Possible account stealing
Possible account stealing
 |
Jun 20, 2005, 07:19 AM // 07:19
|
#1 |
|
Tech Monkeh Mod
Join Date: May 2005
Location: Good Old North East of England
Profession: Mo/Me
|
Possible account stealing
 Hey guys, this is just to advise all who play on the european servers about a worrying incident that happened to me on saturday evening..A Character "whispered me" to advise that he was from the Guild wars admin team, and that there was a serious problem, and someone had accused me of "scamming them", he requested my email address and password and said "we will sort this out for you, and if you have done nothing wrong, you will get your account back", he would not say who had complained about me, only that I had scammed this guy out of 8 platinum. I said he could have my email address only, and that should be sufficient. He then replied "please comply with my request or you will be banned", I just replied "ban, i'll take it to your manager".... This went on for about 10 minutes or so. I just kept replying "ok then ban my account", in the end he said "lol, was only messin with ya, your the only one who hasn't gave me the details.." My parting shot to this person was "email is going to guild wars admin team, as we speak, lets see who's account is banned.." So I have mailed the support team and I am awiating a reply... If anyone wants this character name pm me, and i'll supply it(thats if I am allowed to?)... Maybe this can be turned into a sticky? Mods. As I think it is A topic people need to be wary of... |
|
|
|
Jun 20, 2005, 07:25 AM // 07:25
|
#2 |
|
Lion's Arch Merchant
Join Date: Apr 2005
Guild: Death Infernal Evil
Profession: Mo/R
|
no worries anet will take care of him no problem. no need to spread his name- and good going! you're smarter than some people!
 and NObody is a dev- I think Devs has their own avatars- like gaile gray's avatar (maybe? haven't seen her avatar at all)looks so different than any other run of the mill characters.
|
|
|
|
|
Jun 20, 2005, 07:26 AM // 07:26
|
#3 |
|
Academy Page
Join Date: May 2005
Location: south korea
Guild: Angels of Anarchy
Profession: W/R
|
um, this the world's oldest form of social engineering. no way anyone should ever fall for that.
|
|
|
|
|
Jun 20, 2005, 07:32 AM // 07:32
|
#4 |
|
Lion's Arch Merchant
Join Date: May 2005
Location: Somewhere, U.S.A.
Guild: Gold Pheonix
|
Even so a reminder is needed:
No dev team for any game will ever ask for your account info (password and such) and anyone who does is obviously trying to steal from you. Smart move on your part cannonfodder. Last edited by Madjik; Jun 20, 2005 at 07:36 AM // 07:36.. |
|
|
|
|
Jun 20, 2005, 07:36 AM // 07:36
|
#5 | |
|
Tech Monkeh Mod
Join Date: May 2005
Location: Good Old North East of England
Profession: Mo/Me
|
Quote:
|
|
|
|
|
|
Jun 20, 2005, 04:01 PM // 16:01
|
#6 |
|
Frost Gate Guardian
Join Date: Apr 2005
Location: Puget Sound area, WA State
Guild: KnightMare Brigade [KB]
Profession: E/R
|
Think about it... all of your account details are on THEIR servers. They wouldn't need to get the information from you. They just do a database query.
Good Job on skunking him out. Most need to learn that they don't need to get that data from you, they can look it up based on your unique characters names. |
|
|
|
|
Jun 20, 2005, 04:11 PM // 16:11
|
#7 | |
|
Wilds Pathfinder
Join Date: Jun 2005
Profession: Me/E
|
Quote:
 He woulda got nothing from me.
|
|
|
|
|
|
Jun 20, 2005, 04:23 PM // 16:23
|
#8 | |
|
Ascalonian Squire
Join Date: May 2005
|
Quote:
|
|
|
|
|
|
Jun 20, 2005, 06:25 PM // 18:25
|
#9 |
|
Frost Gate Guardian
Join Date: Apr 2005
|
A while back, Mythic (the makers of DAoC) actually emailed people for a beta and requeted their account info. The email looked like a scam.. "Congrats you are now in the beta for xxxx.. Please email us with your account info".
Was funny that 4 years into a game and 100's of posts about "Mythic will never ask for your info" they turn around and ask for it. They made a post on the front page after nobody replied so they had no beta testers. |
|
|
|
|
Jun 20, 2005, 08:18 PM // 20:18
|
#10 |
|
Frost Gate Guardian
Join Date: Apr 2005
Profession: N/R
|
Well you gave him your email address so it should be relatively easy to brute force your GW account now and get your password. Just a heads up.
|
|
|
|
|
Jun 20, 2005, 11:00 PM // 23:00
|
#11 | |
|
Krytan Explorer
Join Date: May 2005
Guild: [KCHS]
Profession: W/N
|
Quote:
Also brute force method is very rare (YCantUDie has pointed out the flaws already), but you would be surprised how many people use simple passwords. Password could be pet/family/friends names, animals or some other password can be gotten after some "friendly chatting" with the victim. First time I heard about this was for usenet accounts for "entertainment directory" since those where payed access (& Kevin Mitnicks adventures who actually got caught & wrote a book on social engineering). |
|
|
|
|
|
Jun 21, 2005, 02:01 AM // 02:01
|
#12 | |
|
Ascalonian Squire
Join Date: May 2005
Profession: W/N
|
Quote:
Its totally a part of Identity theft prevention basics to recognize that a company, group, or whatever will NEVER ask for your info like that. But it is amazing how many still fall for it
|
|
|
|
|
|
Jun 26, 2005, 01:57 AM // 01:57
|
#13 |
|
Frost Gate Guardian
Join Date: Apr 2005
Profession: N/R
|
Umm why is brute forcing a password difficult with an account name. Why can't I just write a script that either uses a dictionary or random generator to guess the account pw? Unless GW has a lockout then it is fairly simple to do (even with a 10 character password).
|
|
|
|
|
All times are GMT. The time now is 09:59 PM // 21:59.
| |||||||||||||||||||||||||||||||||||||||
Linear Mode
