Account Security and Theft Policy - READ THIS
|
Quick update on this. I now understand what happened and am sharing in hopes that I can prevent the same thing from happening to others. Basically this was a targeted attack. They got a list of emails from POE, probably through accessible info although I wasn't aware my email was visible here. They then sent me a phishing email posing as a LinkedIn member. I unfortunately clicked this link to find out who wanted to connect with me and got a simple html error similar to a database parse error. That was probably the sound of a key-logger which they then used to get into my account and take my items. I use LinkedIn quite frequently so I didn't think anything of it at the time. Once I took a good look at the email. The reply address was to cisbeijing.com and the links were all to a health website called myhealthgazette.com. So keep an eye out and be careful about any emails. My apologies to GGG for assuming the worst, although I would like more assurance about keeping my email private.
| |
|
Head's up, just going to contribute a little...
So my account was accessed on 25th of Feb, it was locked and i got a e-mail about it, before that time i had been away from home for 3weeks caring for my family's cats while my mom was on a vacation, i only logged in PoE once inside that time (i think it was 15th of feb) with my phone 3g connection and laptop to see if it would lag or if i would be able to play, did some merveil runs for the funzies. I didn't use my Email that i use for PoE during this time, my password was simplistic but longer than average, i didn't visit PoE related sites and my email doesn't seem to have been compromised in any way. All in all, i don't believe i'v managed to use Phissing links or anything similar, ofc i'v used some links in the past on these forums for some Build's but that's pretty much it, i do work as web-analytic (yes i know this doesn't really mean anything, people can make mistakes) and i do take care what links i push, got even few tools to give me additional info about links because of my job -_- In all my gaming life, i'v only once been hacked and that was in Guild Wars 1, NCsoft said it was their fault because of database theft etc, i played 7years of WoW and never managed to get hacked while numerous of my friends did. So what i am trying to say here is that either there has been some kind of information theft or then i just can't trust anything PoE related anymore as i feel like i'v been suckered in a way that even i couldn't tell, i'm not saying it's GGG's fault (thou i would like them to lock the account BEFORE they take control of my main character and empty it out fully, so it's naked and unplayable.. not after when it's kinda too late) Because of my work and university stuff i tend to have time more or less to play games, just feeling really bad about the fact i lost my gaming hours on all my characters (i mean half-full tab currency items kinda hurt) just because of this, most likely i'll be only playing races from now on.. One question thou, if i do play races, will you return race rewards if they get hacked or not? if you don't then i feel like i wont try to play this before we get absolute way of making the account safe (or at least additional measurement's, IP lock is good but kinda pointless if it works only after they try to change character when bank is shared) Feeling depressed about this -_- Anyways good luck guys! better luck for you and have fun! Ps. i would feel more safe with something like Mobile authenticator, just a hint :P TL;DR Got hacked, no idea how, propably too scared to play for a while, would like to have additional security stuff because i kinda feel really shit for loosing shit tons of currency and gem's that made my main unplayable, not blaming GGG, GL everyone! | |
" Cept the fact that there was no hint in racism at all. Pretty sure anyone on the internet would know sarcasm when they see it plus when did you have to be in Asia to not speak English properly. Not to mention most people who devote their time into a game would never choose a account name that doesn't define some sort of individuality.(even warehouse accounts) That's my main reason for my accusation. Last edited by Veneficae on Feb 28, 2013, 7:43:43 AM
| |
|
my acc has been compimised everyday for the last week. but they havent got in yet. everytime its from china. damm chinese.. get a real job instead :(
| |
|
This is the first malware scan I have done since I formatted my computer back in late 2011.
I don't believe I am the one being compromised. I am a responsible computer user.  I realize that GGG will have a tough time against the veteran hackers of Blizzard. But, please don't abandon your users, which you're currently doing through this lassiez-faire policy. Last edited by PSGMud on Feb 28, 2013, 8:33:55 PM
| |
|
Your Path of Exile account has been locked because someone logged in from a location that you don't typically play from - "Shaoxing, Zhejiang, China"
How on earth could they get my password? I even play on a MAC through a wrapper and POE is the only game i have. I do not visit any POE sites or click on any mails. Changed my passwords, and they are all strong (Capitals,spaces,numbers). Thank god for the new measurements! | |
|
lmfao the things people say on this thread. People know nothing about computers nor internet security. If you got hacked it was your own fault.
| |
" LMFAO! damn trolls man.. damn trolls.. | |
|
It may be a stupid idea but here is my 2cts (never know, it might help find a clue about a real good idea) :
how about when important items (e.g lvledup gems or complete stack of currencies or unique items, etc) change account, before it happens, you send a mail to the owner of the giver's account to confirm that the transaction is agreed on and "safe". it would be kinda troublesome for ppl using mule accounts or for ppl giving stuff for free (to friend or to a good fella player) but i think it might secure transactions and make the hackers and money sellers a harder time doing their jobs. | |
" I use password like "1DoG 2" and therefore I can't get hacked. You know.. because it has capitals, spaces and numbers.. |
