Im not familliar with anet policies and my spam filter didnt block the email, so im curious. I recieved a “login validation” request for some chineese ip. Apparently this IP was sucessfully logged into my account, by my understanding. The Email asks me to confirm or deny access, but there was no link to deny access, only confirm it.
Is this a legitimate warning from Arena Net, or was this just a phishing attempt? An official response would be appreciated.
It’s probably someone logging into your account from a chinese IP. Dont reply to it. Go to a computer that is not yours and is not connected to your network, and change your password.
Someone has your current login details.
Once you have changed the pass on another machine, dont log into anything on your current machine, but make sur eyou use multiple virus and anti malware scanners and triple check your computer.
Yes they are sending out emails that you have to verify, by either denying or accepting, a login attempt being made from any other location than you have done when the game was released.
And that’s lucky considering that you may have had your account stolen.
But… as you ask confirm the validity for the email before clicking the link as you will be prompted to log in by using it and that is a great set up for fishing.
I didnt get a deny link at all, just an authentication link. Thats what worries me. Id gladly block the IP, or any IP other than the two i use, if i could.
Password changed securely. Guess im virus scanning this evening.
Even if you get one of these and you know its you, its always a very good idea to check first. There are phishing attempts like this which link to a gold sellers site.
Yeah. I never trust account validation emails. Mostly because i have never been hacked. But i needed a more secure password anyway, so its a good excuse to update!
That helps. It looks like the origin was NCSoft after all. Thanks.
Any suggestions for dealing with this issue if it’s not a keylogger of some kind? Im not a member of any GW2 fansites, although I may have aimlessly visited a few.
A log-in attempt from the following location is currently awaiting your authorization.
This location is approximated based on information provided by your Internet Service Provider. If in doubt, deny the request and try again.
If you are certain this log-in attempt was not made by you, then someone else knows your log-in credentials and you should change your password immediately via Account Management.
For security purposes, we alert you each time your account is accessed from an unrecognized location. To authenticate this log-in attempt, please click the link below:
{URL REMOVED}
Need help or have questions about your Guild Wars account? Visit our support site: {URL REMOVED}
Thanks!
—The ArenaNet Team
It says attempt, but it also says “Knows your login credentials” so did they just try and fail at logging in (I would assume so since Im not banned, moved or missing anything) or do they actually know my credentials besides my account email?
Yes, please re-secure your account right away. As the email says, “someone knows your log-in credentials.” Take that seriously and wrest that account back from the hacker.
And remember — always use a password that you use nowhere else because that is certainly how the hacker got access to your account.
Thats what worries me. Id gladly block the IP, or any IP other than the two i use, if i could.