|very day, we receive several very sad emails from players who have lost their account to a hacker. Getting hacked is surely one of the worst scenarios that can happen to a player's account. Players have often invested much time in developing their characters and collecting rare items, and for many their characters are dear to their hearts. Accounts are your treasures that have to be protected from any harm. In this featured article we want to explain once more which steps you need to follow to protect your account against hacking.
1. Protect your account!
First of all, it is important that you keep your account data secret. Nobody, except yourself, should know your account number, your password and your recovery key; not your brother, not your best friend, and least of all somebody you only met ingame. Often enough players get hacked after an argument with their best friend or a sibling that knew their account data. Also, if you write an email to customer support, do not include your account data. It is sufficient if you tell us your character name. Keep in mind that nobody in an official position will ever ask you for your account data, no member of the CipSoft team and also no gamemaster. Whenever somebody approaches you, asking for your password, account number or recovery key, you can be sure that this person wants to hack you.
Do not store account data on your computer as it is possible that somebody is spying data from your files. If you cannot remember your password, write it on a piece of paper and store it in a safe place which is only known to you. Also do not keep emails containing account data.
It is also important that you use a secure password. A secure password consists of a mix of upper and lower case letters, numbers and special characters. A good strategy to find a secure password for example is to think of a sentence and pick the first letters of every word. The sentence will help you to remember your password at all times, and nobody will be able to guess it. Do not use your account number as password, not your character name, not your birthday and generally nothing that somehow refers to your person and can be guessed by others. In this connection, it is also important that you do not give other people personal information about yourself, especially data like your address or phone number. No matter if inside or outside Tibia, e.g. by using a messaging service, do not trust people you only know from the internet. This does not mean that everybody on the internet is a bad person, in most cases the people you meet are very nice, however, fact is you do not know the real person and it is very easy to give yourself another identity on the internet.
Furthermore, you should ensure to change your password regularly and to use your password exclusively for Tibia. It is very important that the passwords for Tibia and your email account are different. Also the password you might use for your guild's homepage should by no means be your Tibia password.
Finally, it is very important to register your account. Far too often, players cannot recover their accounts after a hacking incident because their account has not been registered. Players that hack accounts without a registration mainly use this opportunity and register the account to obtain the recovery key with which they can change the email address of the account instantly. In these cases, the original owner has no chance of getting this account back. For this reason it is vital that you register your account with correct data.
Also make sure that you do not lose access to the email address to which the account is registered. Use your email account regularly because many email providers delete inactive email accounts. Do not create an extra email account for your Tibia account. You might forget to use it regularly after some time. Adjust the assigned email address in time if your current email account is about to change. Also, handle your email account with the same caution as your Tibia account. Keep in mind, a person with access to your email account can easily hack your Tibia account!
2. Do not fall for hacking links or emails!
A common way to hack players is by posting websites that promise various things if you visit a certain website or download some file. Whenever somebody is promising a "free Premium Account" if you visit the website being posted, you can be sure that this link has been designed to hack your account. Never believe in such advertisements! Also links that lead to websites on which you can buy Tibia gold for real life money, are often designed in a way to steal your account data. Even worse, they often abuse your credit card information for later purchases on the internet. For this reason, stay away from pages which offer Tibia gold or other items for real life money.
An all-time favourite are also links that promise you pictures of some naked girl. You should also be suspicious if somebody invites you to a guild and asks you to enter a certain link to do so. Note that the only way to join a guild is via the guild section on the official Tibia website. Popular are also links to Tibicam movies that will either show the victory over some boss monster, some guild war or other cool events. However, if you download such a movie, you normally also install some keylogger on your computer. Of course not all Tibicam movies will hack your account. However, you should be extremely careful if somebody is showing such a link to you. If a movie comes from a player which you do not know, or if the link is just randomly posted in some channel or on the boards, you are well-advised not to look at it. Also if you see some link in some channel or on the boards whose address looks like the official Tibia website, do not simply copy it into your address bar. Hackers often use other characters to let an address appear very similar to tibia.com; e.g. second "i" replaced by "1": TIB1A.COM; first "i" replaced by a "small L" TlBIA.COM. For this reason, always make sure that you only enter our website by manually typing the address www.tibia.com into the address bar.
Another hacking method is sending ingame letters to player depots. In these letters you are either promised free premium time or threatened with some banishment. You are asked to visit a certain website and enter your account data. Needless to say that these websites have only been designed to steal your account data. Note that we never send ingame letters including links. The only letters you will obtain from us are those informing you about winning a house and reminders about your rent. Every other ingame letter claiming to be from CipSoft is fake and designed to hack your account.
From time to time, you might have seen a news ticker in which we warn players about phishing emails. "Phishing" is compounded of the words password and fishing. These emails are randomly sent to a huge number of email addresses in order to steal account data of people. In most cases, the sender address has been faked to arouse the impression that the email comes from an official place. In Tibia, phishing emails mainly fake our support address as sender and also try to imitate the form of an official email, e.g. by signing it with "Your CipSoft Team". In these emails you are asked to click on a link to confirm your data, to state your opinion or to get free premium time, to mention just a few of many possible scenarios that require to enter your account data somewhere. The link itself looks mostly like an official link. However, if you move your mouse pointer on the link (don't click on it though!), you can see in the bottom of the page the website where the link really leads to.
3. Follow the Tibia Rules!
The Tibia Rules have not only been set up to prevent chaos and unfair behaviour among Tibia players, some of them have also been designed to protect players from getting hacked. Please note that we do not offer support for players that have lost their accounts due to violating a Tibia Rule.
Sharing an account does not only give you an unfair advantage over other players, it also poses a high security risk. As already stated above, it is essential that only the owner of an account knows the account data. If an account is shared, several people know the account data. Often enough we hear stories where two best friends or brothers have shared an character up to a certain level, then one of them decides to kick the other player out and changes the password. Plenty of times, the other sharer gets angry about this. By knowing the account number and often also the recovery key, he hacks the account back and either tries to keep the account for himself or destroys the account, e.g. be rooking the character, breaking the Tibia Rules until the account gets deleted etc. This is only one scenario of how account sharing can destroy your account. Keep in mind, if you share your account, you do not only violate the Tibia Rules, but you also risk getting hacked.
If you buy or trade an account, you risk the hacking of your account as another person knows your account data. There are many cases where people have paid much money or valuable ingame items for an account and later the original owner has "hacked" the account back. In another scenario, players exchanged account data and then one of them realised that the account data he had received for his new account was wrong and his original account was gone as well because he had not registered it before. Just like sharing, trading accounts gives other people access to your account data and with that there is always a high risk of getting hacked.
Using unofficial software
There are many tools for Tibia that give players unfair advantages, the most common ones allow you to hunt while being away from your keyboard, also known as botting. Not only are such programs against the Tibia Rules, but using them is also extremely risky. However, also tolerated tools like a TibiCam can lead to the hacking of your account. All of these tools can contain a virus and may damage your computer badly. Very often such tools have a backdoor implemented. Such a backdoor is a modification of the tool you have downloaded which allows the programmer of the tool to enter your computer system and to control your PC. This way he can easily hack your Tibia account. Many other tools install keyloggers on your computer system. Keyloggers record the keystrokes you make and by doing so they can easily find out your account number and password. You always should keep in mind that whenever you download unofficial software, you do not only risk the hacking of your Tibia account, but you also risk that the hacker gets private information you have stored on your computer or, in the worst case, is even able to hack your online bank account. Therefore, hands off of unofficial software!
4. Protect your computer!
Unfortunately, there are many possibilities to infect your computer system with keyloggers and viruses. Running a file that someone sent to you by email or via a messaging service like ICQ or MSN is the most common way to infect your computer. For this reason, you should be extremely careful with all files you obtain. Note, that CipSoft will never send you emails with attachments. If you receive emails with attachments from an unknown sender, you are well-advised to delete them right away. It is also recommended that you scan a downloaded file with an up-to-date virus program before running it.
To keep your computer clean, you should use an antivirus program and a firewall. Make sure that those programs are activated all the time. Also, they should be updated regularly, preferably every day. Additionally, it is recommended that you scan your full system weekly to detect new viruses that the older versions of your antivirus program were unable to find. Also your operating system and your browser should be updated regularly and run with the latest version. This is necessary as older versions can still contain security risks that are fixed with the newest patch. Keep in mind that it is possible to get hacked by simply looking at a website with an outdated browser.
Finally, unless you cannot avoid it, you should only play on your personal computer at home. We often receive emails in which players report being hacked while playing on the PC of a friend who had a keylogger installed. Also playing in a public network, as they can be found in libraries, schools or internet cafés, can be a security risk. There may already be keyloggers or backdoors installed on the computer by other people. Also, the data you send through public networks can be recorded easily by hackers. If you have no other possibility than to play from a public network, you should at least try to find a place with high security standards.
Getting hacked is a very frustrating, in many cases, however, avoidable situation. If you follow our security guidelines, you should be well protected against any hacking attempts.
Your CipSoft Team
Access ALL Areas!