Epic is aware of the problem and is issuing refunds, but it's still never good to see one of your online accounts hacked. "We are aware of instances where users' accounts have been compromised using well-known hacking techniques and are working to resolve these issues directly with those players affected," Epic Games told Kotaku via email.
So how is this happening, and what can you do to prevent it?
There are many ways hackers can get into your online accounts, and it's important to be aware of each of them.
Using the same password across multiple sites is a bad idea.
It's probably never a good idea to use the same password across multiple sites for one very obvious reason: If one of your accounts is compromised, whoever hacked it can use that same information to hack into the rest of your accounts. If your Fortnite account has been hacked it's likely one of your other online accounts was hacked first.
Sadly, it's incredibly easy for hackers to find out whether or not you've been compromised. All they need to do is download password dumps (lists of compromised emails and associated passwords) and then use 'credential stuffing' to see which websites those combinations work on. Credential stuffing is a type of brute force attack used to gain access to compromised accounts that's both simple and effective and takes advantage of less savvy internet users---the type of person likely to reuse a password across multiple sites.
If a hacker matches your email/password and it happens to be the same one on your Fortnite account (or bank account, or whatever) they can gain access and wreak havoc. Obviously this can be even worse if they gain access to your PayPal, bank account, credit card accounts and so forth, but it can still be a huge hassle to deal with if one of your game accounts is breached.
Fraudulent offers can fool unwitting players.
Epic Games will never ask you for your password via email or a cold call. Don't give out your Fortnite password to anyone. Currently there are a whole bunch of fraudulent third-party 'special offers' promising all kinds of goodies, from free V-Bucks to in-game loot. These are not to be trusted. The moment you give out your password in exchange for a too-good-to-be-true offer you've invited the fox into the hen house. It should come as no surprise to anyone who does this when they see hundreds of dollars in fraudulent charges suddenly applied to their account.
How can I even tell if I've been compromised?
If you see fraudulent charges on your account it's a pretty good indication that somewhere along the line your password was compromised. First thing you should do is go change all your passwords right away. No, that doesn't sound like any fun at all, but it's still the very first step you should take.
But what if you haven't seen anything out of the ordinary? Does that mean you're safe and sound? Not necessarily.
There's a very useful resource, however, that you can use to tell if any of your emails and passwords have been exposed. Go to Have I Been Pwned and enter your email address(es) to see if any of them have been compromised in a dump. It's possible that even if your account shows up on any of these that it hasn't been compromised, but it's better to be safe than sorry. If it shows up, go change all your passwords.
You can also sign up for a notification service that will alert you if your email address is compromised in the future. Pretty handy. Use it.
What you can do to prevent this type of attack.
Aside from the obvious---don't use the same password for multiple sites and don't give out your password---there are several steps you can take to make sure you're protected from this kind of hack.
1) Make sure your computer and phone are up to date. Turn on auto-updates. This keeps your system secure against the latest threats.
2) Install an anti-virus and keep it up-to-date as well, even if you're on a Mac or iOS where viruses are much less common. Again, this is incredibly obvious to PC users, but maybe less so for mobile users. There are many great free anti-virus options for PC, Mac, Android and iOS. A quick 'best free antivirus for [insert system here]' Google search will provide you with lots of options. I've used everything from Avast to Bitdefender to Kasperksy and more and there's pros and cons to each of them.
3) Link your social media and Fortnite accounts. Epic Games has provided this option and it allows you to sign into Fortnite via your social media account and recover your account via your social media account if it's compromised (or you forget your login.) Of course, your social media accounts can also be hacked. It happens all the time. That's why #4 is the most important on this list.
4) Sign up for two-step verification/two-factor sign-in. You should do this for all your accounts, whether that's your Gmail account or your Steam account or any other account that offers this service. Epic Games does offer two-step verification, and here's how you do it:
Go to your Account Settings and click on the Password & Security tab. Scroll to the bottom and click the Enable Two-Factor Sign In button.
Once you sign up you'll receive an email verifying your account. Do that and you'll be all set.
Now the first time you sign in on a new device, or if it's been over 30 days since signing in, you'll be required to enter the two-factor code to login. This means that even if a hacker has your password they won't be able to login without the second code (sent to your phone, for instance.)
Even if you don't sign up for multi-factor authentication you should still verify your email address with Epic.
There are other steps you can take, of course. Chief among these is be smart online and don't be a sucker. Never trust public computers or shared systems at libraries, internet cafes and the like. These can be compromised without you knowing. Don't share your account with anyone, and don't buy accounts sold to you by other players or third-parties online. These can also be compromised.
Oh, and if an offer seems too good to be true---like free V-Bucks---it is. Don't trust it, don't get suckered in, and don't give out your personal information. Remember: A fool and his money are soon parted.
If you have already been hacked, contact Epic Games here.
That's all folks.
Remember to safe online whether you're playing Fortnite or any other game. Smart internet users are happy internet users. Stupid internet users have virus-ridden machines being used remotely to hack crypto-currency without their knowledge. Or worse.
BY: forbes.com
تعليقات
إرسال تعليق