*** SCAM alert! ***

Now it is a great opportunity to learn from other’s (myself) mistake.

2 days ago I saw someone in the new outpost „advertising” a new Guild Wars web page, www.guildwars....tk. I went to this page, this was a mess: pop ups everywhere, broken links, etc. That should have been enough of bad omens and to leave and never return but the front page said that the site was „still in beta” so I stayed. Since seemingly every sub menu needed registration to enter, I went to the registration page (the only link that worked). Fatal mistake: I gave here my email address. In the incoming pop up storm I barely catched the message noticing me that I would recieve a confirmation letter shortly with my registration info. Your guess is right: I never received any confirmation letter. Instead of this yesterday I found my account hacked, all my money and armors with superior runes gone. I lost about 200K and a rune superior absorbtion. I am not angry just a bit sad, how low can someone sink. I even thought about deleting the game for good…but that’s not going to happen, I enjoy playing GW too much. I was stupid and I payed the price. You don’t have to. Be careful. ANet can’t help you, they only can restore your character in case somehow it got deleted. But they can’t track hackers and give back stolen goods (at least that is they claim on their website).

Everyone should draw a conclusion for himself, I did it for myself. Never give away any personal information on the Internet unless you are 100% certain it is safe. And always use a good virus scanner, trojans can steel all your passwords.

Cheers,

Sunyi

wow i would be super pissed!

wow. you are really just stupid. that is like the oldest scam ever. and why not check out guildwars.com site? surely they would mention it. + .tk are foreign and free domains, guildwars.com would never change to it. i don't feel sorry for you, i reckon you deserve to be scammed if your that stupid.

So, Axle, how long have you been managing this "new" GW site? =P

Sorry to sound like a n00b - but can someone explain how someone knowing my e-mail address would let them hack my Guild Wars account?

I've read about this happening now and again over the past 4? months since Guild Wars has been out and always wondered how it works. How does the scam work? I know it involves finding out someone's e-mail address.. but how does that let them log into your account?

Unless people are stupid enough to register at websites with the same password they use for their Guild Wars account? That seems to me to be the only way that a scam like this could work... is that the only way this type of scam could work? Or is there something I'm missing?

its sad , the world is full of skamers .. i help my selfe believing that all this scamers will burn in hell for 1000 years of pain . they will become ugly fat monsters , live alone for the rest of their useless lifes .

i was scamed inside the game.

i was in ascalon seling some stuff , but nothing was going that day.
after a while i told a guy that i was trying to sell stuff bocose i had some kill points but didnt have money to muy skill ...
so he told me this :
i know a quest that gives you a cap signet and aditional 500 gold
i was dumb to believe the first time
and then he said , ill trade those items of the info on where it is ..
i was more dumb now then never
i give 4 good items to the guy
he gives me the imformation , i got there to check it out , of course there is nothing like he said , so i wisper him , and he sais .. ohh im sorry , maybe it was just for monks ... i dont remeber bla bla bla , i told him , give me my stuff ,... he said : i salvage them ...
what a ass hole ...

curse of death to all scamers
you will live in pain ... evil comes 3 times stronger
the more you steal , the less you have !
DIE SCAMER !!!!

Never go to any website advertised inside of any game. Half are scams. The other half are simply poor quality sites that the person is desperately trying to get traffic to and aren't worth visiting anyways.

I think they use a keylogger to get the password.....but this is just my theory

Well, if you know the e-mail adress under which an account is registered, you know already 50% of what is required to access the account. The other 50% are of course the passwort, but as people often use the same passworts all over again and almost no-one uses complex passworts it's often not very difficult to hack it using brute force (having a bot of sorts try a list of generic passworts that are known to be very comon). It's only a matter of time. You wouldn't belive how many accounts have been hacked by using a list of a few dozen strong language words and common female names (girlfriend's names)...

Many people just do not realize how important passwort security is. And by that I mean not only not to tell your passwort to anyone, but also to chose a passwort that can't be guessed. A good passwort should consist of at least 8 characters and should include letters both in upper and lower case, as well as numbers and - if possible - maybe even special characters like hyphens and such (of course you have to be cautious with those. I wouldn't use German umlauts for instance with an English software - differend character sets can screw you up big time). And it definitely should not be a word with a meaning.

one thing to remember....always have more than one e-mail adress.

with games like this, its best to keep one mail addy for signing up on forums and so on, that can be any type of addy, be it online only, like what used to be bt.com (the old talk21.com addys were 100% online, no info other than password to log in stored, if you alow windows to remember the password) or partialy offline (like hotmail, which stores stuff on your pc, which is the type the crackers prefer)

and one addy for just online games.

remember here, that its not realy hackers, but *Crackers*
crackers are the anoying little pleebs that use the keyloggers and trojans to get at your game accounts just for your stuff.

hackers usually have other things they can be doing
(not saying that hackers are that much better, hey, you get asswipes in all forms of life hehe, but generaly hackers have better things to do with their time that stealing someones stuff in an online game. what they call their 'better things to do' , im not sure, but i think its got less to do with *borrowing* your stuff in a game)

also, dont forget that if your sign up adress is the same as your log in to GW adress, your leaving yourself WAY open to it.

Harsh words, but true.

I was happy though to find all my (RL) money on my credit card the next day.

Also, they were so kind not to delete my character with several dozens of hours played. The s*ckers.

eightyfour-onesevenfive - thank you for the explanation. I thought it was that but I guess I still can't believe that people would be stupid enough to use the same password for everything around. *shrugs*

A buteforce won't help in this case since they need a HASH to hack, and GW acc HASHes are in ANet databases (they should). This case seems to have gotten the same password for both GW acc and e-mail address.

Edit: I forgot the real thread's topic... I'm sry to read this kind of posts/news but this kind of things can only be learned this way, getting scammed.

*sigh* How many times i got scammed on Diablo 2... But now i just keep super cautious for almost everything.

Mmm. I tried this once on a local server to see how easy it was to tamper things like Invision Board. Its really easy. I managed to get the md5 encoding off the password system therefore allowing me to look up passwords in the mySQL. Just be careful where you register.

Agree with Rayea

I have two accounts, my primary account and a "spam" account that forwards to my primary account. All portal sites, sites that require e-mail to use get the spam account. Stuff like my on-line bills, guildwars login, close friends get my real account.

Man, how unfortunate. You probably, very unknowingly, downloaded through ActiveScript or JavaX via Internet Explorer a Key Logger; Small program designed to capture key strokes and program use, report this info through the internet -- Modem or Cable makes no differnece since the program records data to your hard drive -- then transmists that data to a server for capture once you are online.

I recall back in the days of Star Wars Galaxies two youths who claim to grow tired of cheating in the MMORPG and decided to create a malicious website whereby anyone seeking cheats for the game could go. They put up a disclaimer, apparently, but still had a download link to their key logger. Approximately 30 or more people used the program, had their account info stolen, and their accounts siezed and subsequently destroyed.

These guys claim to do it for the good of folks only closing their accounts by deleting items and characters of people who "cheat" in the game. It is unknown what has become of these two and the funny thing is someone did a ping to their server and a domain search revealing the individuals name, address, etc.

There was even a phone number and I called the guy to inquire why he would do such a thing even if to benefit those honest players. He was very nervous, thought I was the FBI, and was hoping he doesn't get in trouble. I laughed so hard!

Good point to this community and remember before you even log in A-net has placed a warning in the information box to the right of the login about malicious websites and to be careful downloading anything. Problem is, unless you set your security to Block all Cookies and the highest protection Miscrosoft is unknowingly allowing transfer of these programs even though they claim to be "security minded" as a company.

lol your intelligent!!!!!!................... sorry your not

aww bless, i feel sorry for you even if some people don't.

i do the same as EternalTempest with a main address and one just for important stuffs.

it's bad to think people would be so mean just to steal other people's items on a game... wait, it's not mean it's sad.

There is no need for bashing like this. the poor guy was kind enuff to alert anyone that would listen. He was not asking for your sympathy, so how kind of you ntot to offer it. Personally, I applaude him at opening himself up like this. He was not aware of these types of scams, as are many people. He could be helping alot of people but you in your infinite wisdom, you who has never been scammed before, feel the need to call him stupid........wow.

give the dude a break.

No one deserves to be scammed, except for scammers who get one pulled back on them.

Thank you, Sunyi, for alerting everyone.


DF