Really tired of Ubisofts crappy protection

Nebell

2[H]4U
Joined
Jul 20, 2015
Messages
2,124
So I got an email notification that someone from Thailand *successfully* logged in to my account.
I have 2-factor authentication by email.
I never got any email with the code which he needed to log in.

Besides, my email adress have an insanely hard password (basically random 15 letters/numbers) with a 2 facauthentication as well.
AND I checked login activity on my email. No one besides me logged in.

And when I checked my trusted devices on Ubisoft, I only had my two computers.

So how the hell did he manage to successfully log in?
What the hell Ubisoft?
 

WarriorX

2[H]4U
Joined
Nov 18, 2006
Messages
2,182
So I got an email notification that someone from Thailand *successfully* logged in to my account.
I have 2-factor authentication by email.
I never got any email with the code which he needed to log in.

Besides, my email adress have an insanely hard password (basically random 15 letters/numbers) with a 2 facauthentication as well.
AND I checked login activity on my email. No one besides me logged in.

And when I checked my trusted devices on Ubisoft, I only had my two computers.

So how the hell did he manage to successfully log in?
What the hell Ubisoft?

Might be a phishing email.

Did you actually log into your account and change the password or verify nothing is wrong.
 

Puterguru

2[H]4U
Joined
May 21, 2001
Messages
3,499
I received one as well, but instead of clicking the link I just logged in to Ubisoft and changed it.
 

Master_shake_

Fully [H]
Joined
Apr 9, 2012
Messages
17,795
fuckmerunning.png


change email is one of their suggestions....

i would rather stop using uplay than change emails.
 

EniGmA1987

Limp Gawd
Joined
May 2, 2017
Messages
429
Nothing looks shady, the links check out.
This is why I find this extremely weird.
Maybe a bug in their system.
Or someone breached Ubisoft servers. Happens a lot to game companies. Ubisoft is one of the larger ones and it usually doesnt happen to them, but EA was breached a few months ago and it doesnt seem anyone knows or has been disclosed yet. Then again, Sony is quite large too and they have been breached a dozen times?
If they breach the servers then people can login and bypass your PW or 2 factor auth. People used to hack game accounts this way a lot and transfer your MMO loot out to their accounts to sell for real world money.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,831
Check all the detailed headers in the email in question. Compare to a previous known good email from Ubisoft. As others have said, the Received From field is easy to spoof. Also, never follow the included 'fix it' link. Always use a known good customer service link to check things. Some of the phishing emails are getting so good that they are very hard to tell from the real thing. The bad folks are taking the time to fix the stupid spelling errors and poor quality graphics that often identified previous phishing efforts.
 

MrGuvernment

Fully [H]
Joined
Aug 3, 2004
Messages
20,618
Also the phisher's are smart in registering domains with similar letters I or l (capital I vs lower case L for example..)
 
Top