Removing the MSN address option.

[Bobbington]

Currently Tip.it forum users have the ability to add their MSN contact details so it will appear as a button next to the "PM" and "profile" buttons. Whilst I fully understand that some people wish to share their contact infomation I feel that sadly there is not enough security behind it, and it places some players in risk.

 

 

 

With the typical age group that Runescape attracts, a large amount of players are new to the MMORPG world, and so as such probaly have a lower understanding of web security that players of games such as WoW which attracts an older more experianced player.

 

 

 

Often when reading through the forums we get messages such as "I've been hacked", and there is currently a topic around where sombody have been aproached via MSN and has had their MSN account stolen. The intresting fact is the majority of people who claim this also have their messenger details at the bottom of their accounts.

 

 

 

From the aspect of community protection I would recomend the removal of using this feature, as it offers alot of accoutn and real life dangers.

 

 

 

As I said though I understant that alot of players wish to share their details with friends, and trusted players and for this reason I am not recomending a ruling against this activity, but in my opinion this should only be done via a private message where both parties are aware of the details transfer.

 

 

 

I feel that sadly although there are alot of responsible players who have the MSN button compleated, there is a notible percentage of players who are un aware of the basicas of web security who use the Tip.it forums.

 

 

Summary

 

-Remove the option of MSN adress from our user profile

 

-Allowing people to continue sharing info with those they trust via PM

 

-Protect the community from hackers, scammers, and preditors whilst maintaing freedom

 

 

 

From working on the offical forums I am witness to the dangers that people can do with victims of hacked accounts, it's not nice and sadly I feel the option of this button adds to the issue.

 

 

 

This forum system is not used by only people like us, it is open to alot of forum operators and the feature can have a posertive effect in some situations, but I feel a runescape ralated forum is not appopreate.

 

 

 

If not removal of the button, atleast provide greater warninsg to player about the dangers of it.

[Ginger_Warrior]

DISCLAIMER: Any views I express are my own, not Tip.It's!

 

 

 

This issue always puzzled me. The rules of Tip.It claim that they uphold all Jagex rules on this forums, yet we allow people to give out personal information such as E-mail addresses and IM names. And you're quite right, it does place some of our younger, more naÃÆÃâÃâïve users at risk, not just with the security of accounts, but sadly as proven with the case with the Potsdam boy posted on the General Forum a few weeks ago, in real life as well. I personally would feel very uncomfortable if Tip.It, even inadvertently, was facilitating that kind of behaviour.

 

 

 

However, you're right. We need to strike a balance here, and I personally feel that giving addreses out in PM is a lot more appropriate, and above all else, it works against potential poachers since they won't have prior knowledge that they have an IM account.

 

 

 

I support this. In private, giving out information is acceptable since it's in a more trusting and relaxed safe environment, but personal information (all IM services, not just MSNm) should be withdrawn in light of recent events, even if that event was somewhat extreme. TBH, I don't see why the PM system, Tip.It MIRC #runescape and the forums can't suffice people's needs...

[InkofDeath]

Normally when someone adds another person on msn, they usually ask, who are you, and where'd you add me from? Failure to answer these result in you being deleted or blocked, I hope both though.

 

 

 

If the person answers the questions, if asked, you'll immediately know they are from Tip.IT, you'll probably ask whats your forum account name. If they send you a link through msn, or send you a file, with a corny name, most 10 year olds know, its probably a virus, or some kind of scam. They aren't that unwise about web security.

 

 

 

I don't think there is any real danger with the msn button. Though, I did have an encounter with someone who added me through tip it, and tried to scam me at the archery guild...though I knew it was a scam, since the person had made it so obvious, I mean a 6 year old wouldn't fall for it.

 

 

 

That example probably proves there is a danger, but I don't think removing the msn button will help at all. If someone PMed you right now, and ask you to add them, they had around 120 post counts, and you hadn't read this topic, you probably would? With, or without the msn button the danger is there, and removing it does nothing to protect, or stop it. Its like removing a door knob from a two door knob door. That person will still get in.

 

 

 

Tip.It should understand that making these boards risks every one of us to hackers, or viruses even to our best efforts. If you remove the Msn Button, why not just remove the entire PM system, or better yet, the entire forum?

 

 

 

If someone is bent on hacking or scamming, it doesn't matter what Tip.It does, it is what the user does, or mostly 90% the user, in my opinion.

 

 

 

I would not like to see the removal of any buttons. They are neutral in the path of hackers/Scammers.

 

 

 

EDIT:

 

I support this. In private, giving out information is acceptable since it's in a more trusting and relaxed safe environment, but personal information (all IM services, not just MSNm) should be withdrawn in light of recent events, even if that event was somewhat extreme.

 

 

 

I think since its your choice to put the Msn info on, its your own responsibility as well. Your choice, not Tip.Its, they give you that choice. I'd rather have the choice, then no choice at all.

 

 

 

The choice is, choosing to make your own personal information to the public of Tip.It. You are basically agreeing, and accepting the fact that you may or may not be scammed by what you submit. Your accepting this responsibility. If you are scammed, or hacked, or w/e, it is your fault, for giving out any information about you. Your fault, since you choose to give out this information.

 

 

 

Tip.It should not take this choice away, as I said above, I'd rather have the choice, then have no choice at all.

[the_tallest1]

Their removal still hasn't been ruled out and was brought up amongst the Administrators after the last announcement about unsolicited emails which claimed to be from Tip.It. The thing people need to remember is that the information is placed there voluntarily and with a warning above it in the user profile field.

 

This information will be publicly viewable. Tip.it takes no responsibility for unwanted external contact by other members should you choose to fill in these fields.

 

That statement was also mentioned again by Albosky in the announcement I linked to above.

 

This issue always puzzled me. The rules of Tip.It claim that they uphold all Jagex rules on this forums, yet we allow people to give out personal information such as E-mail addresses and IM names.

 

Jagex rules are followed to the most logical extent they can be on this site and forum. However, you have to be careful how far you extend this way of thinking. You can't provide URLs or encourage people to go to websites in game but that's completely ridiculous and impractical to consider enforcing here. As long as adequate steps are taken to warn users of potential dangers, you have to realize you can't protect people 100%.

[Bobbington]

In relpy to skatedog111:

 

 

 

Ok I shall take you as an example. You have all of your contact details avalible: I can click on a link and find your adress for MSN as "inko****@hotmail.com" (self edited as it's personal infomation) so, I have you email address! Looking at the high scores I can say.... yer thats quite a good account I bet you have some good items!..... now I want to have you account!

 

 

 

I will take a pot luck that you although are an experianced player, you dont have the best web security. you see a link and want to click it!.... I am not saying you personally would but I know from a fact on the offical forums.... alot of people DO follow links.

 

 

 

So I set up a new email account: [email protected]. I will now send you an email:

 

 

 

Dead Inkofdeath,

 

Recently a team of our moderators have been watching your inagme activity and am extreamly impressed with your attitude and behaviour ingame. I wish to offer you this opertuinity to join our player moderator team.

 

 

 

If you wish to except this offer please follow the link below, and we will do the rest.

 

 

 

http://www.runescape.com/moderator_apli ... Inkofdeath

 

 

 

Thanks,

 

Jagex moderator team.

 

 

 

_____

 

 

 

You click the link.... not realisng that the link has been altered so it does not send you to a jagex site. The have use a programe that records the secure log in animation, and you sign in.

 

 

 

You have lost you account! if you have not signed in they might have sent you a key logger anyway.

 

 

 

If they have your email adress they can have pretty much anything, even if you dont press any buttons.... depends how good they are.

 

......

 

 

 

 

 

Another problem: Each address is stored on a page, I belive there are programs that trawl sites looking for addresses to send messages to. If I was a runescape accoutn hijacker, I would trawl tip.it

 

 

 

It would give me a list of every email address assosiated with accounts on the forums.... IF they have entered that infomation.

 

 

 

If infomation is only transfered by PM the risk is masivly less.

 

 

 

------

 

 

 

Websites are also dangerous, once a Jmod let persnal infomation leak to me, very small and insignificant infomation that he probaly did not think twice of. It would nto even be classed as personal infomation. With thsi one thing I managed to find email addresses, home adresses phone numbers, photos, infomation about other Jmods, and all their infomation.

 

 

 

If I wanted to I could abuse that infomation, and attack him and the rest of Jagex personally. Luckily I refuse to ever tell anybody the infomation, and I am a nice guy and wont use/look at this infomation. although i did warn him about what he said.

 

 

 

The internet is a dangerous place.... evey bit of infomation you give is dangerous.

 

 

 

-----

 

 

 

You are right though, if a player freely puts his infomation up, it his is own fault if somthing goes wrong......

 

 

 

BUT that does not mean Tip.it doesnt have a social responsiblity to protect it's community. ALOT of people are un aware of how much danger there is in somthing as simple as a email.... and I hope a few peoepl will be shocked by what can happen.

[Errdoth]

I have a question.

 

 

 

Why would anyone even want to hack a runescape account, of all things. If someone had the skill enough (with the exceptions of script kiddies) to get a virus/keylogger onto your system, wouldn't they have better things to steal, that a runescape account? If I went through all of the trouble of scripting a keylogger or virus, and convincing someone to load it onto their system, I would much rather steal credit information, bank information, etc., or, if there wasn't any, cause they were just a kid who did nothing but play mmo's, I'd email the program to all of their email contacts and try again. Why the HELL would anyone bother doing all of that to no personal or monetary gain? I mean, come on, bank info > gold in an mmo.

 

 

 

I realize that this happens, but I am questioning the motive behind it.

[Bobbington]

 

This issue always puzzled me. The rules of Tip.It claim that they uphold all Jagex rules on this forums, yet we allow people to give out personal information such as E-mail addresses and IM names.

 

Jagex rules are followed to the most logical extent they can be on this site and forum. However, you have to be careful how far you extend this way of thinking. You can't provide URLs or encourage people to go to websites in game but that's completely ridiculous and impractical to consider enforcing here. As long as adequate steps are taken to warn users of potential dangers, you have to realize you can't protect people 100%.

 

 

 

I fully agree with you here. I remember the time where the personal infomation rule was not around on the runescape game. It was howeever "advided" that infomation should not be shared.

 

 

 

As such I have always recognised the personal infomation rule as a very important rule, but at the end of the day it's the players responsiblity.

 

 

 

If I see a player in public chat ingame asking for or giving personal infomation I will report them 100% of the time, they need a warning for Jagex and are putting them selves at risk. However I have always realised the fact that alot of long term player wish to talk to their long term friends outside fo the game, and fully understant (whilt weary of) peopel sharing infomation.

 

 

 

I personally see it as the same case here, if sombody PM's on Tip.it asking for my email address I will not give it..... even if they are a 10k+ post player who has thus clearly proved him self to be a member of the comminity, I still dont know them enough to trust them.

 

 

 

I have NEVER given out personal infomation ingame, or asked for it, although I have ended up with some people messenger (all Pmods and Fmods except 3). The fact is if infomation is fully public it's dangerous.

 

 

 

 

 

In terms of web site names, on tip.it they are safer than on the game of RoF, hackers often target the players on the offical forums as they have a huge amount of views and on adverage the users are less web safe.

 

 

 

On tip it, links are still a danger, but I feel with this more mature community it's not so bad. Most tip.iters will recognise that:

 

 

 

http://www._____RuneGold.com is a link they should not click. And most player wont click a link for a player with under 10 posts..... they just have more sence.

 

 

 

I have alot of respect for tip.it on how they do hold up the game rules in all but a few small cases, but as said..... there is a limit to whats sensible. One of the drawing features to tip.it is the extra freedome which just cannot be safly offered on the offical forums.

[Ginger_Warrior]

Unfortunetely, while I understand your point tallest and I respect it, I really don't feel that's enough. I very wisely put a disclaimer in my signature, but you wouldn't believe the amount of times I have to tell people my views aren't representative of the Tip.It staff. The fact is people tend to miss out the smallprint these days, especially on the Internet. So I'm really with bobbington on this one, and his services to Jagex as a forum mod should perhaps be given more respect than a normal Tip.It user who has no experience of moderating a forums.

 

 

 

Like I said, I'm not preventing people from giving out MSN or other IM addresses through a private channel in MIRC or through PM if they gain a friendship here at Tip.It. I'd be happy if this could be a place where that sort of socialising could take place. But I really get the feeling there needs to be more safeguards. As bobbington says, the Internet is becoming an increasingly dangerous place and what's worse is that people don't even fully realise it - myself included admitedly as I found out when I joined up to the Crew, as I'm sure all you admins heard about. Tip.It, just like all sites, has to move constantly to protect its users, and I think this would be a move in the positive direction.

 

 

 

That's just my opinion anyway.

[Bobbington]

I have a question.

 

 

 

Why would anyone even want to hack a runescape account, of all things. If someone had the skill enough (with the exceptions of script kiddies) to get a virus/keylogger onto your system, wouldn't they have better things to steal, that a runescape account? If I went through all of the trouble of scripting a keylogger or virus, and convincing someone to load it onto their system, I would much rather steal credit information, bank information, etc., or, if there wasn't any, cause they were just a kid who did nothing but play mmo's, I'd email the program to all of their email contacts and try again. Why the HELL would anyone bother doing all of that to no personal or monetary gain? I mean, come on, bank info > gold in an mmo.

 

 

 

I realize that this happens, but I am questioning the motive behind it.

 

 

 

 

 

It's a good point..... that only the hackers know about :P

 

 

 

It's worth remembering that most "hackers" aint no hackers..... they have got a premade virus/kelogger that they follow a set of instructions and spread under their own control.

 

 

 

Most hackers seem to be init for the progression of their own personal account, although there are some real world traders too. They can get over ÃÆââ¬Å¡Ãâã1000, or about $1500 for a party hat.....

 

 

 

But it sadly is a very common problem especially with hack sites and emails. Jagex have reported Billions in rune gold that has been seased from accounts connected with 'hacking' it's not a small problem.

[InkofDeath]

Although that example if very faulty on so many things, if a user, were to be that un-educated on wed security, they will probably have a tough time keeping things private on the internet for the rest of their life. Though it does prove there are some who fall for it, the more cunning websites.

 

 

 

Although an email scam is very unlikely, jagex states they will not send you an email 10 times before you even get off tutorial island. And its in places that make you look, well four are. Go see for yourself.

 

 

 

Your right about the sub-hackers, they buy the programs from ebay, that they get the name of, from a certain forum, which is quite big, and I'm surprised it hasn't been taken down. Anyways, risking to buy those programs just for hacking runescape accounts is very...iq below 20, is all I can say.

 

---

 

 

 

Even if users are missing the small print, then shouldn't we put the small print in large print? I think its easily noted that Tip.It does that more then enough. Though, I somewhat agree Tip.It could do more to prevent email scams, which as above stated, are very unlikely(there's one topic about being email scammed in general now, about every two moths it seemed, on average)to happen. There isn't much Tip.It can do without taking the Msn Button away.

 

 

 

---

 

 

 

I don't think this would be a move in a positive direction, probably a negative direction. Though the idea to help users avoid being email scammed by the buttons is a positive one.

 

 

 

If anything, a poll should be done if the button is removed or not, who knows how many users rely on the msn button, or contact buttons. Think of the market, where many users say to add them on msn, or aol.

 

 

 

I think the privilege of using the buttons out weighs the risk drastically.

 

 

 

It would be such a burden to PM personal info, that topics of a new way to give personal info would probably be made as much as 'larger sig/avvy sizes'.

 

 

 

Perhaps Tip.It should state more clearly(not that it isn't clear enough already) that it is your own responsibility to put out information, and any information you give out, can do anything to you.

[Errdoth]

Yes, I realize that the majority of these "hackers" are script kiddies using premades that they bought off of wherever. But they are mostly the ones that have the crappy scams that you can tell right away. I'm talking about motivation for people who actually go in, and who can write their own programs. more than half of the script kiddies who do this stuff on't even know the basics of sql injection and unix commands.

[Cruiser]

So I'm really with bobbington on this one, and his services to Jagex as a forum mod should perhaps be given more respect than a normal Tip.It user who has no experience of moderating a forums.

 

Just because there is enough trust put in someone to mod a forum that is already locked down beyond belief doesn't automatically give that person more weight in the discussion on a totally unrelated system. Just because I help admin the Tip.It IRC server doesn't automatically give me a say in how Efnet or any other IRC network runs their systems.

 

 

 

(With that said, I guess I better spit out the required "this entire post is my personal opinion and not that of Tip.It" line...)

 

 

 

On top of that, before forum mods from RSO go advocating changes here, they need to be advocating changes on Jagex's own systems. There has been a flaw in their login system for years that allows complete control of someones session if the wrong link is pasted between users. It works for the forums, message center, polls, everything. A security flaw like that is far more dangerous to Jagex's own users than some social engineering done via MSN simply because people assume Jagex knows what they're doing and have secured their system in every way possible. We've had to filter out the effected links on IRC just to keep people from accidentally compromising themselves because of it. I've reported it multiple times only to get ignored by the Web crew who instead wastes their time on a worthless, slow loading, java login applet that does nothing more than add a shiny animation (that's easily spoofed at that) to the login page.

 

 

 

Removal of the MSN links (I'm assuming you'd want AIM, Yahoo and ICQ removed too, if not this whole discussion is worthless) doesn't really help much when people are still free to communicate at will via PM and other means. All removing the buttons does is shift the target medium to another protocol and method. Instead of grabbing an MSN email, you get PM'ed via the board and escalated into the scam that way. If that is removed, public posts can popup that people will STILL fall for. Even RS itself is deficient in stopping scam attempts and website advertising in game. Just a few attempts at circumventing the ingame chat filter will show you how insanely easy it is. The only way you are ever going to stop attempts at scamming is to cut off all means of communication that relies on input from a user. Short of doing that, the scammers will find other ways of luring people into the scam. Even if you did do that, the scammer would just move outside the authoritative little world that person controls and continue on luring people in where you can't do anything about it. All the scam sites found via google are a prime example. Jagex can shut them down with copyright notices and lawyers, but it's a worthless effort when another will just pop up under another name at a different provider to carry on the process.

 

 

 

There will always be ways to scam someone out of their information. Better it be a harmless RuneScape account than their SSN or other much more personal information that could destroy their lives for years to come. You can warn people till you're blue in the face and there will always be people that will still have to learn the hard way because they didn't listen to the warnings. Babying people by protecting them from the RS boogy man doesn't help them learn to deal with bigger problems that could come up in life that could have far greater consequences.

[darkblade986]

Warning: Personal Opinion

 

 

 

I've always wondered why we had those buttons myself. I purposely chose to completely ignore them because most of my accounts are for family use only (as in they're only used to talk to family members). I did make an MSN account so that I could keep in touch with the rest of the Crew, if needed, however that information has not been made public.

 

 

 

Potentially, what we could do (random suggestion to the Admins here as an alternative to removing the option) is try and set up some system of reminders to those with their personal chat user names available. Every month or 2 (that might even be excessive, but still), an e-mail could be sent to players who have contact details shown that reminds them about the dangers of this information being exposed.

 

 

 

If not a monthly e-mail, then we should at least make a general warning in the News Posts area every so often reminding people of this stuff. That area is probably more heavily read than anywhere else on the site, since it deals with site updates itself.

[InkofDeath]

Going onto dark's suggestion, why not make some kind of newsletter...not a big one, but a 3k-5k word news letter, that comes out every few months and reminds everyone what they need to know in order to stay protected against certain scams and such, also this newsletter could do other things as well(If this has been suggested before soz).

 

 

 

----

 

 

 

Cruiser has explained why we should keep the buttons to the greatest extent I can see, I'm just glad he could explain no matter what you do, you will always be targeted to be scammed, or such, better then I could.

[Mercifull]

Its not there by default and tipit make it quite clear the risks involved. If you want to put your msn in your profile you should be allowed to. Tipit admins cant (and shouldn't) nanny the entire members list.

[Bobbington]

I agree to some extent what Cruiser is saying, but I just feel the existance of the button makes it a darn site easier. Not only in psychological terms it removes the "hacker" from having to deal with a human, but it would also vastly reduce the number of people targeted.

 

 

 

I am aware of the fact that no matter what any of us do, we are not ever going to stop this problem, but surely where sensibly easy we should make improvments?

 

 

 

As to what Mercifull said I disagree, I have seen you areound quit alot, and would assume is sombody added you to messanger, if you did not know them you would not allow them..... simple as.

 

 

 

HOWEVER you must remember a large quantity of our players fall in the 13-15 age catogory. Now not all of them, but a large enough quantity do not understand the dangers of the internet, they want to make some new friends and they will talk to, open emails from, or follow links from anybody.

 

 

 

It is the same group who are most likly to fill out every field they can in the user pofile section...... I must admit even I dont like leaving empty fields!

 

 

 

I can assue you there is no way I will never fall for an email scam...... know why? The scammers dont know my email address!, and they never will....

 

 

 

I would be interested to know if any of you people with MSN (or any other messanger) have ever been sent fake emails? I am sure not all of you have, but alot more people that those who dont have it.

 

 

 

I say again though, I dont want to censor the community, thats not what this is about..... BUT I wish to see people being in full control, dont make it so east.

[Gamerr]

It's simple. If you still fall for that scam, after all the warnings, after the various warnings of JAGeX on THEIR WEBSITE ON NEWS AND UPDATES, you should just learn the lesson and read the updates.

 

 

 

People who refuse that and still fall for it, pft. Don't punish 3k+ users with it who wanna share their MSN with others.

[Bobbington]

If you want my compleat frank position..... I dont care much about the people with the low account security who lose their accounts...... but I know for experiance that it is not jsut those who are 'hacked' who are hurt. These account on a regular basis attack and damage other community members, it is not just the hacked account who is in danger.

[Guest]

Disclaimer: These views are my own views and don't reflect that of the Runehq Staff<< No one Cares!

 

 

 

Please don't ruin a perfectly good feature for the majority of the tip.it community who like to have this option. Seriously, either your trying to score browny points with the admin (likely) or your some over-protective nob (very likely) trying to take yet another good feature off tip.it for the sake of a couple 3 year olds browsing these forums who are too stupid to realise a scam over msn. Its not tip.it's responsibility to keep these little kiddies safe, (by the way on that your not even legally allowed to view these forums if your not over the age of 13) its the role of the parents, and so it should be like that.

 

 

 

Although you've got what seems the best intentions at heart (for you and a couple of 7 years olds) , I hate it when people try to turn an already over-protective forum into one that just goes over the top. So don't go trying to ruin a perfectly good feature of the boards.

[Bobbington]

To be honest with you.... I don't feel I am beeing over protective!

 

 

 

I have evidance that i cant share for confidentiality reasons that the button does pose a real danger.

 

 

 

Password scams no longer work, people are far to aware of them, and they get censored anyway.... But the reason accounts get Hijacked it nearly totaly releated to hack sites, and email scams (including messenger conversations).

 

 

 

The option for MSN is also used widly by real world traders.... they dont say "add me inagme" as they account will likly be banned, but they user messengers like MSN and to a smaller extent Yahoo to set up real world trading deals.

 

 

 

Again I state I think it is an over reaction to stop MSN communication in *this* community, and I am not asking for that. However atleast through the PM system there are ways to moniter who can contact who, which would be usefull for safty and admin reasons.

 

 

 

The simple way of putting it is to say: Are you happy that acoount hijackers have acsess to your email adress, and thus other personal infomation?

[Guest]

The simple way of putting it is to say: Are you happy that acoount hijackers have acsess to your email adress, and thus other personal infomation?

 

 

 

The simple way to put it in response to your question is; I couldn't care less! I've personally had 2 people in the time I've been on TIF contact me and try to scam me (for instance one said he was creating a new Rs client and was wondering if I'd like to test it). I'm not an idiot, I realise what a scam is and so should the rest of the public, after the hundreds of warnings they've gotten. In fact I'd go as far as saying I enjoy the scammers and hackers contacting me, I love playing along with them and wasting their time, pretending I'm interested until the last minute and pull out.

 

 

 

Can Tip.it by any chance add to their user agreement that a prerequisite of using these forums is that you need "at least half a brain." If the users then accept, tip.it should expect that they won't need to deal with any more kiddies complaining that they've gotten their account hacked and we won't need to have anymore of these threads popping up.

[Bobbington]

You see it's exactly my point, two people have attempted to take your account based totaly on the fact you have published you details!

 

 

 

I dont find this good enough, you where not caught out, and that it excelent...... but you would be suprised with how many do fall into the trap. Surley a few moments extra work if you wisht to contact sombody outside of the many ways tip.it and runescape already offer in return for creater community protection is a good thing?

 

 

 

 

 

Sure it will inconvenience a few people...... but when you look at the balance there ar emore positive effects than negative.

[InkofDeath]

Sure it will inconvenience a few people...... but when you look at the balance there ar emore positive effects than negative.

 

 

 

When you look at the balance right now, the positives out weigh the negatives.

 

 

 

I also think your age category is a bit far off. 13-15s? I think the majority of them know whats a virus, and what isn't. Maybe the 9-11year olds.

 

 

 

Probably every single user who has been at Tip.It for the past 2-4 years has been attempted to be hacked or targeted at least once. Judging by the amount of them who haven't posted they've been hacked, I'm pretty sure almost all of them didn't get hacked. More or less had fun with them like Eel.

[Bobbington]

I have never had an attack on my account (please can nobody try to change this :P)

 

 

 

The demographic user base for runescape is 13-17 year old males. Most of that group tends to be American, which data shows are sadly more prone to falling for such things due to social valibles.

 

 

 

You must also remember that with the graphics style, how and where it's advertised, and the cost of membership (and the fact it can be ftp) the game also appeals to people newer to the MMORPG and online world, so as such a runescape player is more prone to falling for a scam than say a Warcraft, or everquest player.

 

 

 

And remember alot of people who have been hacked..... dont post about it as the vast magority of the time the community flames the victim for it.

 

 

 

It is usually only the newer Tip.iters who post on the subject.

[the_tallest1]

I honestly see the argument you're making, but these fields don't fill themselves out. As Eelspremiers already said, the reason he got contacted was because he chose to fill it out. This probably isn't the best analogy but it's close enough. If someone gets mugged on a street corner that doesn't mean that we should prohibit people from walking down streets or remove the streets. It means you have to take into account the time of day, what area you're in, and your awareness of your surroundings. Your personal choices affect what happens to you to a certain extent and this is much the same way.

 

 

 

You can prevent certain obvious things from being publicly spread around which most will agree make sense. For example, posting your address and phone number is not a great idea. Once those are out you have little to no control as to what happens next. With something like an email address or MSN name, you have to contribute to what ultimately happens to you: accept a file, click a link, etc. However, I'm not saying the responsibility should rest solely on the user, if I agreed with that I wouldn't see the need for any warnings.

 

 

 

We've had a lengthy sticky about scam emails since 2004 located below the forum rules in the Announcements board. I question the usefulness of repeated announcements because there are always users who don't see the point in reading anything before they start posting. I've had to ban people for selling RS accounts here and their excuse was they didn't know it was against the rules. I'm sure most of those who say that are lying but there have got to be a few who actually didn't know. If after the staggering amount of warnings users have (we even have a minigame based entirely around account security and rules), how effective will some more warnings be around here when we can't FORCE the user to view it like they have to in the game.