeah... even if you think you can trust someone, you probably shouldn't.
Yeah, I'm old school too back when 7-10 bucks a month was all you needed to have the most fun you could have in an MMO.
Also, if you think you're secure on your Computer or Network... I'm sorry but you're wrong. No one is. Not anyone, anywhere - as much as you're assured by ISPs, Firewalls, etc. - the cold hard truth is: You're not.
[ Support Center • Rules & Policies and Guidelines • ARC ToS • Guild Recruitment Guidelines | FR DM Since 1993 ]
The ONLY connection I could find was the fact that for the FIRST TIME EVER, I had recently traded with a stranger in-game for a Dragon Egg. That had occured about 5 days prior to the hack. I remember it taking the persno a while to finally trade with me (in hindsight, they may have been opening some sort of hacking software prior to the trade). When I logged on the day I was hacked, all of my toon were standing in Protector's Enclave next to the "town crier" guy. Maybe there is some glitch where people can hack in-game once a trade has been made? I have no idea, but maybe this will help someone.
And I NEVER have used <removed>.
myles08807 said, "Back in my day, we didn't have any of this fancy Mulhorand gear while we were leveling . . . we walked uphill both ways while dying once every five seconds while leveling, and we liked it fine!" . . . Now, get off my lawn, you kids!"
pointsman said, "I don't rue the game. In fact I don't feel any regret for the game at all."
looomis said, "I don't like people changing to alts and then bragging about their mains like schizophrenic role players."
. . . Folks, please do not name companies or individuals as sources of malpractice. Such allegations are not legal in the U.S. (slander) and not allowed on these forums as we're based in the United States. Do no reply to this notice. Contact us by PM instead to discuss forum moderation. Thanks!
[ Support Center • Rules & Policies and Guidelines • ARC ToS • Guild Recruitment Guidelines | FR DM Since 1993 ]
I assume your NW password is not the same as your email password?
I also assume, you never received any emails notifying you of a new computer accessing the account?
Considering the fact that they are doing the rollback implies they found the unusual IP accessing the account. The all important question is, how can they access the account without tripping the new one time code. If they have a way around all that then ..... well it speaks for itself.
I have been wondering if account guard even works with the actual game accounts , it works for gateway every time I clean my computer I have to put in a new code to get back onto gateway but I never get asked to put in a new code to get back onto my game account ,if it is supposed to work like that it seems to be pointless.
Being forced to have the same username/password in the web (browser for forum and gateway) and for the game client.
This is just insane, the browser is basically - even with NoScript, Cookiesafe etc. the easiest thing to attack.
So having the same password for the browser and the actual game client ... sorry, very, very insecure setup.
Alas, we are forced to this setup.
I still think there is some sort of in-game method that works with the player trade process - maybe in conjunction with some hacking software. Why else would all of my hacked toons be standing in the exact same spot in Protector's Enclave and the hacking event only happened after the ONLY time I ever traded with anyone in the game?
myles08807 said, "Back in my day, we didn't have any of this fancy Mulhorand gear while we were leveling . . . we walked uphill both ways while dying once every five seconds while leveling, and we liked it fine!" . . . Now, get off my lawn, you kids!"
pointsman said, "I don't rue the game. In fact I don't feel any regret for the game at all."
looomis said, "I don't like people changing to alts and then bragging about their mains like schizophrenic role players."
Because that's where the hacker left them. Other people who get hacked report that they were left at a mailbox, or were right where they left themselves, or whatever.
Because our human brains like to try to find correlations between things that are just coincidences.
Neverwinter Census 2017
All posts pending disapproval by Cecilia
@OP you can work with support all you want to make attempt at missing AD return, but unless you've done it already: I'd change my password real fast. Like this very moment. Sure, chances are low that it is compromised, but is that a chance you're willing to take?
If I see anything ever in any of my accounts that doesn't look right (AD Balance is not what I remember, for example) the first thing I do is change my password. THEN, after that, I'll investigate further. Changing password is so easy a thing to do. And if you don't and you're wrong then you actually lose total control over your entire account.
So I reiterate: is that a risk worth taking for you?
also, kids will be kids. if your laptop isn't secure with a password to lock them out, they might get a little curious or might get a little bold with your computer. anything is possible as far as security is concerned. but to be honest, i doubt you're going to find the answer as to what happened here. check your internet history logs. check the event viewer. if you don't know how to get into those logs, look online or get a professional to help you. support can determine when and where the incident happened. that likely determines what actions they take from that point.
good luck.
Great Weapon Fighter: Because when is today not a good day to die?
PC and PS4 player. Proud Guildmaster for PS4 Team Fencebane. Rank 5 Officer for PC Team Fencebane. Visit us at http://fencebane.shivtr.com