Of course not. Account sharing is strictly forbidden, but that doesn't stop people from doing it when they think it's harmless.Originally Posted by armshouse
Thread: How 'secure' is SCID?
#21
![Darian[Supercell] is offline](https://forum-content.supercell.com/images/statusicon/user-offline.png)
![Darian[Supercell]'s Avatar](https://forum-content.supercell.com/customavatars/avatar2034430_6.gif "Darian[Supercell]'s Avatar"){kind=avatar}
Of course not. Account sharing is strictly forbidden, but that doesn't stop people from doing it when they think it's harmless.
AKA Tank Puppy
https://twitter.com/Devourlick
If you have account-related questions like account bans or Supercell ID issues, please contact Player Support at this link. Please note that Community Managers and Forum Moderators are unable to assist or answer any account-related questions.
Well, is it trully personal information? Or is information of a clash of clans account? Who is the owner of that account? I remember on previous threads saying that Supercell owns the accounts.
It was only through this forum that I knew that account creation date is a security risk information. Is this something that people usually understands as highly secret information that cannot be leaked?
2FA is something that I would like to have on my SCID account.
Last edited by Terminator1986; January 18th, 2021 at 10:49 AM.
People really need to learn a vital lesson in life here. With the issues that Darian is posting and the traps people have.
NOTHING GETS YOU NOTHING.
Random acts of charity on the internet for something like a game are extremely uncommon.
No one is really giving away thier maxed base they've spent years working on.
No one is giving you free gems.. they don't have access to do this do they? Have you ever seen them for sale elsewhere? It's SCs own currency that they have the captive on.. how can some random spammer have a supply, that they can give you for free? You can't even give them to your own clan mates can you? Not possible.
Have you ever had the email from the Nigerian prince whom has 50m dollars on an account he can't access but if you give him your account details he can send the money to you, to hold onto?
Think about it. The golden rule.. if it's too good to be true.. it probably is. Nothing is free.
Its true that people are falling to scams and traps by accidentally sharing account information, but what about those people like myself who have never come across the hacker/phisher and yet their id got phished/stolen.
Account info cant be divulged when the owner hasnt even spoken to the scammer even once.
Last edited by arjunchopra333; January 18th, 2021 at 11:21 AM.
I think a phone-based 2FA could be limited to prove your identity to Support, in order to make sure it's you that want to recover your account.
Then the"hacker/phisher/scammer" would have to have access to SMSs, or other locally-generated secure OTPs, in order to gain access.
I would gladly activate a 2FA option of this type if it was available.
Last edited by eitiel; January 18th, 2021 at 11:23 AM. Reason: typos & punctuation
#26
This is simply not true and there is likely more going on than what is being shared publicly. There are a variety of system checks that happen in the background and just having that information alone will not allow someone to recover an account.
AKA Tank Puppy
https://twitter.com/Devourlick
If you have account-related questions like account bans or Supercell ID issues, please contact Player Support at this link. Please note that Community Managers and Forum Moderators are unable to assist or answer any account-related questions.
#27
How do you know who the scammer/thief was or where they got their information? It's incredibly surprising what information people share that they thought was harmless.
Accounts cannot be stolen out of thin air without having access to very specific information.
AKA Tank Puppy
https://twitter.com/Devourlick
If you have account-related questions like account bans or Supercell ID issues, please contact Player Support at this link. Please note that Community Managers and Forum Moderators are unable to assist or answer any account-related questions.
I know positively about it because the day before my account got phished there were only my alternate accounts in my clan along with a few friends i know personally. But the next day when i login into my account, i get supercell id has expired and when i tried to get the otp from my linked email id, i did'nt receive it.
Secondly when i logged in from an alternate account i saw my phished account being operated by someone else and right away he brought one of his accounts and made himself leader.
The most shocking thing was that i hadnt come across him even once ingame as well as outside the game. So its puzzling that how they were able to phish the account without my divulging the details.
Last edited by arjunchopra333; January 18th, 2021 at 11:30 AM.
Have you ever told any of your clanmates, or even on global chat when it was a thing, the place where you live? Are you using the facebook link option, so they may know some personal info about you and maybe guess your email password? Are you using 2FA on your supercell ID-linked email address? The simple fact that you have no means to tell who is the player behind an account means you should never ever divulge any of your personal info through the game. The most I tell my clan mates is that I live in Europe, and they could tell that already by my wake-sleep pattern.
I saw new joins ask questions about "how long have you been playing" (my answer: "too long") or "where are you from?" or anything else that could, maybe-if-I'm-a-lucky-scammer, be used to convince a Support agent that it's me who lost access to my email address.
Last edited by eitiel; January 18th, 2021 at 12:01 PM. Reason: punctuation, again
It would be inconvenient if there was a 2FA for every login. But can't it be applied only for the email change requests?
Last edited by BlazeStormz123; January 18th, 2021 at 12:13 PM.
Posting Permissions
Reply With Quote