Guild Wars 2

After someone in china tried to get into my account yesterday i changed the password.

Worked for all but a day.

This morning at around 7amEST right when I was starting my job, they hacked it again and this time my email also to authorize the login location for CHINA. I live in Florida.

I saw this at 10am, so for 3 hours they went to town on all my stuff

I was able to see an kick him off as he was selling my stuff away for the last 3 hours, when i got home.

7 of 9 characters completely stripped, bank emptied. 520g down to 29g. Been playing since the release. 1 1/2 years of playing, saving, earning, all gone. 12bank tabs full all empty.

The only questions i have are this.

1. Why do they allow a emial to confirm access to my account FROM CHINA, when i live in Florida.

2.Why isn’t the location of the accounts original access part of the security?(like some emails and other games)

If someone from another location/IP/Country tries to access the account shouldnt Anet just red flag the account lock it out?

This happen to my starcraft account, they used it to buy WoW. blizzard sent an email saying the activity on my account was flagged an we have locked it, please contact us.
Not hard.

Needed to vent a little. Ticket was made they are looking into it, i even saw that the guys from NCsoft austin,tx logged into my account to see. So i know someones doing something.

1. People move and go on vacation.

2. How specific?

The Texas IP is you on the forums. Not ANet themselves most likely. It’s a known issue.

And they likely have access to your email. I would secure your email asap.

ok so thats me on the forums. ok.

people move on, vacation….um no.

That still isn’t, at all, a good reason that the game should just sent one email to authorize, when its so far off of a region login.

That email should be :

“we have locked the account because someone from the other side of the planet tried to access you account. contact blah blah to restore/reset your account.”

But no, nothing like that, human contact is lost apparently in this day an age. Which makes me understand why they have no phone/staff support anywhere i could find.

Only “submit a ticket we will get back to you.”
Followed by “we will investigate further.”

Understand that i’m really angry that about, to date $180+ (game + 5 gem cards)an 2000+ hrs on this game was wiped out in 3 hours, all because some little (word i can’t use on the forums) went into my account to sell off my hard earned stuff, IN CHINA

whats hard to see that someone from CHINA used an account located in FLORIDA, that shouldnt happen.

That’s not a red flag???

Ive seen the forum, in game, from other people, even a guild that was trying to help the entire world server, have had issue just like this.

I dont think the security is enough or in the right works. And i dont trust a 3rd party app in beta to secure my account. They could get hacked an open a Pandora’s box of passwords.

I know they are trying, an this is a very big issue they are dealing with, i hope the can find a better fix to this, or this will just keep happening. Which will put people off of this game if they are hearing that their accounts aren’t very safe.

I not mean to anyone, only the little (you can guess what) who took my stuff.

Rizzo.4012:

ok so thats me on the forums. ok.

people move on, vacation….um no.

That still isn’t, at all, a good reason that the game should just sent one email to authorize, when its so far off of a region login.

That email should be :

“we have locked the account because someone from the other side of the planet tried to access you account. contact blah blah to restore/reset your account.”

But no, nothing like that, human contact is lost apparently in this day an age. Which makes me understand why they have no phone/staff support anywhere i could find.

Only “submit a ticket we will get back to you.”
Followed by “we will investigate further.”

Understand that i’m really angry that about, to date $180+ (game + 5 gem cards)an 2000+ hrs on this game was wiped out in 3 hours, all because some little (word i can’t use on the forums) went into my account to sell off my hard earned stuff, IN CHINA

whats hard to see that someone from CHINA used an account located in FLORIDA, that shouldnt happen.

That’s not a red flag???

Did you know that most hacks coincide with emails getting hacked.

So here’s what happen:

Chinese hacker hacks your email account because you used the same email and password on a game forum (not necessarily a GW2 fansite, but it could be a WoW fansite or a WoW clone fansite,).

Hits the Forgot password link and closely watches the email account. Approves the password change and then deletes the email and deletes it from trash as well immediately.

Logs in and the verify you’ve changed location email gets sent.

Just like with the password reset, they authorize the location change and delete the evidence.

Puts on mobile authenticator.

Raids and pillages your account and uses it for botting purposes.

So your solution will likely not change anything for a majority of hacks. Only the minority who do not have it coincide with their email getting hacked.

Not saying your hack coincided with your email getting compromised, just that a vast majority of the cases do so your solution does not change a thing. The mobile authenticator already does what you suggest and until hackers invent a way to teleport a phone from one spot to another it will lock hackers out of your account.

My SO and I travel 3 or 4 times a year ‘half-way across the planet’. Should we have our game accounts locked each time because a few can not secure their computers? I’m not sure that is the best solution.

I would like to see a device one could purchase to enable 2-factor authentication, though. No smart-phones/apps necessary.

There’s a program I use called Bluestacks that runs android apps from my desktop, I recently used it to add the 2 step mobile app security and Anet authenticated it just fine.

If the option existed to only allow logins from IP’s within the US I would gladly use it as an extra security measure, but i have a feeling they would just find a way to bounce off a us based IP to launch their attacks.

Would still be nice though:

Hy I would like some idea what to do if my account got hacked and now all my stuff( set, weapons, collectibels and gold) was stolen.
ty for the reply.

Baska.7364:

Hy I would like some idea what to do if my account got hacked and now all my stuff( set, weapons, collectibels and gold) was stolen.
ty for the reply.

First, make sure your computer and email account are secure:

https://forum-en.gw2archive.eu/forum/support/account/Account-Security-What-you-need-to-know/first#post3884132

https://help.guildwars2.com/entries/28147596-Hacked-Compromised-Accounts

https://help.guildwars2.com/entries/28147576-E-mail-Authentication

https://help.guildwars2.com/entries/27626157-Two-Factor-Authentication

Once secure, contact Customer Support for assistance:

https://forum-en.gw2archive.eu/forum/support/account/How-to-Submit-a-Ticket-Account-Issues-2/first#post3954

https://help.guildwars2.com/entries/27658708-Restoring-Your-Account-After-a-Compromise

Good luck.

same thing happened to mine today but i didnt get to it intime

why not ask for the cd key every time you log in? Since it was the only way to kick the hacker out.

Not sure that would help, as many hackers compromise the email accounts associated with game accounts, and people leave the email with the CD-key in said accounts. Thus, the hackers gain possession of the CD-key.

Also, many people lose their CD-keys. So….