Onigamibr Posted August 23, 2016 Share Posted August 23, 2016 I've been away from Nexus a bit and seems that I've lost my password too, and I think this account is connected to an old email which I don't use it anymore and don't have access to it anymore. How do I get my account back? Will I be forced to make a new account, cuz of this? Link to comment Share on other sites More sharing options...
Thandal Posted August 23, 2016 Share Posted August 23, 2016 @Onigamibr; Please submit a Support Ticket using the "Contact Us" link at the bottom of the page. Link to comment Share on other sites More sharing options...
GraVmaN Posted September 3, 2016 Share Posted September 3, 2016 I think its unlikely anyone will buy that list so they can high jack a user account to post in the forums or download some files. Its more likely the email addresses will be used to send spam to. Looks like I am among the affected as my account was made almost 6 years ago. As such, I have changed my password of course. :D Link to comment Share on other sites More sharing options...
nurmi90 Posted September 11, 2016 Share Posted September 11, 2016 In response to post #41198720. #41223970, #41504730 are all replies on the same post.bben46 wrote: Ten years ago ( some of our accounts go back much further than that) a simple password for a site like Nexus was sufficient. After all, there was no money to be had for the effort and the worst you could do was use a hijacked account to troll the site. Then, the criminal scum discovered that many of the members were dumb enough to use the same password on other accounts where they could steal real money. Not many as the majority of the users on a game site were young enough that they didn't have credit cards. But those kiddies grew up and many still didn't change their simple easy to crack passwords. But now they had jobs, money, bank accounts and credit cards. Now cracking a password on Nexus still didn't get them any money directly, but it might get them access to other accounts where they could steal some money. And access to social media accounts where they could harvest a lot of personal info that scammers and spammers will pay for. I have a very close friend who posted her telephone number on an open FB post to someone. She has been swamped with spam and scam phone calls on that number. As many as 7 and 8 a day. That phone number was likely harvested by a scraper that reads thousands of FB posts every second looking for data like phone numbers, email addresses, mailing addresses and any other valid personal information. The scraper then sold her verified phone number, along with hundreds of others for about 5 cents per number, That doesn't sound like much, but they likely sold her number in a package that included around 10,000 already verified good numbers making them $500 from each of a dozen or so scammers making their total haul around $6 to 7k Change your password if you haven't already - AND do not post private info on any public forum.Gharuk wrote: > there was no money to be had for the effortI think a significant danger is the use of hijacked mods to distribute malware (ie: to grow botnets). If I were a nexus coder, I'd build some kind of tripwire into the nexus that would be set on any account that had more than N downloads a day on it and post an email to moderators to check out uploads if they came from IP addresses that the account owner had never uploaded a mod from before, or something like that.Roccondil wrote: that or at least if an account has been inactive and then suddenly re-uploads/updates an old mod that hasn't been touched in years it should be flagged.Haven't thought before somebody using ad tactics for stolen info. Curious puzzle.Ten years ago my WoW & Curse login were same so can't help recalling, so obviously one day my dear Tauren Shaman got cleaned up and back then it clicked for me that we are going to see so much trouble from people using same logins. I figured to just tier accounts so its easy to manage and pointless to have my forum account, plus if "C" tier game login gets stolen then I know to change them all. Simple password doesnt matter because no body is going to really crack password and its you who is making the mistakes.Very likely that most Nexus logins work everywhere and can be sold separately from game to game, then finally it ends up being Twitter bot.PS: I think that my same old forum account have been stolen from every single forum I have put it into and its like my very own cancer-pet. Then its also amusing to think site admin seasonally just selling the whole list like its some ad revenue. :D :DShort version: You only need one cancer-pet. Link to comment Share on other sites More sharing options...
gta0gagan Posted September 22, 2016 Share Posted September 22, 2016 how to check when our account got created Link to comment Share on other sites More sharing options...
ragnaroklucifer Posted September 23, 2016 Share Posted September 23, 2016 In response to post #41198720. #41223970, #41504730, #42302635 are all replies on the same post.bben46 wrote: Ten years ago ( some of our accounts go back much further than that) a simple password for a site like Nexus was sufficient. After all, there was no money to be had for the effort and the worst you could do was use a hijacked account to troll the site. Then, the criminal scum discovered that many of the members were dumb enough to use the same password on other accounts where they could steal real money. Not many as the majority of the users on a game site were young enough that they didn't have credit cards. But those kiddies grew up and many still didn't change their simple easy to crack passwords. But now they had jobs, money, bank accounts and credit cards. Now cracking a password on Nexus still didn't get them any money directly, but it might get them access to other accounts where they could steal some money. And access to social media accounts where they could harvest a lot of personal info that scammers and spammers will pay for. I have a very close friend who posted her telephone number on an open FB post to someone. She has been swamped with spam and scam phone calls on that number. As many as 7 and 8 a day. That phone number was likely harvested by a scraper that reads thousands of FB posts every second looking for data like phone numbers, email addresses, mailing addresses and any other valid personal information. The scraper then sold her verified phone number, along with hundreds of others for about 5 cents per number, That doesn't sound like much, but they likely sold her number in a package that included around 10,000 already verified good numbers making them $500 from each of a dozen or so scammers making their total haul around $6 to 7k Change your password if you haven't already - AND do not post private info on any public forum.Gharuk wrote: > there was no money to be had for the effortI think a significant danger is the use of hijacked mods to distribute malware (ie: to grow botnets). If I were a nexus coder, I'd build some kind of tripwire into the nexus that would be set on any account that had more than N downloads a day on it and post an email to moderators to check out uploads if they came from IP addresses that the account owner had never uploaded a mod from before, or something like that.Roccondil wrote: that or at least if an account has been inactive and then suddenly re-uploads/updates an old mod that hasn't been touched in years it should be flagged.nurmi90 wrote: Haven't thought before somebody using ad tactics for stolen info. Curious puzzle.Ten years ago my WoW & Curse login were same so can't help recalling, so obviously one day my dear Tauren Shaman got cleaned up and back then it clicked for me that we are going to see so much trouble from people using same logins. I figured to just tier accounts so its easy to manage and pointless to have my forum account, plus if "C" tier game login gets stolen then I know to change them all. Simple password doesnt matter because no body is going to really crack password and its you who is making the mistakes.Very likely that most Nexus logins work everywhere and can be sold separately from game to game, then finally it ends up being Twitter bot.PS: I think that my same old forum account have been stolen from every single forum I have put it into and its like my very own cancer-pet. Then its also amusing to think site admin seasonally just selling the whole list like its some ad revenue. :D :DShort version: You only need one cancer-pet." Then, the criminal scum discovered that many of the members were dumb enough to use the same password on other accounts where they could steal real money." So my friend's banned account's password stolen from nexus could be used to logged in to his other accounts on other sites? Why not scrub the passwords of banned accounts? They can't log in anyway... Link to comment Share on other sites More sharing options...
Trafalgard Posted September 25, 2016 Share Posted September 25, 2016 In response to post #41198720. #41223970, #41504730, #42302635, #42631155 are all replies on the same post.bben46 wrote: Ten years ago ( some of our accounts go back much further than that) a simple password for a site like Nexus was sufficient. After all, there was no money to be had for the effort and the worst you could do was use a hijacked account to troll the site. Then, the criminal scum discovered that many of the members were dumb enough to use the same password on other accounts where they could steal real money. Not many as the majority of the users on a game site were young enough that they didn't have credit cards. But those kiddies grew up and many still didn't change their simple easy to crack passwords. But now they had jobs, money, bank accounts and credit cards. Now cracking a password on Nexus still didn't get them any money directly, but it might get them access to other accounts where they could steal some money. And access to social media accounts where they could harvest a lot of personal info that scammers and spammers will pay for. I have a very close friend who posted her telephone number on an open FB post to someone. She has been swamped with spam and scam phone calls on that number. As many as 7 and 8 a day. That phone number was likely harvested by a scraper that reads thousands of FB posts every second looking for data like phone numbers, email addresses, mailing addresses and any other valid personal information. The scraper then sold her verified phone number, along with hundreds of others for about 5 cents per number, That doesn't sound like much, but they likely sold her number in a package that included around 10,000 already verified good numbers making them $500 from each of a dozen or so scammers making their total haul around $6 to 7k Change your password if you haven't already - AND do not post private info on any public forum.Gharuk wrote: > there was no money to be had for the effortI think a significant danger is the use of hijacked mods to distribute malware (ie: to grow botnets). If I were a nexus coder, I'd build some kind of tripwire into the nexus that would be set on any account that had more than N downloads a day on it and post an email to moderators to check out uploads if they came from IP addresses that the account owner had never uploaded a mod from before, or something like that.Roccondil wrote: that or at least if an account has been inactive and then suddenly re-uploads/updates an old mod that hasn't been touched in years it should be flagged.nurmi90 wrote: Haven't thought before somebody using ad tactics for stolen info. Curious puzzle.Ten years ago my WoW & Curse login were same so can't help recalling, so obviously one day my dear Tauren Shaman got cleaned up and back then it clicked for me that we are going to see so much trouble from people using same logins. I figured to just tier accounts so its easy to manage and pointless to have my forum account, plus if "C" tier game login gets stolen then I know to change them all. Simple password doesnt matter because no body is going to really crack password and its you who is making the mistakes.Very likely that most Nexus logins work everywhere and can be sold separately from game to game, then finally it ends up being Twitter bot.PS: I think that my same old forum account have been stolen from every single forum I have put it into and its like my very own cancer-pet. Then its also amusing to think site admin seasonally just selling the whole list like its some ad revenue. :D :DShort version: You only need one cancer-pet.ragnaroklucifer wrote: " Then, the criminal scum discovered that many of the members were dumb enough to use the same password on other accounts where they could steal real money." So my friend's banned account's password stolen from nexus could be used to logged in to his other accounts on other sites? Why not scrub the passwords of banned accounts? They can't log in anyway...> So my friend's banned account's password stolen from nexus could be used to logged in to his other accounts on other sites? Why not scrub the passwords of banned accounts? They can't log in anyway...Why doesn't your friend change his other passwords, lol? It's not like changing his nexus password will stop anyone who already has it from trying it for his other accounts on other sites. Link to comment Share on other sites More sharing options...
Deleted1076479User Posted September 26, 2016 Share Posted September 26, 2016 Yeah well i got hacked, look at haveibeenpwned.com and my s#*! was up for sale in the deep web from a breach of this site. You f*#@ers downplay these breaches to save your own asses, yet you want me to donate cash to you to run the site but my s#*! gets stolen under your noses. Thank Jesus i never gave you any info into my pay pal or credit cards. Get your s#*! together. You find a f*#@ing breach a year later?! Do you even check your f*#@ing logs on a weekly bases? Daily? Link to comment Share on other sites More sharing options...
PositiveGamer101 Posted October 2, 2016 Share Posted October 2, 2016 I wish there was a way I could help but dont bother asking me to donate because after what happen I dont think putting real info is going to help...no offense Link to comment Share on other sites More sharing options...
PositiveGamer101 Posted October 2, 2016 Share Posted October 2, 2016 In response to post #42022505. GraVmaN wrote: I think its unlikely anyone will buy that list so they can high jack a user account to post in the forums or download some files. Its more likely the email addresses will be used to send spam to. Looks like I am among the affected as my account was made almost 6 years ago. As such, I have changed my password of course. :DXD you also have to remember some of these accounts could have real information...critical information like a credit card or such Link to comment Share on other sites More sharing options...
Recommended Posts