Can you make it a warning which can be closed once the player clicks the little X?

I can't change it at all. Kestas activated it at our request after the phishing incidents.

Of course it's needed. I planned to spend today sending my password to various members of this site, but when I read the warning, I realized it was a bad idea. Thank you based warning.

Oh, i thought the admin panel had the capacity to setup messages... That might be a nice feature for just this purpose... Any volunteers to contribute to the project?

You'd be surprised Fairfax, people wouldn't still be using phishing schemes if nobody fell for them. It'll only be up for a couple of days. And if you have a facebook or any other social meda try this and see how many people fall for it:

Wow, I just found out that facebook has a new security feature that hides my password if I type it in a post. See *$%#*(#@

Bet you someone falls for it.

@orathaic, that would be a great feature if you can find a few people to make the code and give it to kestas.

I heard that you can use the same password to link all your multiaccounts. How come there's no warning about multi accounting at the top?

Is this still an ongoing issue?

Have you contacted google directly, because what they're doing is actually very illegal.

Abge, you really think its illegal. I don't know for sure, but id be surprised if it was. It's not like fraud for financial gain or anything. I guess if there's an anti phishing law, then it would count. But just having the email wouldn't be. Still its worth reporting.

Fraudulent impersonation.

Every website that has logins says do not give your password. Anyone who falls for that in 2013 is just dumb.

In some countries fraud only applies if there is monetary gain (so certain pranks would 't count) it may be a violation of google's terms and conditions.

@draug, I don't think impersonating by itself is fraudulent. There has to be some kind of gain involved, and I don't think a login to webdip would count, legally. A husband could impersonate a guy he thinks his wife is cheating on him with, to get verification. There's nothing illegal about that, right? This seems like the same ballpark. But it is probably a violating of Google policy, if not the law, and they would probably be happy to shut it down.

@phil

I'm pretty sure it's illegal in the US, even if there's no monetary gain. Furthermore, it's against Google's EULA, so the account should be shut down even if it isn't illegal.

If Kestas owns the domain, webdiplomacy.net why not create an email for [email protected]?

No one can spoof an email from a domain they don't own (well maybe someone could, but its a lot more difficult than just registering at gmail). I guess they could still register webdplomacy.net and do the same thing though. But at least then, they are actually spending money just to get someone's Spring '05 moves. Probably deterrent enough.

Hey I've got an idea. Why don't we all send ten fake passwords to the fake email address :-) That'll keep 'em busy.

Illegal or no, good luck getting a prosecutor to spend his time on a case like this.

Actually, a spin on that idea isn't bad. Anyone with a little programming skill and an email they don't mind being flagged from gmail as spam, can write a little 10 line program to email bomb the bastard with a loop of say 1000 emails being sent to that address. What's the storage limit for a gmail account? The subject can be "fuck off!" And the body can be 1000 lines of your favorite knock knock joke, or Shakespeare quote or what ever repeated. Brilliant!

THANK YOU BASED WARNING

With relatively little effort you can claim that your email is being sent from any address. And set the reply-to header to whatever you want (though them being different may be suspect)

Likewise, you could fairly easily run an email server on most machines and post millions of emails, but gmail is probably pretty good at protecting against such attacks.

Forget prosecutors. You'd think someone could trace back the sender via IP address or something. Then their name and address gets posted on forum, and let justice run its course.

"With relatively little effort you can claim that your email is being sent from any address. And set the reply-to header to whatever you want (though them being different may be suspect) "

This is only partially true. The emails headers will have an IP trace route in it where you can find the originating IP. I have forwarded these headers on to Kestas and the Mods for their use.

@Draug - good, and i recognise that this spoofing is only useful for scaming less than technically literate - though your point about IP tracing, does that not simply implicate a google mail server? (of course with a spoofed mail address this wouldn't be the case... I am assuming this is a legitamate google account, subject to the EULA)

@the hanged man - i suspect google has this info, and that they will not share it - based on their privacy policy - but i may be wrong on each of these suspicions.

Actually, the google mail server takes it al the way back to the source or at least the source's firewall/first external IP. So the person in question could be tracked if they did it from home. But less likely if it was a library, office/campus computer, or retail/food place like McDs or $tarbucks. as the systems there typically share one external IP (or a few on load balancing firewalls) with the other systems at that site.

Or indeed the Tor network; i did not know any webmail was broadcasting my ip address...

Well, yes. That;s how mail servers validate and spam block blacklisted servers.