check the headers in one of the emails. there should be an option in your client or webmail to do this.
within the header see if you can determine wether these are official emails or spoofed addresses. it may be that someone is trying to obtain your log in details rather than actually trying to log in and change your password.
If a bot try a hundred time to reset your password, you'll receive a hundred mail. Can you see the problem ?
It seems use of the password reset function requires input of the email address. If a malicious party already knows your email, they don't need to use PWE's services to flood your mailbox.
Also, those hundred mails per hour are a reminder to check and, if possible, improve your mailbox's security; because if they really want to hijack your account, the password reset is getting them nowhere unless they manage to break into your mailbox.
DOOM!!!!!!!!!!!!!!!! Your act is going to go PEW PEW PEW!!!!!!!!!!!!!! Ahhh The humanity of it all. Chill you still has your account. It is safe Life is good. What is the purpose of this????
check the headers in one of the emails. there should be an option in your client or webmail to do this.
within the header see if you can determine wether these are official emails or spoofed addresses. it may be that someone is trying to obtain your log in details rather than actually trying to log in and change your password.
That was my first thought: phishing emails made to look like they came from PWE in an effort to trick the user into going to some legitimate looking website and give up their user name and password so they can log into the user's account and clean them out. If that's the case it would explain why customer support told the OP they didn't see any account hijack attempts.
My best advice is to add the sender to your email blocklist and change your email password.
I've received weird phishing emails in the past telling me my WoW account is at risk of being banned for selling gold and to go to some website to log in and discuss the matter with customer support. The funny thing is I have never ever, not then or now, had an account of any kind for WoW, Blizzard, or anything related to them, especially not with the email address that received these phishing emails.
My husband's PWI account has been TRIBBLE twice in the last week. Both times, the staff did take care of it, as the hacker had been a (presumably stolen) credit card to purchase a lot of Zen. When he checked his email & saw the confirmation email, he logged in as fast as he could. In his case, it seems they were buying up a bunch of unbound store stuff, posting it on the exchange, and the profits immediately were transferred to another player, likely one of the 3 brand-spanking new pending friend requests he didn't know about prior to logging in.
In the end, they caught the hacker red-handed trying to log in while he was online chatting back & forth with a GM. Whatever went into doing that from the tech end, it was fast, and an IP ban got dished out.
Considering what he had to deal with, I don't doubt the OP is either the victim of a hack attempt, or a phishing attempt.
So, what you're saying is, someone set a bot to try to hack your account. And every last time it failed, as you did not respond to any of those emails asking you to verify the attempt.
I'm really not seeing what exactly you're upset about. The verification system worked as designed; the bot was unable to hack your account. PWE isn't seeing anything, because as far as their system is concerned, nothing happened. Other than a user attempting to change their password, of course, which probably happens a couple thousand times a day across all PW games.
So, you've now proved Account Verification is indeed a secure system. Thanks!
Are you avoiding the point on purpose, or are you just born that way ?
If a bot try a hundred time to reset your password, you'll receive a hundred mail. Can you see the problem ?
You mean to say there was, at some stage other than what I quoted from Jonsills, a legitimate point made in this thread prior?
Someone complaining about being spammed by an automated hack-avoidance system has no point, it was general whinging...
Jonsills' quote above, is about the first real post to contain anything of legitimacy and you try and attack it? Why? What's your point that you're trying to make?
Jonsills' post is entirely correct... The spam of messages were automatically generated, and the very fact the OP recieved such a large number (however many that truly was without exaggeration) means that the login systems' security measures are indeed working...
Truth is, there is nothing that Cryptic/PWE can do about ATTEMPTED fraudulent logins, even if they admitted to being aware of them, as those attempts would have been from some bot that was programmed to hammer a known account with random passwords until access was granted...
At most, Cryptic/PWE would see a large number of failed login attempts but there would be nothing they could do about them, despite the OP's apparent desire otherwise...
Admittedly, one step that Cryptic/PWE could take would be that after X number of login attempts (5 - 10 perhaps), the account is suspended for a period of time (possibly even requiring contact with Customer Service), but beyond that, Cryptic/PWE's hands are tied as to dealing with hack attempts...
Jonsills' post is entirely correct... The spam of messages were automatically generated, and the very fact the OP recieved such a large number (however many that truly was without exaggeration) means that the login systems' security measures are indeed working...
Oh yeah, the security measure is working. Not that it was solicited mind you, because asking for someone's username/password is not really trying to hack him.
Meanwhile, this player is getting is mailbox flooded by unsolicited mail. And if check them as spam, he might miss an important information from PWE.
Really, I think you guys do your best to ignore the OP point, and argue about something else remotely related.
He speak about getting his mailbox flooded by PWE mail, and you speak about.... security measures. Right...
Quite frankly I'm a bit disappointed by this thread. Someone have a problem, even post screenshot to show his problem, and all he gets is being trolled. Perhaps it's his fault if he is victim of some cyber troll ?
I don't care too much about the why behind someone's thought processes. If I did, I would likely die of a brain aneurysm from my exposure to the STO forums.
If someone makes an accusation, it is a typical human response to ask for proof to back up that accusation.
Somebody asking for proof does not make them a troll.
The fact I am here on a video game forum for Star Trek trying to explain why fact-based evidence is an extremely important facet to human communication should be seen as comical at best, and shameful at worst.
Don't click on anything anywhere from unrequested password change mails/similar. About 3 weeks ago I also got a small flood of "You changed your PW password, just click here to confirm" mails that where all fake & looked nothing like the Perfect World changed password info mail.
Oh yeah, the security measure is working. Not that it was solicited mind you, because asking for someone's username/password is not really trying to hack him.
Meanwhile, this player is getting is mailbox flooded by unsolicited mail. And if check them as spam, he might miss an important information from PWE.
Really, I think you guys do your best to ignore the OP point, and argue about something else remotely related.
He speak about getting his mailbox flooded by PWE mail, and you speak about.... security measures. Right...
Quite frankly I'm a bit disappointed by this thread. Someone have a problem, even post screenshot to show his problem, and all he gets is being trolled. Perhaps it's his fault if he is victim of some cyber troll ?
Either you're consciously playing the fool, or you're just ignorantly naive to how such measures actually work...
The 'flood of emails' is working as intended and is pretty standard practice when it comes to hack attempts for MMO's... What do you expect Cryptic/PWE to do? Please enlighten us...
I'll also just point out I am not ignoring what the OP said, I just see no point legitimising such a pointless, baseless and exagerated whinge, especially not defend it as you seem intent on doing...
Being inundated with emails can hardly be considered being victimised in some form or another... I, like I'm sure everyone on this forum, am inundated with unsolicited spam on a daily (hourly) basis...
Automated warnings from a service which I subscribe, regarding the security of my account with them, can hardly be considered unsolicited, nor would I personally have any for of issue with several dozen warnings as I accept that they are automated messages and par for the course of the services' security features...
The 'flood of emails' is working as intended and is pretty standard practice when it comes to hack attempts for MMO's... What do you expect Cryptic/PWE to do? Please enlighten us...
Ok, I'll use my superior intelligence to answer that one. Having a limit on how many mails per set time frame being sent to someone for password/username change request. For example, no more than 10-20requests per day or something.
If you loose your username/password, you don't need 100mails, do you ?
Now I really feel clever... Oh wait, it was quite obvious, was it ?
Ok, I'll use my superior intelligence to answer that one. Having a limit on how many mails per set time frame being sent to someone for password/username change request. For example, no more than 10-20requests per day or something.
If you loose your username/password, you don't need 100mails, do you ?
Now I really feel clever... Oh wait, it was quite obvious, was it ?
Firstly, you've missed the entire point of these emails completely... They are not to tell you you forgot your password, they are to inform you that someone has tried to recover the password... Given the only person who should be doing so is the owner of the account, anything outside of the account holder would be considered a hack attempt...
By sending multiple emails it's intended to highlight just how many attempts there have been and to emphasise that the security of your account could be in question...
What's especially funny about your response is that these 'hundreds' of messages are often quite a long time apart, one gap being almost 4 hours...
If all of these messages were minutes apart I would agree, however, given that the emails are commonly 10 - 20 minutes apart, this is quite reasonable and highlighting when these attempts are being made...
So, the complaint is still fairly baseless and difficult to defend...
Something else you're failing to consider here, perhaps if the OP had not used these password recovery attempts as an infantile attempt to have a crack of Cryptic they'd have not been 'trolled' in response... It was a ridiculous and incredulous comment that was deserving of retort in kine frankly...
The fact I am here on a video game forum for Star Trek trying to explain why fact-based evidence is an extremely important facet to human communication should be seen as comical at best, and shameful at worst.
Ah, I see we have an early contender for "Best Post of the Year".
Iconians is also a bit skeptical of the numbers and asks for some evidence, and the OP's response is to jump straight into namecalling, hostility, and completely unprovoked defensiveness.
It's not just the numbers. Really, there could have been 100 and like you said... sure, we'll go with it.
It was a number of things in their post that they simply weren't willing to back up.
Tried to send a trouble ticket to Cryptic
No screenshot of that, either. Or what the ticket consisted of.
All got was a "DUH-UHHHHH! We see no hijack attempts! DERRRRRRP!"
No screenshot of that, either. Or what their actual, non-satirical response consisted of and why.
Seems that trying to level a new account is so hard & nasty now that stealing another players' STO account is a more viable option. Good going, Cryptic!
And just as a last point of contention, why the OP felt it necessary to blame Cryptic for the unscrupulous, and unethical acts perpetrated by a third party. Like blaming Nike for creating Air Jordans that people want to steal.
Ideally, if the OP was being 100% truthful, they had the ball in their court to convince me that they were slighted by poor customer service at PWE. By providing actual evidence, they could have actually made me eat crow. They could have pointed out how dumb I am, how naive I am, or how I let my skepticism blind me to the horrific tragedies that befall them.
Instead, yeah... the usual toxic rhetoric around these parts.
the reason your emails are a certain time apart, only 2 are 2 mins apart(the rest are between 20 and 40 mins apart on that picture), is because after a certain amount of wrong passwords, it blocks you from retrying. so they have to wait.
1.as Jonsills stated, since you are getting the warning messages. it means that someone has FAILED to get into your account.
2.as someone else pointed out, change your email address.
as long as you have the same email attached, they will continue trying.
3.don't use a similar email name to what you have on ANY game login.
4.don't use a common password. acct hacks work on a long list of common passwords to game accts. GW2 actually has the list as banned passwords, so you can't use them.
Monkeybone- those emails about wow accts are all phishing ones. I used to send them on to Blizzard security before I got bored and wiped that email.(which was my old acct email before their acct guard was installed)
If you check your recent email access file, you should see a different login attempt for each of them. I got them from all over the world.
Dude, you aren't my keeper. I do not need to run around doing stuff to appease YOU. I did more than I needed to just to provide you with a screencap and now you want to make me run around some more. Go foul up some other thread.
^^ This.
I suspect the only reason you posted about it was to maybe grab the attention of Cryptic (after their alleged CS totally fobbed you off, as usual). You are not beholden to Iconians, in any matter whatsoever.
Tried to send a trouble ticket to Cryptic they last time they pulled this a few weeks ago. All got was a "DUH-UHHHHH! We see no hijack attempts! DERRRRRRP!", yet I get my email inbox flooded with over a 100 attempts per hour this weekend.
Seems that trying to level a new account is so hard & nasty now that stealing another players' STO account is a more viable option. Good going, Cryptic!
and how does any of that help on this forum? this isnt a support section. so why this thread exists for in the first place...
as for the rest, there is fairly little one can do in an age where people will do anything to defeat something when they have the tools, some can get target fixation and fly into the ground with the target. who knows, but the point in the end is simple you can in a vain attempt to try a different pass, email and usernames if its possible, but that only delays further attempts until it happens again. cryptic cant be held to blame for what others do but they are not completely faultless or even the user in question being TRIBBLE for making it as easy as it is. in the end its just a game, right? :P
T6 Miranda Hero Ship FTW. Been around since Dec 2010 on STO and bought LTS in Apr 2013 for STO.
Oh boy what a surprise. STO's posting all-stars coming together, giving each other a shoulder to lean on. Thanks, Meimeitoo, for jumping in with your "two cents." You are absolutely right -- no one is beholden to Iconians; however, the OP's descent into juvenile, namecalling troll. He could have just said no to a screenshot; he could have just ignored Iconians instead of posting an image with the tags "I'm" "G*y" at the top, apparently as a means to insult Iconians. Hmm....using the word G*y as a derogatory insult to someone? Yes, that is completely within the bounds of good taste.
Westboro Church: God hates G*ys.
Meimeitoo: This sounds very reasonable too me. I wonder why these people keep getting trolled.
LOL. In all fairness, I didn't look at his posted screenshot. (And something tells me I probably shouldn't. :P) It just felt somewhat out of character for Iconians -- who's usually the voice of equity -- to go after this guy so much. I guess your post explains a few things.
All I know, at least, is that a hundred attempts to hack my account would seriously make me nervous too, and I'd probably wind up posting about it as well.
Comments
within the header see if you can determine wether these are official emails or spoofed addresses. it may be that someone is trying to obtain your log in details rather than actually trying to log in and change your password.
@Liath | My PRIMUS Page | Altaholics | New Vehicle Models | New Emblems | Flag Tights
Asterelle's Forum Enhancement Extension | Game Side Panel Add-In* | Game Server Status Add-In
*Updated to work on Embedded/Non embedded forums post August 2015 Changes
Also, those hundred mails per hour are a reminder to check and, if possible, improve your mailbox's security; because if they really want to hijack your account, the password reset is getting them nowhere unless they manage to break into your mailbox.
That was my first thought: phishing emails made to look like they came from PWE in an effort to trick the user into going to some legitimate looking website and give up their user name and password so they can log into the user's account and clean them out. If that's the case it would explain why customer support told the OP they didn't see any account hijack attempts.
My best advice is to add the sender to your email blocklist and change your email password.
I've received weird phishing emails in the past telling me my WoW account is at risk of being banned for selling gold and to go to some website to log in and discuss the matter with customer support. The funny thing is I have never ever, not then or now, had an account of any kind for WoW, Blizzard, or anything related to them, especially not with the email address that received these phishing emails.
In the end, they caught the hacker red-handed trying to log in while he was online chatting back & forth with a GM. Whatever went into doing that from the tech end, it was fast, and an IP ban got dished out.
Considering what he had to deal with, I don't doubt the OP is either the victim of a hack attempt, or a phishing attempt.
Make sure you're using strong passwords on both your STO account and your email, and do not use the same password for them!
You mean to say there was, at some stage other than what I quoted from Jonsills, a legitimate point made in this thread prior?
Someone complaining about being spammed by an automated hack-avoidance system has no point, it was general whinging...
Jonsills' quote above, is about the first real post to contain anything of legitimacy and you try and attack it? Why? What's your point that you're trying to make?
Jonsills' post is entirely correct... The spam of messages were automatically generated, and the very fact the OP recieved such a large number (however many that truly was without exaggeration) means that the login systems' security measures are indeed working...
Truth is, there is nothing that Cryptic/PWE can do about ATTEMPTED fraudulent logins, even if they admitted to being aware of them, as those attempts would have been from some bot that was programmed to hammer a known account with random passwords until access was granted...
At most, Cryptic/PWE would see a large number of failed login attempts but there would be nothing they could do about them, despite the OP's apparent desire otherwise...
Admittedly, one step that Cryptic/PWE could take would be that after X number of login attempts (5 - 10 perhaps), the account is suspended for a period of time (possibly even requiring contact with Customer Service), but beyond that, Cryptic/PWE's hands are tied as to dealing with hack attempts...
You just need to understand the OP.. anything that ever happens anywhere is Cryptics fault and demands a screaming rant thread.
He reads something he doesn't understand.. Cryptics fault.
Someone tries to hack his account.. Cryptics fault.
It's 5 degrees warmer today then the weather guy said it would be.. Cryptics fault again.
You need to take anything this guy says with a grain of salt. He doesn't want help, he wants to rant.
You behave like a dancing monkey of your own volition. Frequently. If you threw down a hat maybe someone would put zen in it.
don't be a weenie. he could be lying but why? this stuff happens all the time.
but they probably "see no hijack attempts" because you aren't responding to the phishing emails
Meanwhile, this player is getting is mailbox flooded by unsolicited mail. And if check them as spam, he might miss an important information from PWE.
Really, I think you guys do your best to ignore the OP point, and argue about something else remotely related.
He speak about getting his mailbox flooded by PWE mail, and you speak about.... security measures. Right...
Quite frankly I'm a bit disappointed by this thread. Someone have a problem, even post screenshot to show his problem, and all he gets is being trolled. Perhaps it's his fault if he is victim of some cyber troll ?
I don't care too much about the why behind someone's thought processes. If I did, I would likely die of a brain aneurysm from my exposure to the STO forums.
If someone makes an accusation, it is a typical human response to ask for proof to back up that accusation.
Somebody asking for proof does not make them a troll.
The fact I am here on a video game forum for Star Trek trying to explain why fact-based evidence is an extremely important facet to human communication should be seen as comical at best, and shameful at worst.
Either you're consciously playing the fool, or you're just ignorantly naive to how such measures actually work...
The 'flood of emails' is working as intended and is pretty standard practice when it comes to hack attempts for MMO's... What do you expect Cryptic/PWE to do? Please enlighten us...
I'll also just point out I am not ignoring what the OP said, I just see no point legitimising such a pointless, baseless and exagerated whinge, especially not defend it as you seem intent on doing...
Being inundated with emails can hardly be considered being victimised in some form or another... I, like I'm sure everyone on this forum, am inundated with unsolicited spam on a daily (hourly) basis...
Automated warnings from a service which I subscribe, regarding the security of my account with them, can hardly be considered unsolicited, nor would I personally have any for of issue with several dozen warnings as I accept that they are automated messages and par for the course of the services' security features...
If you loose your username/password, you don't need 100mails, do you ?
Now I really feel clever... Oh wait, it was quite obvious, was it ?
Firstly, you've missed the entire point of these emails completely... They are not to tell you you forgot your password, they are to inform you that someone has tried to recover the password... Given the only person who should be doing so is the owner of the account, anything outside of the account holder would be considered a hack attempt...
By sending multiple emails it's intended to highlight just how many attempts there have been and to emphasise that the security of your account could be in question...
What's especially funny about your response is that these 'hundreds' of messages are often quite a long time apart, one gap being almost 4 hours...
If all of these messages were minutes apart I would agree, however, given that the emails are commonly 10 - 20 minutes apart, this is quite reasonable and highlighting when these attempts are being made...
So, the complaint is still fairly baseless and difficult to defend...
Something else you're failing to consider here, perhaps if the OP had not used these password recovery attempts as an infantile attempt to have a crack of Cryptic they'd have not been 'trolled' in response... It was a ridiculous and incredulous comment that was deserving of retort in kine frankly...
Ah, I see we have an early contender for "Best Post of the Year".
I Support Disco | Disco is Love | Disco is Life
It's not just the numbers. Really, there could have been 100 and like you said... sure, we'll go with it.
It was a number of things in their post that they simply weren't willing to back up.
No screenshot of that, either. Or what the ticket consisted of.
No screenshot of that, either. Or what their actual, non-satirical response consisted of and why.
And just as a last point of contention, why the OP felt it necessary to blame Cryptic for the unscrupulous, and unethical acts perpetrated by a third party. Like blaming Nike for creating Air Jordans that people want to steal.
Ideally, if the OP was being 100% truthful, they had the ball in their court to convince me that they were slighted by poor customer service at PWE. By providing actual evidence, they could have actually made me eat crow. They could have pointed out how dumb I am, how naive I am, or how I let my skepticism blind me to the horrific tragedies that befall them.
Instead, yeah... the usual toxic rhetoric around these parts.
That's even more depressing. I don't want any applause or accolades for doing something people should be doing all along.
Er...given the OP's thread creation history...
Another person comes along and immediately dumps on it from a great height for no reason.
Thread continues for many pages but both people look like idiots.
*awaits overly long boring post from either the OP or Iconians that I won't bother to read*
Free Tibet!
I think you're absolutely correct, and admit I am an idiot in all possible ways ever imaginable.
Favoritism! Favoritism! Favoritism! You clearly stated Iconians' name while merely alluding to er...the other fellow...uh...as the OP.
the reason your emails are a certain time apart, only 2 are 2 mins apart(the rest are between 20 and 40 mins apart on that picture), is because after a certain amount of wrong passwords, it blocks you from retrying. so they have to wait.
1.as Jonsills stated, since you are getting the warning messages. it means that someone has FAILED to get into your account.
2.as someone else pointed out, change your email address.
as long as you have the same email attached, they will continue trying.
3.don't use a similar email name to what you have on ANY game login.
4.don't use a common password. acct hacks work on a long list of common passwords to game accts. GW2 actually has the list as banned passwords, so you can't use them.
Monkeybone- those emails about wow accts are all phishing ones. I used to send them on to Blizzard security before I got bored and wiped that email.(which was my old acct email before their acct guard was installed)
If you check your recent email access file, you should see a different login attempt for each of them. I got them from all over the world.
Get the Forums Enhancement Extension!
^^ This.
I suspect the only reason you posted about it was to maybe grab the attention of Cryptic (after their alleged CS totally fobbed you off, as usual). You are not beholden to Iconians, in any matter whatsoever.
I hope you get your issue resolved soon.
and how does any of that help on this forum? this isnt a support section. so why this thread exists for in the first place...
as for the rest, there is fairly little one can do in an age where people will do anything to defeat something when they have the tools, some can get target fixation and fly into the ground with the target. who knows, but the point in the end is simple you can in a vain attempt to try a different pass, email and usernames if its possible, but that only delays further attempts until it happens again. cryptic cant be held to blame for what others do but they are not completely faultless or even the user in question being TRIBBLE for making it as easy as it is. in the end its just a game, right? :P
Been around since Dec 2010 on STO and bought LTS in Apr 2013 for STO.
LOL. In all fairness, I didn't look at his posted screenshot. (And something tells me I probably shouldn't. :P) It just felt somewhat out of character for Iconians -- who's usually the voice of equity -- to go after this guy so much. I guess your post explains a few things.
All I know, at least, is that a hundred attempts to hack my account would seriously make me nervous too, and I'd probably wind up posting about it as well.