Damn people, leave my account alone, eh?

[temu]

Check this out.

So I couldn't log in UO this morning. Got an email about a bad credit card. Fine. Go to log on my EA master account. Password won't work. Try a reset.....nothing.

Then I look into this god awful email account I don't use much anymore. What's this?

Hi drakedo***,

On March 27, 2016 10:23:40 PM GMT 00:00, the primary email address linked with your EA Account was changed to:

suslakov***@yandex.ru

If you never made this change, [email change button here].


Hang on. I'm not drakeANYTHING. WHAT THE HECK. Wait for it..... aaahhhHHHHH FREAK OUT!

I did change my email back. Went to redo the password and it took me to a password reset page all in Russian. Changed my PW and I think I can activate my accounts now. This is odd because I'm super careful when browsing sites and I don't run any shady software on my PC.

 

[Captn Norrington]

If the password change page was all in Russian, that kind of sounds like it's a fake website and you might have been tricked into giving up your real password. The email you got could have been a fake phishing email designed to trick people into giving up their passwords. The victim resets their password on the fake site by changing it to what their original password was, then the scammer takes the password you just typed in and uses it to steal your account. They could have purposely locked your UO account by entering the wrong password too many times, that way their scheme would seem more believable to the victim.

I'd strongly suggest changing your password again, and this time make 100% sure it's the real UO website.

 

[temu]

I'm having a hard time finding a button to change my master account password again. The last time I used the "forgot my password" link thingy.

edit: Thank you for your suggestion, norrington!

 

[Kylie Kinslayer]

I will echo Capt's advise. Any time I do anything with my account I go through the main UO page.

 

[Zosimus]

In GW2 we get notifications through sms if somebody tries to log in on another isp. They can't log in anyway because they would need the code I get on my sms.

It's time for UO to update their security.

 

[MalagAste]

I personally NEVER go to a link from Email... I usually have all "important" websites bookmarked and such and I would most certainly go to uo.com ASAP and change the password on the account...

I agree with Norrington sounds phishy

 

[Eärendil]

...but he said, he couldnt log in. How does that fit to the fake mail-theory?

 

[Captn Norrington]

...but he said, he couldnt log in. How does that fit to the fake mail-theory?

A lot of games automatically lock down an account if someone types in the wrong password on the main website lots of times. It's designed to protect the account from being hacked. When the real account owner tries to log in and realizes they can't, they call customer service and verify they are the real owner. Then customer service makes them pick a new username or password to prevent their account from being stolen if the hackers already figured out the password.

The scammers purposely lock down the account by typing in the wrong password, that way when the real owner gets the scam email they assume it's customer service trying to contact them to verify that they are the real owner, and since they can't access their account they assume the email is real and don't question it's legitimacy.

I'm not sure if UO is one of the games that does that, but it's better for him to be safe than risk his account getting stolen.

 

[Melchiah]

I had exactly the same thing happen with my master EA account about 18 months ago. First I knew of it was a call from my bank advising me of someone trying to do a load of digital downloads using my credit card stored on the site in Roubles!
They'd changed the default language, password and email to something different, all in Cyrillic. Advice is to request a call back from EA support and talk them through it on the phone. They can then reset password and language.
Upside is they're not after the UO stuff, just everything else...! Suffice to say the CC details are never stored in Origin or EA any more...

 

[Lord Frodo]

Check this out.

So I couldn't log in UO this morning. Got an email about a bad credit card. Fine. Go to log on my EA master account. Password won't work. Try a reset.....nothing.

Then I look into this god awful email account I don't use much anymore. What's this?

Hi drakedo***,

On March 27, 2016 10:23:40 PM GMT 00:00, the primary email address linked with your EA Account was changed to:

suslakov***@yandex.ru

If you never made this change, [email change button here].


Hang on. I'm not drakeANYTHING. WHAT THE HECK. Wait for it..... aaahhhHHHHH FREAK OUT!

I did change my email back. Went to redo the password and it took me to a password reset page all in Russian. Changed my PW and I think I can activate my accounts now. This is odd because I'm super careful when browsing sites and I don't run any shady software on my PC.

ICQ enough said

 

[Angel of Sonoma]

ICQ enough said

^ this! icq is currently owned by a russian internet company. coincidence? not long ago i got a pop up from icq warning me that my windows host file had been modified. (yeah, i constantly update the host file to block access to undesirable websites.) what is icq doing reading files from my pc? nowadays i sparingly use icq b/c i don't trust it.

 

[Nexus]

^ this! icq is currently owned by a russian internet company. coincidence? not long ago i got a pop up from icq warning me that my windows host file had been modified. (yeah, i constantly update the host file to block access to undesirable websites.) what is icq doing reading files from my pc? nowadays i sparingly use icq b/c i don't trust it.

I gotta agree with this, I quit using the official ICQ client a long time ago because I worried about things like this. What's worse if you think about it, if ICQ is changing your .hosts file, it has Administrative access to your PC, effectively making it a handy distribution platform for all sorts of nasty malware and virus.

 

[Tyrath]

A lot of games automatically lock down an account if someone types in the wrong password on the main website lots of times. It's designed to protect the account from being hacked. When the real account owner tries to log in and realizes they can't, they call customer service and verify they are the real owner. Then customer service makes them pick a new username or password to prevent their account from being stolen if the hackers already figured out the password.

The scammers purposely lock down the account by typing in the wrong password, that way when the real owner gets the scam email they assume it's customer service trying to contact them to verify that they are the real owner, and since they can't access their account they assume the email is real and don't question it's legitimacy.

I'm not sure if UO is one of the games that does that, but it's better for him to be safe than risk his account getting stolen.

LOL this happens often when I forget my stratics PW and have to type in every PW I have used the last 15 years

 

[Zandor]

I gotta agree with this, I quit using the official ICQ client a long time ago because I worried about things like this. What's worse if you think about it, if ICQ is changing your .hosts file, it has Administrative access to your PC, effectively making it a handy distribution platform for all sorts of nasty malware and virus.

So what would you recommend for someone such as myself who is completely ignorant about computers? Is trillian the same as icq in this matter? And should we be concerned with icq on our phone? This thread kinda worries me.

 

[CronusVl]

I'm sorry about your case, but as man one of which directly organized Russian community in Skype. I never heard that somebody doing similar things from our community And I ask to refrain from provocative title in theme of topic(as russian hackers and another), Bad people may be in each country. Russian language unites people from many countries. And this moral freak which breaks rules may be and not from Russia.

 

[MalagAste]

I'm sorry about your case, but as man one of which directly organized Russian community in Skype. I never heard that somebody doing similar things from our community And I ask to refrain from provocative title in theme of topic(as russian hackers and another), Bad people may be in each country. Russian language unites people from many countries. And this moral freak which breaks rules may be and not from Russia.

We all hope not... and I agree there are nut cases all over the world who for some reason or another think laws and such don't apply to them or that doing crimes in cyberspace is "ok" .. like theft ever is ok...

So what would you recommend for someone such as myself who is completely ignorant about computers? Is trillian the same as icq in this matter? And should we be concerned with icq on our phone? This thread kinda worries me.

I've used Trillian for years never had a problem. skype is now getting a very bad rep as well... I've moved on to Discord most the time.

 

[FrejaSP]

I use an e-mail for UO, I do not use anywhere else, that be here, ICQ, Skype or any other Internet side login.
This way, my ICQ or others do not know my e-mail used for UO and can't hack it.

 

[MalagAste]

I use an e-mail for UO, I do not use anywhere else, that be here, ICQ, Skype or any other Internet side login.
This way, my ICQ or others do not know my e-mail used for UO and can't hack it.

I do this as well.. I keep my game emails completely separate and do not EVER post them anywhere or use them for anything BUT my accounts.

 

[petemage]

OP falls for a fishing mail. Some people see big international conspiracy.

Some people shouldn't be allowed on the internet. Like they hack you only to steal a random online gaming account

 

[petemage]

skype is now getting a very bad rep as well

Skype is Microsoft, useless for anything serious. OK for basic chatter. Same as ICQ basically.

 

[temu]

OP falls for a fishing mail. Some people see big international conspiracy.

Some people shouldn't be allowed on the internet. Like they hack you only to steal a random online gaming account

It's called "phishing", sweetheart. And how could I get phished if I never opened any email regarding my account before my ID and email was changed, and I would most certainly never cough up information because someone emailed me. The dude up there is right, I think this happens through lots of brute force attacks and is aimed at stealing CC info, which of course they didn't get. It's not about stealing a random online gaming account. At my university they require these huge 10 digit passwords that must include special characters, uppercase and lowercase letters, and numbers. Usually people get irritated, but it's important to have a strong password. Anyway, the posts about ICQ being a problem are interesting to me and I'm going to check that out. Thank you all.

And to guy who took offense: thanks for the chuckle.

 

[Angel of Sonoma]

I gotta agree with this, I quit using the official ICQ client a long time ago because I worried about things like this. What's worse if you think about it, if ICQ is changing your .hosts file, it has Administrative access to your PC, effectively making it a handy distribution platform for all sorts of nasty malware and virus.

icq is not changing my hosts file. it's reading it. and it wasn't a one time fluke. i've gotten the below message several times. what business does icq have looking at the files on my system?

 

[Lythos-]

icq is not changing my hosts file. it's reading it. and it wasn't a one time fluke. i've gotten the below message several times. what business does icq have looking at the files on my system?
View attachment 45979

I've never ever gotten that message in my years of using icq daily.

What version are you using and what version of Windows?

 

[Tyrath]

It's called "phishing", sweetheart. And how could I get phished if I never opened any email regarding my account before my ID and email was changed, and I would most certainly never cough up information because someone emailed me. The dude up there is right, I think this happens through lots of brute force attacks and is aimed at stealing CC info, which of course they didn't get. It's not about stealing a random online gaming account. At my university they require these huge 10 digit passwords that must include special characters, uppercase and lowercase letters, and numbers. Usually people get irritated, but it's important to have a strong password. Anyway, the posts about ICQ being a problem are interesting to me and I'm going to check that out. Thank you all.

And to guy who took offense: thanks for the chuckle.

SOmeone gets your account email and username tries to log in repeatedly until the account is locked out, send you an email with a link to a bogus site. you enter yourPW and then change your PW and now they have your new PW and spend all of your money on the stored CC info. How do you think those 3rd party brokers sell 5 packs of Xfr token for $50

 

[temu]

The weird thing is, the account wasn't locked out. And I never got an email to take me to a page where it wanted a password.

 

[Gamer_Goblin]

Everyone, and yes, I mean you to the person that thinks they know all about computers, should research Phishing and read up on latest scams. They have gotten a lot more sophisticated. My work put out a training for it and they also sampled the population of 30,000 employees with fake phishing emails. The response and results were scary.

 

[Angel of Sonoma]

I've never ever gotten that message in my years of using icq daily.

What version are you using and what version of Windows?

i'm running icq version 8 & windows 7. have you ever modified your hosts file? if not, that's probably why you've never seen that popup.

i've modified my hosts file. i add all the adware / spyware urls to the hosts file giving them the loopback ip address. what this does is prevents your pc from hitting the adware sites when you are surfing the web. as an added bonus it speeds up the time it takes a webpage to load. have you ever noticed that some of the ads you see match recent searches you've done on the web? modifying the hosts file prevents this from happening. it's a powerful tool.

regardless, icq should not be checking any files on my system other than their own program.

 

[Lord Arm]

this has happened to other people, in the last month or so.

 

[temu]

Well guys, all's well that ends well. I went to this page to talk to a real person at EA -

https://help.ea.com/en/contact-us/new/?product=origin

And after selecting the hacked account thing and typing a little description of my problem I was able to select a call back. They called me in literally 3 seconds. The lady was really helpful and changed back my security question and walked me through some other things. But I think the most useful thing was she recommended I turn on EA login verification so that if an unrecognized computer tries to login, it will send me a text message to my phone! If you all haven't done this I would totally check it out. So, you go to origin.com, then click on My Account and then the Security button. There's a button to turn on Login Verification right there!

Things I learned:

While I totally love Russia and most of its wonderful citizens, the Russian language is terrifying to behold when it infiltrates your private gaming account!
EA tech support is pretty awesome , it's too bad it was so hard to find that page to get a call back.
The tricks that mean people use to fool you into giving out pw info is more elaborate than I thought! You guys are well versed.
The people at EA can't really help you with your UO stuff - she couldn't help me unlink an old account from my EA master...darn.

 

[Lord Frodo]

Maybe all ICQ users need to read the End User License Agreement End User License Agreement and ICQ Privacy Policy ICQ Privacy Policy