A recent increase of account hijacking has come to our attention mainly in the form of impersonation to scam other members so this is a good time to list some good practices on how to keep your account safe and how to reduce the chances of getting fooled by an impersonator.
The following list should be especially followed by frequent market users, middlemen and other "high profile" members who may be referred to by others or easily deemed "trusted" from their appearance or reputation.
- Never reuse passwords and make sure they're strong (16-21+ characters long with lower/upper case characters, numbers and special characters)
- Enable 2-factor authentication
- Announcement: Two-Factor Authentication + Other Updates
- I recommend using Authy instead of Google Authenticator as Authy can sync the codes across devices and is easier to backup
- Use a separate e-mail account with two-factor authentication enabled
Market users are recommended to list their contact and instant messaging information on their profile or in their signature once the account is secured. This reduces the chances of someone impersonating you off-forums.
You should always spend a moment before exchanges to make sure you are talking to the right person.
- Have them send you a private message on the forums if the deal starts on an instant messaging platform
- This makes your deal eligible to be handled if you end up getting scammed as we don't deal with reports that haven't started on the forums
- Check their username and previous usernames
- Check I's from L's, zeros from O's and other possible deceptions
- Rank and recent activity (posts, threads)
- Match the instant messaging information of the account you are talking with with the listed contact information on the person's forum account
- Again pay attention to I's and L's, zeros from O's and other deceptions
In case you spot a hijacked account or an impersonator on the forums, post a general report with a filled format (found in the announcement) and notify a staff member.
If you ever feel unsure about a situation or someone you are dealing with, you can ask a staff member for assistance with verifying. An alternative is to use a middleman but even with them you should go through the above list as they are also just regular members.
Happy new year and a safe 2018,
Last edited by cube; 12-31-2017 at 12:58 AM.
I think a small step like https://www.rune-server.ee/site/foru...rname-tag.html would be helpful, as a lot of people are turning to discord to communicate their scam.
Shouldn't be difficult to do in sq , like move all accounts "last login equals blaba" and move it into "validating" usergroup
"Hacker" may be able to find the password , for the rs account since it's inactive but not the email.
Good stuff. This was an announcement that needed making a long time ago to be honest.
Edit, also just a quick question, shouldn't the Discord tag go under instant messaging section in the profile as opposed to the additional information?
|« Rune-Server Discord | Merry Christmas R-S »|
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)