Page 25 of 29 FirstFirst ... 152324252627 ... LastLast
Results 241 to 250 of 286

  Click here to go to the first staff post in this thread.   Thread: How 'secure' is SCID?

  1. #241
    Forum Elder MajorJohnson's Avatar
    Join Date
    Apr 2017
    Location
    In the shadows
    Posts
    2,435
    Quote Originally Posted by Rizzob View Post
    Phishing is social engineering - it plays at what is often the weakest link in security, the human operating an account. If you're concerned about becoming a target, have your clannies run a security audit. Does your account have the same name as the email address backing it through SCID? Is that email address easily guessable? Is it your name? Have you ever posted your clan/account info online (even just a village screenshot) through social media, where someone could link your account to you? Do you share passwords/usernames with different web sites (outside clash)? Try running any emails you have linked with clash accounts through haveibeenpwned.com (totally legit, I promise) - does anything concerning come up there? Every "yes" answer increases your risk of being phished.

    Yes, 2FA mitigates a lot of that risk, but in its absence, using best practices as recommended by InfoSec experts is the next best thing.

    To address your last point, I agree it's a little unfair to say "it's on you if you get phished", because the average person doesn't do things like use a password manager to randomize all their passwords.
    We are extremely tight with security, we don't talk about personal information in regards to clash or use social media because we know we are a target. It worries me to watch all these clans getting phished and destroyed, with mods and community managers essentially blaming players rather than seeking solutions to improve their security.
    Engineered for success---Engineered to win---Winning is life---Tiger Blood

    Supercell enforcing fair play? Let's stop Self-Match Clans https://forum.supercell.com/showthre...left-unchecked

  2.   Click here to go to the next staff post in this thread.   #242
    Kaptain Kat's Avatar
    Join Date
    Oct 2012
    Location
    Rundum Hause
    Posts
    12,655
    Quote Originally Posted by MajorJohnson View Post
    If it is the case where we were to lose our clan due to the security flaws of SCID, even though we take extraordinary precautions in order to prevent such a scenario, it would not be worth continuing to play the game.

    Everyone in our streak clans follow the TOS, built all our bases from scratch and do not share. It takes years of work to build a clan up to such a degree, and when the only response is "sorry, you must have messed up, we won't do anything to fix the situation" sounds like a cop out and a slap in the face.
    All the more reason to keep your leadership accounts of those clans safe. Rizzob gave a lot of good tips and practices.

    I do understand how it devastating it would feel but if you do get phished you cannot blame SC for that.
    You also must forget that in the case of wars there’s 2 clans involved and they can’t just wipe out a war on one end without affecting the other clan. They also can’t simply manually manipulate a number like a clan’s win streak. The tools to do so just don’t exist and they certainly wouldn’t be writing them in such a scenario. It’s just something that will cause issues.
    So while it may feel like a slap in the face the alternative would be way more unreasonable.

    Thank you! ClashOfHolmes for an awesome sig!

    Just call me K, my name is too difficult to spell.
    Hay Day | Level: 120 | # VL8GVUL | Main Hay Day Topics | Forum Rules | HD Wiki
    Clash of Clans | Level: lost count at 200 | #Y0VJUJG

  3.   Click here to go to the next staff post in this thread.   #243
    Kaptain Kat's Avatar
    Join Date
    Oct 2012
    Location
    Rundum Hause
    Posts
    12,655
    Quote Originally Posted by MajorJohnson View Post
    We are extremely tight with security, we don't talk about personal information in regards to clash or use social media because we know we are a target. It worries me to watch all these clans getting phished and destroyed, with mods and community managers essentially blaming players rather than seeking solutions to improve their security.
    You desperately need to re-read the thread.
    In almost all cases when accounts are compromised there’s a whole history of shenanigans.
    And yes through the years we’ve read a lot of very believe stories and after having them quietly checked in the background it turned out to be a truck load of a foul smelling substance in almost every single case. The cases where something went wrong on SC’s end are less then fingers most people have on 1 hand in very many years on this forums.

    So xcuse me when by now I've read and seen most of it. And yea I wouldn’t count on my sympathy level if it turns out that accounts were lost due to peoples carelessness.

    Thank you! ClashOfHolmes for an awesome sig!

    Just call me K, my name is too difficult to spell.
    Hay Day | Level: 120 | # VL8GVUL | Main Hay Day Topics | Forum Rules | HD Wiki
    Clash of Clans | Level: lost count at 200 | #Y0VJUJG

  4. #244
    Millennial Club
    Join Date
    Mar 2015
    Posts
    1,080
    Quote Originally Posted by KingDMan View Post
    Wow! Just read every post and thought I'd offer my two cents.

    I started playing COC <REMOVING INFO PROVIDED GIVING START DATE>so I believe that I've seen and heard it all(maybe not). Here's my perspective:

    Most of the people who claimed they were hacked, .......

    ...Sure, it's possible that they're witholding information or maybe they unknowingly made it easy for someone else to take control, but the stories I've heard in recent months sound very believable.

    Tbh, I don't know what to believe.
    I know what I believe... and that is, that someone who has just read every post here, and would have read that start date is a requested verification question, is still willing to give us all his start date.

    There was a also a thread here a few months ago, asking when did people start playing clash, and as I recall had two pages of reply’s before the thread disappeared (and I assumed was deleted).

    People will always, it seems give up more then they should.

    Clan:
    ClashAustralia! | Clan ID: #P0QG0C8J | IGN: VanSim | Discord: VanSim#7997
    Clan Lvl: 17 CWL: Masters Clan Formed: 16/03/2015
    TH: TH12 | AQ: L65 | BK: 65 | GW 40 | Max Trophies: 4500+
    TH: TH12 | AQ: L65 | BK: 65 | GW 40 | Max Trophies: 3800+
    TH: TH13 | AQ: L75 | BK: 75 | GW 50 | RC: 25 | Max Trophies: 5500+

  5. #245
    Millennial Club
    Join Date
    May 2013
    Posts
    1,413
    I just don’t agree that talking about when you started playing Clash is “personal information”....who wouldn’t say when they stared working for company x is personal information? Surely you’d talk to friends or family of when you started ? And in the world of online gaming and social media...to not talk about these basic things is utterly unrealistic. Equally having these forums with the date you joined is that personal information?


  6. #246
    Super Member
    Join Date
    Aug 2020
    Posts
    837
    Quote Originally Posted by Matchupitchu View Post
    I just don’t agree that talking about when you started playing Clash is “personal information”....who wouldn’t say when they stared working for company x is personal information? Surely you’d talk to friends or family of when you started ? And in the world of online gaming and social media...to not talk about these basic things is utterly unrealistic. Equally having these forums with the date you joined is that personal information?
    That data can be used by phishers for stealing your id, support will never know that whether a phisher is providing the real data or the owner himself. That's why you should refrain from giving any personal details about your id on any platform,just to be safe and secure.
    Last edited by ESCANOR0803; January 25th, 2021 at 11:54 PM.

  7. #247
    Millennial Club
    Join Date
    Mar 2015
    Posts
    1,080
    Quote Originally Posted by Matchupitchu View Post
    I just don’t agree that talking about when you started playing Clash is “personal information”....who wouldn’t say when they stared working for company x is personal information? Surely you’d talk to friends or family of when you started ? And in the world of online gaming and social media...to not talk about these basic things is utterly unrealistic. Equally having these forums with the date you joined is that personal information?
    I would agree generally speaking. But given this thread and the data stated as needed to recover, clearly start date should be kept secret. Saying I started playing 2 years ago, is different to saying I stated playing Aug 2019

    Clan:
    ClashAustralia! | Clan ID: #P0QG0C8J | IGN: VanSim | Discord: VanSim#7997
    Clan Lvl: 17 CWL: Masters Clan Formed: 16/03/2015
    TH: TH12 | AQ: L65 | BK: 65 | GW 40 | Max Trophies: 4500+
    TH: TH12 | AQ: L65 | BK: 65 | GW 40 | Max Trophies: 3800+
    TH: TH13 | AQ: L75 | BK: 75 | GW 50 | RC: 25 | Max Trophies: 5500+

  8. #248
    Millennial Club maximooze007's Avatar
    Join Date
    May 2020
    Posts
    1,331
    Quote Originally Posted by vansimon View Post
    ...
    There was a also a thread here a few months ago, asking when did people start playing clash, and as I recall had two pages of reply’s before the thread disappeared (and I assumed was deleted)...
    Jeez, I know that thread, I'm not even sure if I responded there, but I admit, I was convinced that it wasn't ill intended, I'm not saying it is, but it make sense, but if it is, then its a good trap, shrouding the intent with the integrity of the forum..

  9. #249
    Pro Member chilepepper101's Avatar
    Join Date
    Jul 2020
    Location
    Your Looking At It
    Posts
    573
    Quote Originally Posted by Kaptain Kat View Post
    You desperately need to re-read the thread.
    In almost all cases when accounts are compromised there’s a whole history of shenanigans.
    And yes through the years we’ve read a lot of very believe stories and after having them quietly checked in the background it turned out to be a truck load of a foul smelling substance in almost every single case. The cases where something went wrong on SC’s end are less then fingers most people have on 1 hand in very many years on this forums.



    So xcuse me when by now I've read and seen most of it. And yea I wouldn’t count on my sympathy level if it turns out that accounts were lost due to peoples carelessness.
    I agree. it does seem that at least 9 out of every 10 complaints about lost accounts blame supercell for having "cheap security" when their accounts were stolen and "poor customer service" when staff investigate and find out they tried to purchase "free" coc accounts on some sketchy website, then refuse to help because they broke the TOS.

    Even the best of us have been careless at times, now ill be the first to admit, i have shared some information in the past with other players that i thought was harmless, mainly my name, but ever since i joined these forums and read all these "horror" stories, i regret doing so, and feel very fortunate to still have my account phish-free.

    I also agree with the fingers on the hand statement, as supercells security is rather unique, as a large part of its integrity is up to the player, the more information you share, the less effective it becomes. so when i figured this out, it really makes you realize that losing your account to phishing without spilling any key information at all is next to impossible and can only be done by the best of hackers, and i doubt lex luthor or Lisbeth Salander wants to steal your clash of clans account. so you can truthfully say its all the players fault.


    so now whenever i see said threads, i have a hard time believing the users claims that they never gave anyone any info and that its entirely supercells fault unless a mod or employee confirms it with evidence.
    Last edited by chilepepper101; January 26th, 2021 at 01:32 PM.

    played clash of clans for 3 years...or was it 4? Signature courtesy of terminus prime and his shop
    my main account: https://www.clash.ninja/stats-tracke...ctor-9990lcc2p
    my clan thread: https://forum.supercell.com/showthre...nation-clan%21

  10.   Click here to go to the next staff post in this thread.   #250
    Darian[Supercell]'s Avatar
    Join Date
    May 2017
    Location
    Gliese-832c
    Posts
    6,110
    Quote Originally Posted by maximooze007 View Post
    Jeez, I know that thread, I'm not even sure if I responded there, but I admit, I was convinced that it wasn't ill intended, I'm not saying it is, but it make sense, but if it is, then its a good trap, shrouding the intent with the integrity of the forum..
    That's the thing about scammers/phishers. The good ones rarely make their intentions obvious until it's too late. There's a reason why scamming is a multi-billion dollar industry. Good scammers are charismatic, manipulative, and convincing. They are also relying on the fact you have no idea just how useful the information you gave them really is, especially when you think the information is banal or mundanely useless.

    The fact they leave you blaming a lax in security instead of blaming yourself shows A) just how manipulative they are and B) how willing you are to deflect blame in order to admit to falling for a scam.

    Admittedly, that second one is a tough pill to swallow. No one likes admitting they made a mistake, and that's especially so when you have to face severe consequences for those actions. But as I said before, we can tell the difference between someone's compromised account vs. someone who fell victim to a scam or gave/bought/sold their account. Usually if the account is compromised, Support is fairly quick at restoring access to those accounts. But because there's no reason to voice any complaints about it, you don't read about those thousands of success stories. What we do hear about on the forums are those examples where support was unable to restore the account because they can see suspicious or fraudulent activity on the account.
    AKA Tank Puppy
    https://twitter.com/Devourlick

    If you have account-related questions like account bans or Supercell ID issues, please contact Player Support at this link. Please note that Community Managers and Forum Moderators are unable to assist or answer any account-related questions.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •