<p>I recently had 2 account hacked twice within 10 days by plat farmers. I had no viruses on my computer and no malware detected either. What I did discover is that my Hotmail account password was compromised. The culprits used the "forgot my password" option on station to send a new password to  my email address. They then logged in and sold gear, took plat from the guild, transfered characters and changed the characters names. If for any reason your accoutns are hacked, one of the first things you should do is <strong>change your email passwords</strong>. I would then reccomend setting up new email sites outside of hotmail or yahoo, as those sites are easily compromised. Then log into staion and change your email address.</p>

<p>A good idea is to use random characters in your passwords as well to avoid people using dictionary searches to discover your passwords.</p>

<p>Wow this really sucks im sorry to hear that.  You can contact SoE you know since you are the OO and would have the secret question / asnwer.  I think they can also restore your characters back to the way they were before it was stolen.  I would also reccomend using Gmail and not Hotmail.  Hotmail seems to be really funny and a site I work for has issues sending out activation emails to them all of a sudden.  May not be a big problem but its something to watch out for.  I hope you get them back!</p>

<p>I'd concur with the Gmail suggestion - I've always had good experiences with Google services in general.</p><p><span ><strong>Banuc </strong></span>- Please send me a PM should you be curious as to the status of a ticket or not hear anything back. I'll be certain to get back to you quickly!</p>

<p>This happened to me also last night with 7 accounts and hotmail (yes, I 6 box a lot).</p><p>I removed my hotmail accounts and have moved them to hushmail.com, which is an online email service that focuses on security.  Furthermore, I switched to using Roboform for my online passwords and am using 172 bit, 30 character long passwords now. </p><p>I cannot suggest enough that you need to get off of hotmail. HOWEVER, the only way they could have gotten both my account names and my email was through SOE, nowhere else.  None of that information was in my email, and after using 2 different security suites I am 100% sure that none of my computers were compromised.</p><p>I have since sent a message to Kiara with a suggestion for an easy fix to this problem.  Simply put, if you legitimately go to change your passwords you are required to know your secret question's answer.  Why is it that if you illegitimately try do so you only have to hack into the email?  Please make every attempt to change account information, including when passwords are forgotten, require knowledge of the secret question.  That would fix 90% of these issues very quickly.</p>

<p>The same thing happened to me twice. After the first time I changed passwords, installed McAfee, etc... after this second time was when I started trolling the forums to see what other people have been experiencing. After I read your post here I went to my Hotmail account and realized that my password had been changed, but of course the way windows live works now-a-days, I just logged into a linked account and swapped to it... sure enough password had been changed, secret question had been changed, and the alternate email address had been changed as well. Needless to say, my EQ2 account uses a different email now.. and not Hotmail.</p><p>I would like to say ... the GM's were very helpful the first time this happened. Am not happy with how it was handled this time around. (I would not keep stuff that's worth anything, including money, in your shared bank... )</p><p>Does anyone have an idea as to how these people are getting our log-in names and email addresses in the first place?</p>

<p><cite>Zalandradell@Najena wrote:</cite></p><blockquote><p>Does anyone have an idea as to how these people are getting our log-in names and email addresses in the first place?</p></blockquote><p>They will usually compromise your e-mail address and then use the station name/password recovery to get your account information.  Traditionally they will get into your e-mail by answering your secret question, not by guessing your password. </p><p>Do you use social networking sites(facebook/etc)?  Some will display your e-mail address and will contain enough information that they can answer your secret question.  If you're using such a site then you might want to scan it for anything someone can use to violate your security.</p>

<p>Yes I do have a Facebook account but it is set as Private and is only used to keep in touch with family. Even still, my secret question/answer would not have been found anywhere there.</p><p>It's not a huge deal though.. I've changed all of my more important stuff to using a safer email address, and the only thing I lost was all of my in-game money (aside from about 5plat), which I can make back over time.</p><p>I have however made a post in my gaming community/guilds forum warning everyone to change their passwords and not to use hotmail etc... Better to be safe than sorry.</p><p>Thanks for replying btw, I didn't really expect a response.</p><p>Zal</p>

<p><cite>Zalandradell@Najena wrote:</cite></p><blockquote><p>Yes I do have a Facebook account but it is set as Private and is only used to keep in touch with family. Even still, my secret question/answer would not have been found anywhere there.</p><p>It's not a huge deal though.. I've changed all of my more important stuff to using a safer email address, and the only thing I lost was all of my in-game money (aside from about 5plat), which I can make back over time.</p><p>I have however made a post in my gaming community/guilds forum warning everyone to change their passwords and not to use hotmail etc... Better to be safe than sorry.</p><p>Thanks for replying btw, I didn't really expect a response.</p><p>Zal</p></blockquote><p>As one final suggestion, you might want to use an older zip code for your address info on your e-mail.  Most web e-mails will ask you for your zip code during a recovery and that info is easy to find with just a person's name.  If you use the address info for an older residence then that can provide an extra layer of security.</p>