Before I start, I am already wondering how much of an answer Im going to get out of this, but curiosity is getting the better of me XD

In short and to the point, how do people's accounts get hacked?

Over the last month, I have heard of 3 people's accounts being hacked and various amounts of items/gil being lost forever, not to mention on of their online reputations ruined as well.

How does this happen? The account details are help by SE and also on the client. If they are getting the info from SE, it means they are hacking into SE's db? Unlikely. Then again, if they are getting it from the Client side, again they must be hacking into your machine...:wtf:

Unless they are picking up the information somewhere inbetween is all i can think of. A keylogger wouldnt even work, as (well i know I do) never even type anything when I log in. Its all saved from the 1st time I launched POL.

Someone satisfy my curiousity!

Some other people may have access to the person's account. Like brothers, close friends, etc. No matter how much trust you have, chances are, you can still be screwed.

Another thing are virus/worms, specificly, are the key loggers. They can infect your PC in many ways. One easy way to get yourself infected are all the free cheating tools out there.

Mine was an abuse of trust from someone I knew. I have pinned it down to 2 possible people, who most likely guessed my password.

Safest thing to do - change password regularly, ensure it isn't guessable (a nice combo of numbers and letters which make no sense works well), don't give your password to anyone, don't download any tools to cheat with (basically, if you use windower, and any plug ins comes from the windower website ONLY, you will be ok), keep virus scans up to date, use Spybot/Adaware/whatever else to keep your machine safe.

Interestingly, when I talked to a GM, they were recommending people don't save passwords - it is apparently comparitively easy to get in and take that password out of your machine, at least a lot easier than getting a keylogger on your PC. I was talking to a computer security expert friend of mine (he looked at my machine afterwards, no sign whatesoever of a logger). They are a pain to work with, as they have so much data to sort through.

I got lucky, I can recover from this, and my reputation hasn't been harmed (at least, not that I am aware of). Once my penitent's rope sells, I can replace my noble's, and so am basically back on my feet. Don't make the same mistakes I did.

One thing, if you give your password to someone, your machine can be as clean as a whistle, but you are trusting of someone that their machine is too - who knows what they have downloaded.

Ahh yes, the vunerabilities of trust. Lucky noone I know in RL even plays FFXI let alone would have any reason to know my details.

Kirst, if that Rope of yours hasnt sold/whatever, send it my way. I need one anyway, might as well help out in a small way if it doesnt sell on AH. And I dont charge taxes either!

Too easy in a linkshell environment to trust people you think are close friends. "Oh I won't be there, log on and CS stun/pick up this gem/flag this dyna clear" - bye bye account.

And thank you - I might well do that, some tard has been undercutting, and it isn't selling.

General stupidity, going to links people send you in emails or shout ingame and the most common one giving your account details away.

How you get hacked in FFXI per GM Dave:

http://bannable-offenses.blogspot.com/2006/08/1400-is-loneliest-number.html



(for those that want Cliff Notes: D/L'd 3rd party software)

:biggrin:

Oh that GM Dave. He really gets it right every time, doesn't he? Ha...ha...ha?

Man. The hilarity is just too much.

Interestingly, when I talked to a GM, they were recommending people don't save passwords

Really? Dang, because I'm rather paranoid about someone hacking my account, mostly because I don't understand about much about how computers/programming works, I thought saving your account password would be the safest thing to do, keyloggers can't record what you don't type after all.

However, I have to question the credentials of that GM you spoke to, what kind of knowledge does s/he have on the subject?

I was talking to a computer security expert friend of mine (he looked at my machine afterwards

Have you confirmed the saving your password thing with your friend? The word of a computer security expert I'd trust.

Well, I am just passing on what he said. Really, if you have a firewall, you should be safe. I have a personal firewall (Zone alarm) and a firewall on my modem, so... in theory nothing should get through. However in practise...

Bottom line, if you are sensible, don't give your account details out to anyone, keep basic security up to date, and don't download anything stupid, you will be safe. Most account hacks are in fact done by someone you know, who you gave your password to that one time.

Really? Dang, because I'm rather paranoid about someone hacking my account, mostly because I don't understand about much about how computers/programming works, I thought saving your account password would be the safest thing to do, keyloggers can't record what you don't type after all.

Without know how POL stores passwords, it's difficult to say how difficult it is. (i.e. Does POL encrypt saved password? If so, how? Etc.)

That said, POL client's data on your computer is a static target--someone knowledgeable will know exactly where to look. Keylogger is less discriminate, and finding the info in a long stream of data it can log is a bit more of a hassle.

Of course, your chance of being a victim of "inside job" is much higher than being hacked by a random stranger. Except for cheat tool users, I guess, who are practically inviting malware to be installed on their machines. Don't really know for sure, though--and not inclined to test it out on my account. ^_^;;

Actually I'm willing to bet SE does not encrypt your password at all. Remember they are not a computer-game company, they are a console game company.

As for keyloggers, those register your keystrokes and can be accessed remotely. So if you save your password, technically it cannot be read by a keylogger.

If you have a firewall running, it should prompt you for any new activity or programs wanting access. So the big issue is just like any other: Know what you download, and get it from a trusted source.

Most account "hacks" are people that are far too trusting in the game. They give away their account info, and then hope nothing bad happens. Personally, only two people know my login info: My wife and myself. And I know her login as well. We wouldn't screw with each other's stuff intentionally, and if that were an issue, I would have locked my account with a password and changed my login password long ago.

I think the reason so many people get hacked is because they download stuff to cheat on FFXI, realize it doesn't work then suddenly they're poor :/

My older brother knows my password, but he doesn't know my username and doesn't have an FFXI CD :P Plus he has no need to hack me, he's a WoW fan not FFXI.

Take away windower, and the number of cheaters is very small. It is mainly people who know your account details, consistantly.

My older brother knows my password, but he doesn't know my username and doesn't have an FFXI CD :P Plus he has no need to hack me, he's a WoW fan not FFXI.
He could always sell off all your FFXI belongings for cash so he could then turn around and buy some gold for WoW.

that person has access to your account.maybe someone you know that you tell them too.once a friend of mine got screwed by his friend when he came over to hang out.when he went to the bathroom his friend checked his account cause he was playing when he arrived.:vent:
moral of the story,dont tell anybody when money is involved.it makes friend evil.

Keep playing!!I do!!

If you're on PC, you're at the greatest risk of account hacks due to keylogger programs. One of the easiest way for this to happen is by using windower and download plugins that may have other programms piggybacked on them.

The rest of the time it just seems to be a breach of trust or some sibling getting tricked into passing on account info. Or vengeful ex-girlfriend.

As long as you're just using windower from the windower site with plugins available at that site, you aren't at any risk for keyloggers.

It's when you just use any old windower that you have a problem.