Hi there! You are currently browsing as a guest. Why not create an account? Then you get less ads, can thank creators, post feedback, keep a list of your favourites, and more!
Scholar
Original Poster
#1 Old 29th Sep 2017 at 1:25 AM Last edited by pretenshus : 29th Sep 2017 at 3:37 AM.
Default "Account Was Stolen Help!" / My experience
I got an email from yahoo and EA saying that someone changed my email to something else what do I do!
-----------------------------
Edit: Ok I recovered from my panic. EA sent me an email yesterday to my yahoo letting me know that someone changed my email for the account. Luckily if I would've kept reading before freaking out theres a "Revert Email link"

The message and the email of the person who stole my account:

Hi gaskswwpp9,

On September 28, 2017 1:20:08 AM GMT, the primary email address linked with your EA Account was changed to:

[email protected]

If you never made this change, please change your email address back and change your password. If you need additional assistance, please contact EA Help.

Happy gaming,
The EA Team



So first of all Origin has a glitch, go figure. When ever I shut my computer down completely and turned it back on to play the sims the origin log in would pop up, I'd type in my info, and it would tell me my password has expired.

Welp I'd do the "forgot password" thing and I've been resetting the password back and forth between two I use, MY FAULT. I've been doing this in firefox which is the default browser connected to my origin account, also it just so happens my laptop is old and the version of firefox I'm using has security holes, again MY FAULT.

Today I learned my lesson, cleared whatever cookies I could and deleted firefox from my laptop, I never used it anyway.

While this situation is completely my fault, I would like to remind you guys that this stuff is definitely possible. I'm not sure how they actually got my account info but they did and they even changed my username and profile pic which is the thing I'm most upset about. This person made themselves right at home in a few hours time.

but yeah, it's possible, don't panic, update your stuff, something different maybe longer, if its not a password you commonly use then put it down somewhere for when you forget, watch your email account. None of this should be surprising but just wanted it to be known it happened to someone in this community, anyway, Happy Simming.

P.S. Did this person want to use my account to play the sims....maybe..? But also I recommend not keeping your financial information stored. They could also gain access to that.
Advertisement
Top Secret Researcher
#2 Old 29th Sep 2017 at 1:27 AM
Ask EA?

If they changed your e-mail, how didja get an e-mail?
Scholar
Original Poster
#3 Old 29th Sep 2017 at 2:01 AM Last edited by pretenshus : 29th Sep 2017 at 3:34 AM.
As of 9 pm eastern time I am waiting for an EA advisor in a chatbox since the hacker changed my security question. Estimated 30 minute wait and the ability to change any of my info is unavailable atm

> At 9.20 I spoke with a bot named Amelia. I think "it" might have been helpful if my problem was changing my password or something but no help for my security change and she provided me with links that went nowhere.

> 9.48, Currently speaking to an advisor. Very nice introductory conversation, almost like a bot, but he made a typo which reassured me and eventually we got to the topic at hand. Ofc he probably is copying and pasting protocol where necessary

> 10.20, I got all of my account back and I am now using two-step verification, which like an idiot I avoided because I thought "Who would hack some random Origin account?" *Boop* I was the random account with all the weak security.
As a tidbit, the EA advisor recommends using chrome (which I sadly cant but oh well ; u ; )

This all took time but my problem was fixed. If you do have to go through this situation I wouldn't try to avoid contacting EA. The chat room wasn't bad, at worst it was just the wait. To avoid this situation use a decent browser, 2 step verification, dont use two obvious passwords etc.

Hope someone finds this useful! :D
Instructor
#4 Old 29th Sep 2017 at 7:17 AM
Quote: Originally posted by Emmett Brown
Ask EA?

If they changed your e-mail, how didja get an e-mail?


I also got the same kind of email in Sept 16, the email says (copied pasted from my email);

Quote:
The password for your Origin account was recently reset because a standard systems analysis indicated that your user name and password may have been subject to suspicious activity. We have no reason to believe at this time that the suspicious activity is the result of unauthorised access to EA's databases. Instead, such activity could be related to issues with phishing, use of weak passwords, logging in from shared connections or even using the same password on multiple websites. We apologise for any inconvenience this may cause you and hope you will recognise we're taking this action to better protect your personal data.

At EA, we take the safety of your personal information seriously. Accordingly, we advise that you change the password on any other accounts where you used the same credentials as your Origin account. There are also other things you can do to help keep your account secure: use strong passwords, be sure to change your passwords at least a few times a year and use a unique password for each of your important accounts.

You can change your password here:
http://www.origin.com/....



At first I thought, that would be impossible because I haven't login there probably more than a year, and the "reset' reasoning was also hard to believed, so I pay more attention to what the email's saying, and also checking was the email sent from a secure connection or not, obviously the sender wants me to click the EA link using "http" instead of "https", so it convinced me that the email was fake, and the last one that I also double checked was.. where it was sent from or who the sender was? Then I found the sender was e.ea.com





Yeah right!! e.ea.com??
Field Researcher
#5 Old 29th Sep 2017 at 9:12 AM
1: How come you can't use chrome?
2: I don't care if someone hacks into my Origin account since they can't change anything since even I don't know the security questions!

I am MOHAAPlayer on Discord
Scholar
Original Poster
#6 Old 29th Sep 2017 at 12:39 PM Last edited by pretenshus : 29th Sep 2017 at 2:04 PM.
Quote: Originally posted by bbc100
1: How come you can't use chrome?
2: I don't care if someone hacks into my Origin account since they can't change anything since even I don't know the security questions!


1.Sadly atm I've only got the sims 3 running on a laptop with an old operating system. Both of the only available versions of chrome and firefox are filled with security holes, which is one way how I got here in the first place.

2....great? Also I don't think that's how it works.
Just because you dont know your answer to the security questions doesnt mean someone who wants your account cant figure it out.
People have ways of obtaining information whether you make it available to them or not
I certainly didnt leave the answer to my security question floating around on the internet but this person was still able to hijack my account.
Scholar
#8 Old 29th Sep 2017 at 4:56 PM
Had mine hacked at one point. The password was changed and the security question was apparently changed to 'something Russian'. Got a quick call in with them, verified that I am the actual owner of the account; changed my password and security question. Ever since, I do things like - if I don't log into my account for a while - they send a 'security code' to the account's e-mail address that I have to input, before I can properly log in. Been a few years since, haven't had an issue yet.
Scholar
Original Poster
#9 Old 29th Sep 2017 at 6:24 PM
Oh good! That's very reassuring. Based on solely the email address my hacker was Hungarian or... y'know, Russian as well.
I'm currently using the 2 step verification from an app on my phone and I haven't gotten any news of anymore attempts so hopefully this works out.
Née whiterider
retired moderator
#10 Old 29th Sep 2017 at 8:06 PM Last edited by Nysha : 30th Sep 2017 at 12:10 AM.
The one thing I'd add, OP, is that if you've used the same password you used on Origin anywhere else - here, work/school stuff, facebook, email etc. - you should change password for all of those sites. Now that someone has tried your email/password combo on Origin, it's only a matter of time before someone else tries it on another site.

The best solution is to use a password manager to make unique passwords for every service you use: http://www.lifehacker.co.uk/2015/02...nagers-compared (the only thing I'd disagree with in that article is that I wouldn't recommend LastPass any more. It's been bought out by a company that makes software used by "Microsoft tech support" scammers.)

What I lack in decorum, I make up for with an absence of tact.
Scholar
Original Poster
#11 Old 29th Sep 2017 at 9:26 PM
That's a good point, luckily I don't use the same password exactly. I do use variations though but they still tend to differ for anyone on the outside to try and make guesses and nothing on origin including the email I account I used and updated is connected to my identity. I didnt even use my real name last night while speaking with the adviser.
Field Researcher
#12 Old 29th Sep 2017 at 9:49 PM
Well, I have tried to get EA/Origin support to change it to something I know but they won't so if I want to change anything, I have to use Support!

I am MOHAAPlayer on Discord
Lab Assistant
#13 Old 30th Sep 2017 at 2:17 PM
Had a few phishing emails of late apparently from EA, saying the same things you have posted, even the link looks genuine, that is until you check to see where the link is actually going, ie no where near EA.

Basically these hackers (if you can call them that) are after your financial data.
Scholar
Original Poster
#14 Old 30th Sep 2017 at 4:53 PM
Quote: Originally posted by Bejaymac
Had a few phishing emails of late apparently from EA, saying the same things you have posted, even the link looks genuine, that is until you check to see where the link is actually going, ie no where near EA.

Basically these hackers (if you can call them that) are after your financial data.


I was thinking about this. I was very "lucky" I guess... I had attempted to log in first and wasnt able too and then knew something was actually wrong but I MAYBE wouldve clicked the link in panic had I gone to my email first and it COUDLVE been a phishing email
Back to top