Learn how to secure your account

The world of Aelion is full of dangers, though not all of them are aimed at your character... They can be aimed at you - the player - or your account!

We take account security very seriously, and while we are glad to assist anyone who fears for the safety of their account or feels theirs may have been compromised, remember that the first line of defense starts with you! Here is a list of information and tips on how you can ensure your time with Skyforge (and online gaming in general) remains safe and secure.

Types of Account Thefts

The first question on the minds of most account theft victims is, ‘How did this happen?’

It’s a good question, and answering it is the first step in regaining control of your account and plugging any security holes that may exist.
Should your account have been compromised, the following list of types of account theft should help shed some light on how your account was stolen and what steps you can take to prevent any further damage.

  • Sharing Account Info
  • Phishing Emails
  • In-game Phishing
  • Gold Sellers and Leveling Services
  • Malicious Add-ons
  • Malicious Websites
  • Duplicate Usernames and Passwords

Requests for login and password information
Deny requests for login and password information from other users. Do not share your account login information with anyone. My.com Administrators will never ask for your Skyforge account information.


Sharing Account Info

The simplest form of account theft occurs when a user willingly shares login information with another player. This person may be someone you know and trust in real-life, or someone using a tactic called ‘social engineering’ to get your information.

SHARING YOUR ACCOUNT INFO IS SIMPLY A BAD IDEA.

Solution:
Avoiding this kind of theft is easy: just don’t share your info. If you did share your information with someone else and you now suspect that your account has been stolen, change your password immediately to avoid any further damage. Also, do not log on from someone else’s computer. Even if you practice perfect Internet security at home, you’ll waste all that effort if you log on from a friend’s machine that has been compromised.


Phishing Emails

The practice of ‘phishing’ is the most common strategy used by account thieves. Many cases of people claiming they were ‘hacked’ can actually be traced back to phishing schemes. These emails and websites pretend to be official My.com communications to trick you into willingly handing out your login information. Here are some signs that you may be dealing with a phishing attempt:

  • Phishing emails will ask you for password or login information. My.com emails will never ask for your password.
  • Phishing emails will make urgent appeals in regards to your account being under investigation for hacking/cheating and ask that you provide personal information to avoid these penalties.
  • Phishing emails and websites may also make offers that seem too good to be true, such as early entry into My.com beta tests, special promotions, etc.
  • Phishing emails frequently contain grammatical and/or spelling mistakes. If you can spot obvious typos and grammatical/syntactical errors, you are likely dealing with a phishing email.
  • Some phishing emails do not request personal information but instead link to fake websites that look exactly like My.com’s account management websites. Check to make sure your browser’s phishing filter is activated.
  • Some phishing emails will mask, or ‘spoof’ their sending address, making it appear as though the emails are being sent from My.com. Check the email’s header information to verify the sending address.

WE WILL NEVER ASK FOR YOUR PASSWORD IN AN EMAIL.

Solution:
The best way to avoid becoming a victim of a phishing attempt is to exercise caution when receiving any kind of information purporting to come from My.com.
If an email asks for your password, makes urgent appeals, sounds too good to be true, or links to ‘account management’ sites outside of My.com’s sites, you are dealing with a phishing attempt.

Add the sender to your ‘blocked senders’ list, forward the email to the My.com support team by creating a new ticket, then delete the email.
If you believe you have recently fallen victim to a phishing attempt, change your password immediately.


In-game Phishing

"Phishing" attempts can also occur in-game. These attempts often come from people pretending to be My.com employees through a whisper. Scammers posing as My.com employees might inform you of a "problem" with your account or try to direct you to a unique opportunity. Though they may ask for your account information directly, these thieves are just as likely to request that you visit an external website to hand over your account information.

How to recognize and avoid phishing attempts:
You can identify an imposter by looking at the instructions they provide you, particularly any website URLs they might ask you to visit. My.com staff will NOT direct you to any websites other than our official domains for concerns, questions or information about your account.
If you feel you’ve been contacted by a scammer, please submit a ticket to the My.com support team.


Currency Sellers and Leveling Services

Currency sellers (Argents & Credits) and leveling services are responsible for the vast majority of all account thefts, and are the number-one source of Skyforge-related phishing attempts, spyware, and even credit card theft. Players who buy Argents/Credits actively support spam, hacks, and keyloggers, and by doing so diminish the gameplay experience for everyone else.

IF YOU BUY ARGENTS/CREDITS, YOU SUPPORT A MAJOR SOURCE OF SPAM, HACKS, AND KEYLOGGERS.

Solution:
Do not buy Argents/Credits, and do not solicit Prestige levelers. Their services are not worth the money or the headache of potential credit card theft, not to mention a permanent ban if you are caught. Factor in the fact that supporting them means making the game worse for everyone, and it becomes clear that what they are offering simply isn’t worth it.


Malicious Programs & Add-Ons

It is common for executable ( .EXE ) files, Windows screensaver ( .SCR ) files, dynamic link libraries ( .DLL ) files, and batch ( .BAT ) files being offered as parts of "mods" to contain malicious software designed to steal My.com account login information. Hacks are another very common source of malicious programs.
At the very least, this can break your game installation; at the worst, it can lead to irreparable damage to your computer, financial consequences due to credit card theft, or even real-life identity theft.

USE CAUTION WHEN YOU DOWNLOAD AND INSTALL PROGRAMS & ADD-ONS.

Solution:
Be extremely careful when downloading and installing programs & add-ons. If a program/add-on asks that you download an executable file, cancel the download immediately.
If you believe you have recently fallen victim to a malicious add-on, immediately have your anti-virus software run a full system scan, then change your password.


Malicious Websites

Malicious websites target your browser’s weak spots by attempting to install harmful software on your computer, with end results similar to malicious add-ons. These sites may be obvious, or they may be designed to look exactly like a My.com website.

One easy way to tell is by looking closely at the site’s URL. If it’s not a My.com URL but the site claims to be official, you are probably dealing with a malicious website.

ALWAYS KEEP YOUR BROWSER AND ANTI-VIRUS SOFTWARE UP-TO-DATE.

Solution:
The most important thing to avoid becoming a victim of a malicious website is to make sure your browser and anti-virus software are up-to-date. Carefully examine any and all links you are presented with, even from close friends.

If you believe you have recently fallen victim to a malicious website, immediately have your anti-virus software run a full system scan, then change your password.


Duplicate Usernames and Passwords

If you use your My.com account’s email address or password to create an account for another game or website, you’ve put the security of your My.com account at risk.

If someone was to gain access to your login information on the other game or website, they’ve got your My.com login information as well.
In addition, someone deliberately targeting My.com accounts could create a site for that purpose, such as a fansite or forum for a My.com game. If you register on that website with your My.com username and password, you’ve given that person the keys to your account.

DON’T USE YOUR MY.COM PASSWORD ON OTHER WEBSITES.

Solution:
Use an alternate email when registering for other services, such as an account you create for that specific purpose. Should that email account or any of the sites you used it for become compromised, your My.com account is still safe. And at the very least, use a different password for each account that shares the same email address.

09/14/2015