As you may have noticed a few weeks ago, PWE started resetting passwords. As always, they don’t explain why they do that…
Now, it’s become clear that some players that got their account hacked were using coin buying websites (from coins farmers), providing their loggin infos.
We don’t know if the owners of the website themselves had the initiative to gather player’s loggins in order to either resell gear and items of hacked players to produce even more coins to sell, or resell the whole account. Some may also say that their website had poor security.
Getting loggin infos to perform malicious actions is called “phishing”.
How phishing works :
The hackers usually use a sofware developped by their community to do the whole “old job” for them. The setup is pretty simple.
They just create a webpage, set the software (configuring the URL of the webpage to phish informations from, the file were the IDs will be stored and the destination webpage the phished user will get at the end of the process) and they let innocent people come to them.
They have various ways to convince people that their website is “phishing free” and that they’re doing nothing wrong selling coins (and therefore you can trust them with you account infos, so they can “deliver” your coins), but in the end you have no way to check that for yourself.
Aware of all that, know that these websites have absolutly no real clearence to ask for your loggin infos. You may NOT give it to them. If you do, that’s your problem, you’ve been warned.
Note : if you want to pay real $ to get coins, I suggest a safer, official and quick way to make coins = buy Zen, go in AH, sell your gold.
More infos on PWE announcement here.