SERGEANT OF THE MASTER SERGEANTS MOST IMPORTANT PERSON OF EXTREME SERGEANTS TO THE MAX!
Join Date
Jun 2007
Posts
8,884
Thanks given
1,860
Thanks received
4,712
Rep Power
5000
12-30-2017, 11:46 PM
Hello,
A recent increase of account hijacking has come to our attention mainly in the form of impersonation to scam other members so this is a good time to list some good practices on how to keep your account safe and how to reduce the chances of getting fooled by an impersonator.
Account security
The following list should be especially followed by frequent market users, middlemen and other "high profile" members who may be referred to by others or easily deemed "trusted" from their appearance or reputation.
Never reuse passwords and make sure they're strong (16-21+ characters long with lower/upper case characters, numbers and special characters)
This is especially important with RSPS's and their forums/sites as they don't necessarily follow proper security practices to ensure the safety of your information
Use a password manager such as [Only registered and activated users can see links. ] or [Only registered and activated users can see links. ] to generate strong passwords and store them
Enable 2-factor authentication
Announcement: [Only registered and activated users can see links. ]
I recommend using Authy instead of Google Authenticator as Authy can sync the codes across devices and is easier to backup
Use a separate e-mail account with two-factor authentication enabled
Market users are recommended to list their contact and instant messaging information on their profile or in their signature once the account is secured. This reduces the chances of someone impersonating you off-forums.
Spotting impersonators
You should always spend a moment before exchanges to make sure you are talking to the right person.
Have them send you a private message on the forums if the deal starts on an instant messaging platform
This makes your deal eligible to be handled if you end up getting scammed as we don't deal with reports that haven't started on the forums
Check their username and previous usernames
Check I's from L's, zeros from O's and other possible deceptions
Rank and recent activity (posts, threads)
Match the instant messaging information of the account you are talking with with the listed contact information on the person's forum account
Again pay attention to I's and L's, zeros from O's and other deceptions
In case you spot a hijacked account or an impersonator on the forums, post a [Only registered and activated users can see links. ] with a filled format (found in the announcement) and notify a staff member.
If you ever feel unsure about a situation or someone you are dealing with, you can ask a staff member for assistance with verifying. An alternative is to use a middleman but even with them you should go through the above list as they are also just regular members.
Happy new year and a safe 2018,
Rune-Server Staff
Last edited by S Quare Quxx; 12-31-2017 at 12:58 AM.
I think a small step like [Only registered and activated users can see links. ] would be helpful, as a lot of people are turning to discord to communicate their scam.
Join the Zenyte discord below to keep up with the development, and grow with our community! 2000+ members and 7000+ registered in one week!
[Only registered and activated users can see links. ]
A recent increase of account hijacking has come to our attention mainly in the form of impersonation to scam other members so this is a good time to list some good practices on how to keep your account safe and how to reduce the chances of getting fooled by an impersonator.
Account security
The following list should be especially followed by frequent market users, middlemen and other "high profile" members who may be referred to by others or easily deemed "trusted" from their appearance or reputation.
Never reuse passwords and make sure they're strong (16-21+ characters long with lower/upper case characters, numbers and special characters)
This is especially important with RSPS's and their forums/sites as they don't necessarily follow proper security practices to ensure the safety of your information
Use a password manager such as [Only registered and activated users can see links. ] or [Only registered and activated users can see links. ] to generate strong passwords and store them
Enable 2-factor authentication
Announcement: [Only registered and activated users can see links. ]
I recommend using Authy instead of Google Authenticator as Authy can sync the codes across devices and is easier to backup
Use a separate e-mail account with two-factor authentication enabled
Market users are recommended to list their contact and instant messaging information on their profile or in their signature once the account is secured. This reduces the chances of someone impersonating you off-forums.
Spotting impersonators
You should always spend a moment before exchanges to make sure you are talking to the right person.
Have them send you a private message on the forums if the deal starts on an instant messaging platform
This makes your deal eligible to be handled if you end up getting scammed as we don't deal with reports that haven't started on the forums
Check their username and previous usernames
Check I's from L's, zeros from O's and other possible deceptions
Rank and recent activity (posts, threads)
Match the instant messaging information of the account you are talking with with the listed contact information on the person's forum account
Again pay attention to I's and L's, zeros from O's and other deceptions
In case you spot a hijacked account or an impersonator on the forums, post a [Only registered and activated users can see links. ] with a filled format (found in the announcement) and notify a staff member.
If you ever feel unsure about a situation or someone you are dealing with, you can ask a staff member for assistance with verifying. An alternative is to use a middleman but even with them you should go through the above list as they are also just regular members.
Happy new year and a safe 2018,
Rune-Server Staff
Just Lock the inactive account like a simple system Verification mail to log
Shouldn't be difficult to do in sq , like move all accounts "last login equals blaba" and move it into "validating" usergroup
"Hacker" may be able to find the password , for the rs account since it's inactive but not the email.
[Only registered and activated users can see links. ]
I think a small step like [Only registered and activated users can see links. ] would be helpful, as a lot of people are turning to discord to communicate their scam.
Done
[Only registered and activated users can see links. ]
Good stuff. This was an announcement that needed making a long time ago to be honest.
Edit, also just a quick question, shouldn't the Discord tag go under instant messaging section in the profile as opposed to the additional information?
A recent increase of account hijacking has come to our attention mainly in the form of impersonation to scam other members so this is a good time to list some good practices on how to keep your account safe and how to reduce the chances of getting fooled by an impersonator.
Account security
The following list should be especially followed by frequent market users, middlemen and other "high profile" members who may be referred to by others or easily deemed "trusted" from their appearance or reputation.
Never reuse passwords and make sure they're strong (16-21+ characters long with lower/upper case characters, numbers and special characters)
This is especially important with RSPS's and their forums/sites as they don't necessarily follow proper security practices to ensure the safety of your information
Use a password manager such as [Only registered and activated users can see links. ] or [Only registered and activated users can see links. ] to generate strong passwords and store them
Enable 2-factor authentication
Announcement: [Only registered and activated users can see links. ]
I recommend using Authy instead of Google Authenticator as Authy can sync the codes across devices and is easier to backup
Use a separate e-mail account with two-factor authentication enabled
Market users are recommended to list their contact and instant messaging information on their profile or in their signature once the account is secured. This reduces the chances of someone impersonating you off-forums.
Spotting impersonators
You should always spend a moment before exchanges to make sure you are talking to the right person.
Have them send you a private message on the forums if the deal starts on an instant messaging platform
This makes your deal eligible to be handled if you end up getting scammed as we don't deal with reports that haven't started on the forums
Check their username and previous usernames
Check I's from L's, zeros from O's and other possible deceptions
Rank and recent activity (posts, threads)
Match the instant messaging information of the account you are talking with with the listed contact information on the person's forum account
Again pay attention to I's and L's, zeros from O's and other deceptions
In case you spot a hijacked account or an impersonator on the forums, post a [Only registered and activated users can see links. ] with a filled format (found in the announcement) and notify a staff member.
If you ever feel unsure about a situation or someone you are dealing with, you can ask a staff member for assistance with verifying. An alternative is to use a middleman but even with them you should go through the above list as they are also just regular members.
Happy new year and a safe 2018,
Rune-Server Staff
This should also be posted within the Knowledge Base for a more formal method of reference. Thanks for taking the time to type this up.
12-30-2017, 11:46 PM
Originally Posted by S Quare Quxx
S Quare Quxx
