Really tired of Ubisofts crappy protection

Nebell

Nebell

2[H]4U
Joined
Jul 20, 2015
Messages
2,382
So I got an email notification that someone from Thailand *successfully* logged in to my account.
I have 2-factor authentication by email.
I never got any email with the code which he needed to log in.

Besides, my email adress have an insanely hard password (basically random 15 letters/numbers) with a 2 facauthentication as well.
AND I checked login activity on my email. No one besides me logged in.

And when I checked my trusted devices on Ubisoft, I only had my two computers.

So how the hell did he manage to successfully log in?
What the hell Ubisoft?
 
Nebell said:
So I got an email notification that someone from Thailand *successfully* logged in to my account.
I have 2-factor authentication by email.
I never got any email with the code which he needed to log in.

Besides, my email adress have an insanely hard password (basically random 15 letters/numbers) with a 2 facauthentication as well.
AND I checked login activity on my email. No one besides me logged in.

And when I checked my trusted devices on Ubisoft, I only had my two computers.

So how the hell did he manage to successfully log in?
What the hell Ubisoft?
Click to expand...

Might be a phishing email.

Did you actually log into your account and change the password or verify nothing is wrong.
 
I received one as well, but instead of clicking the link I just logged in to Ubisoft and changed it.
 
fuckmerunning.png


change email is one of their suggestions....

i would rather stop using uplay than change emails.
 
Nebell said:
Nothing looks shady, the links check out.
This is why I find this extremely weird.
Maybe a bug in their system.
Click to expand...
Or someone breached Ubisoft servers. Happens a lot to game companies. Ubisoft is one of the larger ones and it usually doesnt happen to them, but EA was breached a few months ago and it doesnt seem anyone knows or has been disclosed yet. Then again, Sony is quite large too and they have been breached a dozen times?
If they breach the servers then people can login and bypass your PW or 2 factor auth. People used to hack game accounts this way a lot and transfer your MMO loot out to their accounts to sell for real world money.
 
Check all the detailed headers in the email in question. Compare to a previous known good email from Ubisoft. As others have said, the Received From field is easy to spoof. Also, never follow the included 'fix it' link. Always use a known good customer service link to check things. Some of the phishing emails are getting so good that they are very hard to tell from the real thing. The bad folks are taking the time to fix the stupid spelling errors and poor quality graphics that often identified previous phishing efforts.
 
Also the phisher's are smart in registering domains with similar letters I or l (capital I vs lower case L for example..)
 
You must log in or register to reply here.
Back
Top