Currently being hacked
At this point there is nothing you can do but wait for support. They should be able to help you recover the account. If they determine it is hacked, they can also do a roll back and restore the account as well. What you do need to do on your end while waiting is secure both your email and computer. If they where able to setup an authenticator, then they may have access to your friends email account as well.
Kick him from the guild so he cant pillage the guild bank. Also warn all guildmates and his friends not to trust any messages from his account until its restored.
Kick him from the guild so he cant pillage the guild bank. Also warn all guildmates and his friends not to trust any messages from his account until its restored.
If you read the op’s post, (first sentence) you would see he already left the guild, that is how they discovered the hack.
A complete wipe of the computer would be a good idea as well, seeing as you didn’t find anything with the scanner, but they clearly got your information from somewhere which would suggest a keylogger or something like that.
Krall Peterson – Warrior
Piken Square
Or using the same password multiple places on the internet. You might want to contact CS using a new email carrier, with a unique password, so they can’t intercept your emails.
ArenaNet Communications Manager
Or using the same password multiple places on the internet. You might want to contact CS using a new email carrier, with a unique password, so they can’t intercept your emails.
This is very good advice, and I suggest you do exactly this. The fact is, someone learned your friend’s credentials, and that means that hacker probably already has access to the e-mail account associated with the original ticket. Which of course means, the hakcer will be able to read the ticket and intercept it, or learn about the new credentials set by CS.
- Assume the computer is infected. Secure it.
- Assume the email account is compromised. Abandon it if you are not 100% certain that it no longer is accessible by the thief.
That is what I would advice.
Communications Manager
Guild & Fansite Relations; In-Game Events
ArenaNet
Malwarebytes and combofix should be the first things you DL and run. After that, at the very least as stated, change the password on everything, email, banking, games etc etc, best is to make another email account as well. People forget that often times login info is emailed to you, one of the stupidest things websites/games do, because if this single point is cracked, they then have access to all of your accounts, and anytime you reset the PW, they also get the email with the new PW and log back in.
People use the same password almost everywhere, I see it all the time, they also have the habit of using the same login ID, so once they get a hit on a user name and PW, they often run it through a list of sites for extra hits.
Learn to use pass phrases, rather than words, it allows a person to remember long passwords that are unique to each site. “ThisisMyGW2loginPASSWORD!” or something like that, it is a phrase so it is easy to remember, it has some kind of link to the site/game etc in it so you know what it goes to, it has random caps, is 25 characters long, has numbers and special characters in it. To brute force a PW like that, would take trillions of trillions of years to guess because of network throughput, even with a single file mounted to a RAM disk with billions of guesses a second would take trillions of years, the only way someone would get access would be by it being revealed to them, through other means or a unsecured database.
People often think it might not be a good password, because it has words in it, and yes, those words might be in a dictionary attack, but the attacker has no idea what the password looks like, and the chaces of a PW like that being in their databases/dictionaries is moot, and after they fail to get a hit they will move on because the only other choice is a exhaustive password search and the only thing that matters to protect from one of those is padding, that is total password length, as the PW above has a password search space of 28,034,052,602,738,549,436,590,497,089,977,609,984,418,179,126,495. The trick is coming up with your own personal padding, something that you will know/remember, then all you have to do is add something unique to the padding that links to the given site for the PW and you are set, because no one is going to do an exhaustive search on you, because well, you are not worth it and the chances are so low, the attacker goes after low hanging fruit, and unless the person is targeting you for some reason, all other attackers are just going to move on.
Hello frend ,I’ll do u a solid and give a free advice…make a google mail acc and conect your new google mail to your mobile so every time u aces gmail from diferent IP ,a verefication code is sent to your mobile phone….
ps.also usefull when u generate a pasword for your email use old pincodes from your credit card that is expired with combination of leters and before u do all that wipe your comp install all new windows