Thoughts on making sellers put photo with date and username on sales threads?

ehran · Feb 7, 2022

I like the time stamp, but I think BF should also REQUIRE a more complex password from all users. Websites do this all the time. If email is required to set up an account, then give users a period of time to change their password, and then lock accounts with expired passwords. If a user attempts to sign on afterwards, a pop up that says password is expired and a link to reset password by email has been sent.

Yes, leaked passwords will always be a potential problem. I suppose the admins could tell us if they wanted (assuming there is some logging of invalid password attempts), but I’d be willing to make a small wager that the majority of these hacked accounts had rudimentary and easily guessed passwords. If that’s the case, the community, is doing this to themselves by not securing their own accounts. I wouldn’t hate a policy that limited password attempts over a period of time either.

nautiquess · Feb 7, 2022

Hvactech said:
So how did you know it was a scammer ?

#1 price was a little cheap, but not enough to turn me away.
#2 I used the search function and looked at passed listings and found the exact photo from blade forum even with serial number. Not that this is uncommon, to see a knife change hands here, but there was enough enough to start asking questions and see if the timelines added up. They did not and he said he purchased it new, after the date of sale here.
#3 seller would not even consider PayPal and was pushy for quick payment.

Just some food for thought. Due diligence.

UncleBoots · Feb 7, 2022

People who advocate for including a piece of paper with date and username in the knife photos say you should crumple the paper a bit, then take your picture. They claim that makes it hard to Photoshop.

No clue about that, myself. But that's what they say.

nautiquess · Feb 7, 2022

It definitely makes it harder to fake if you put the info on a post it note for sure. Crumpling is a pretty good idea to. Kind of like a finger print. Knice idea.

Boattale · Feb 7, 2022

If there's not a picture of the knife lying on the front page of today's New York Times I am out of the deal.

Anderdale · Feb 7, 2022

Boattale said:
If there's not a picture of the knife lying on the front page of today's New York Times I am out of the deal.

Just trying to get ideas. This is the only forum I’m a part of with this much account hacking… and this is a paid subscription forum . Kind of strange.

10after10 · Feb 7, 2022

nautiquess said:
#1 price was a little cheap, but not enough to turn me away.
#2 I used the search function and looked at passed listings and found the exact photo from blade forum even with serial number. Not that this is uncommon, to see a knife change hands here, but there was enough enough to start asking questions and see if the timelines added up. They did not and he said he purchased it new, after the date of sale here.
#3 seller would not even consider PayPal and was pushy for quick payment.

Just some food for thought. Due diligence.

Paging Detective nautiquess. You're needed at the security office.

nautiquess · Feb 7, 2022

Two factor authentication to list and only to list is a pretty good idea. Listing a knife should be a thought out task and not done in haste and that additional step would help enhance the overall security of the exchange. Not sure if or how you could accomplish this only on sales posts from an IT standpoint.

I would not be in favor of 2 factor for every login though.

Squidman24 · Feb 7, 2022

If folks don’t two factor authenticate after every login, post or click….hit ‘em with an Error 522….that’ll teach em

Andy the Aussie · Feb 7, 2022

ehran said:
Yes, leaked passwords will always be a potential problem. I suppose the admins could tell us if they wanted (assuming there is some logging of invalid password attempts), but I’d be willing to make a small wager that the majority of these hacked accounts had rudimentary and easily guessed passwords. If that’s the case, the community, is doing this to themselves by not securing their own accounts. I wouldn’t hate a policy that limited password attempts over a period of time either.

.....hey mate

I think the hacked account issue has been openly linked to a data breach at one of the online knife retailers and extrapolating from that the people who use a common password across platforms.

Cheers

Andy

UncleBoots · Feb 7, 2022

Andy the Aussie said:
extrapolating from that the people who use a common password across platforms.

Like about 90% of the hacks lately. The era of using common passwords across sites is over.

Hvactech · Feb 7, 2022

nautiquess said:
#1 price was a little cheap, but not enough to turn me away.
#2 I used the search function and looked at passed listings and found the exact photo from blade forum even with serial number. Not that this is uncommon, to see a knife change hands here, but there was enough enough to start asking questions and see if the timelines added up. They did not and he said he purchased it new, after the date of sale here.
#3 seller would not even consider PayPal and was pushy for quick payment.

Just some food for thought. Due diligence.

Thanks for the pointers. I try to be safe now. Back before Xmas I got taken for about 750 in total. Got 2 something back from venmo, PayPal didn't give a shit. It was the first few transactions I had on here. I looked the dude up on people finders, I strongly thought about driving a few states away to knock on his door. But it's not worth me throwing away my career for what I can make in a day. Sorry ass people

luethge · Feb 7, 2022

*Off topic I just want to say thank you to

grumpy514 for always lighting up scammers. I find great satisfaction when grumpy puts one of these creatures on blast

not2sharp · Feb 8, 2022

UncleBoots said:
Like about 90% of the hacks lately. The era of using common passwords across sites is over.

The era of using passwords is over. We need an easier and more secure way to access all of these apps. 2 factor authentication is just more nonsense.

For now use PayPal Goods and Services and make use of their protections.

n2s

UncleBoots · Feb 8, 2022

not2sharp said:
The era of using passwords is over. We need an easier and more secure way to access all of these apps. 2 factor authentication is just more nonsense.

Interesting. I'm kind of in that field, and I don't know of anything that matches what you're suggesting. Would you elaborate on the scheme you'd recommend?

Boattale · Feb 8, 2022

I have third party authentication apps that are used to access sensitive sites, such as my CPA's secure document exchange portal. SSN.gov has pretty tight security too that's really not all that difficult to use.

Facial recognition is an option too.

If security is a priority, putting a date and time stamp on a photo is weak sauce.

BP Green · Feb 8, 2022

nautiquess said:
This photo was from the scammer this morning when i asked for a timestamp. Pretty good but if you look close you can tell. Just goes to show how easy it is to doctor a photo.
He was reluctant to send. The the pics were from an aug 2 bladeforum listing as the serial number was in one of the photos. Pretty easy to check. He claimed to have purchased the knife new from DLT on August 14. Not a very bright scammer. Just gotta be careful

View attachment 1737648

So when you say “you can tell”, how exactly can you? I’ll be the first to admit that would’ve fooled me.

Cosmik001 · Feb 8, 2022

not2sharp said:
The era of using passwords is over. We need an easier and more secure way to access all of these apps. 2 factor authentication is just more nonsense.

For now use PayPal Goods and Services and make use of their protections.

n2s

Why is 2-factor authentication nonsense? It requires an additional verification step for any new device that is attempting to login to a user's account. The scammer would need to have access to both the user's email and BF login credentials. While it is possible that the scammer has access to both, it would greatly reduce the number of scam posts that are happening nearly daily. Another option is to require several security questions to be answered if a login is attempted from a new IP.

Peter Hartwig · Feb 8, 2022

I tend to be negative on ideas for BF to mandate new rules(and work for moderators), but any individual can ask anything they want to assure they don't get scammed

nautiquess · Feb 8, 2022

BP Green said:
So when you say “you can tell”, how exactly can you? I’ll be the first to admit that would’ve fooled me.

Its not written on a post note or other piece of paper with leads it to be suspect to me. I blew up the original photo (shrunk it to fit in this thread) and it just didn't have the various lights and darks as ink does. One continuous even color

Thoughts on making sellers put photo with date and username on sales threads?

ehran

nautiquess

UncleBoots

nautiquess

Boattale

Anderdale

10after10

nautiquess

Squidman24

Andy the Aussie

Platinum Member

UncleBoots

Hvactech

It's only the tip

luethge

not2sharp

UncleBoots

Boattale

BP Green

Cosmik001

Peter Hartwig

nautiquess