RMT spam fixes need to happen sooner then later

[Ninjaii]

Even Se Support doesn't believe that it isn't SE's side anymore, while they are perpetually hit with call logs about the issue. But if you want to believe otherwise none can stop you from posting in these threads (unless your account ends up compromised). It's already confirmed that phone security tokens are pointless against the security breach. Users of the phone security app just have a faster way to recover their accounts.

Edited for typos lol

And Excalibur hasn't been lifted from character creation restrictions since before Sept. 5.

[Kamaru]

To be honest I haven't read up on all the accounts that were compromised. However, even if their token authentication is "crackable" (though it most likely has some sort of dumb recovery logic and the algorithm itself is not being cracked) they still need a username or email address at least. You have to have something to start with....

[Ninjaii]

To be honest I haven't read up on all the accounts that were compromised. However, even if their token authentication is "crackable" (though it most likely has some sort of dumb recovery logic and the algorithm itself is not being cracked) they still need a username or email address at least. You have to have something to start with....

Microsoft and Sony would disagree based on how their networks were compromised. Just because those are the typical reasons careless gamers lose their account privileges doesn't mean the easy answer is relevant. It just means that once compromises were confirmed that's the 1st consideration, but that was about 2 weeks ago and they have 1000s of confirmed account compromised tickets @ SE Support-NA alone

One problem is the users that register their tickets in the Account sector of SE support and the users that register their tickets in the FFXIV sector are divided between 2 different ticket logs. Even though its just one problem.

[sasakusaku]

No way to solve this unless you track them down, sue them, and hope this makes them scared but that didn't work when blizz did it so I expect it would not now.

Imo, SE should take a long look at Eve and or say GW2 if you want to see ways how they combated and near eliminated third part RMT groups from their games; it's not perfect but it DOES work.

Simply just fiddling with chat filters will never work b/c those spam bots WILL get around it within a minute. If they get banned, they just use another hacked account out of the 1000s they probably got control of.

Anyways, back to watching gather bots teleporting around...they are getting quite numerous.

[Fire-Dragon-DoL]

Cheers for the lame duck comment from a troll [...]

A troll? Mine is a REAL suggestion, not a troll.
For stolen accounts, people can claim the account was stolen, but I'm bored to be invaded with marketing

[Whoopie_Pie]

EASY WAY TO BLACKLIST

Can we just get and option to click on the name and blacklist the user ?

DING! THANK YOU!

Please do this. It's already there that you can click on a name in a shout/tell and invite to party. Just add an option to add the black list and the problem is DRAMATICALLY reduced.

This would help. So. Much.

It would already help if Characters were allowed to shout only once every 30 seconds.

This too. Yes.

Minor fixes but they seem fairly simple. I'm 100% for both of these.
I need not explain at length, point has been made, nail hit on the head, dead center, etc etc

[Ninjaii]

At the very least anyone else in the industry or in information security would of said to have put in a mandatory password change by now, but SE hasn't, even though the breach was confirmed 2 weeks ago and they still cant identify anything, while more accounts continue to be compromised every day. Would of at least either confrimed stolen information or discarded it as no longer a plausibility.

And if they hadn't of lifted the auto-block of accounts accessed from an invalid IP that had been present since 1.0 up until a post-release patch, none of the compromised accounts would of happened

[KisaiTenshi]

Lol can u do math there are plenty of free companies that have over 100 members

not to mention the RMT could use it to easily populate an insta-ban

I see what you're getting at, but it works both ways. The way to improve the system is to automute players for an hour who are blacklisted by 4 reports within that hour, on a rolling window. So if a RMT spam bot keeps on spamming once muted, it stays muted until they stop for an hour. Meanwhile you'd think that a GM could check the report to see what they're being blacklisted for.

[KisaiTenshi]

At the very least anyone else in the industry or in information security would of said to have put in a mandatory password change by now, but SE hasn't,

That's because mandatory password changes aren't effective solutions when the average joe ticks the "save login info" box. What SE should have done, from the beginning is ask for either a mobile phone number (to SMS one-time passwords to), a mobile app (which they now have) or include hardware token with all boxed versions of the game. MMO games are the only "services" that people are so inherently lazy about that hacks roam free. Many people who are "hacked", end up hacked because they were already up to no good.

Why is there a 1000 character limit x.x

[10TailBeast]

Tonight, every city I went to was completely quiet. SE is doing something and it is having a noticeable effect.