You might want to detach any and ALL payment systems you have from your Unreal Engine 4 account, if there’s even the slightest chance your user name and password are floating around online.
Just today my Epic account was charged $99.99 for the game Fortnite, which I have never installed or played in any fashion. My Epic account was linked to PayPal and PayPal told me that because I authorized them, it’s up to Epic to fix the problem.
I only got an Epic account to use the UE4 engine! Although I guess it’s common knowledge online, I never heard of theft utilizing Fortnite. I was actually under the impression the game was still locked down to Beta, so I didn’t even think the game was out yet! But APPARENTLY it’s not online out, but the biggest online game in the world, with the additional nefarious title of being the least secure game in the world for hackers. Apparently it’s super easy to make transactions without reentering your PayPal information. There’s no account Pin, like Oculus uses, for instance. Once they are logged in, they can clean out any bank or PayPal account link to your Epic account. And these codes, or whatever V-Bucks are, are apparently easy to transfer to other accounts. So all I have is a $99.99 bill and absolutely nothing to show from it. It’s the end of the month, I had to pilfer my saving just to stop my bank account from over-drafting!
If you do get robbed, I found a forum posted form that was made exclusively for this growing theft problem. You’ll need to fill out this, as Epic has NO OTHER MEANS OF CONTACT, regarding this scam. From the forum posts referencing this form, I couldn’t find a single post mentioning Epic giving a refund, so even this might not work…
There’s no other way to reach the company directly. Epic’s phone number dumps to voice mail with no options regarding billing. I did a little poking around tonight and found a multitude of stories including this one from Kotaku, made over 6 weeks ago discussing how bad things have gotten:
Until today, I had no reason to doubt Epic’s integrity. It smacks of a company who’s turning a blind eye to a theft issue they are profiting from. It’s very loathsome for a company I would normally expect so much from. Epic is NOT protecting it’s UE4 developer accounts! You’re money could be in danger. Lock down your passwords, and if you have the option, NEVER allow Epic full access to your PayPal or Credit Cards. They are not protecting them. They didn’t protect me, they won’t protect YOU!