Market Request (Phishing Protection)

Hello market owners. I am posting this on reddit as I know the majority of you read reddit, and I don't have the time to dedicate messaging individual market staff at the moment. Recently I had an idea that would be helpful in preventing users from staying phished: an account activity log. Similar to what reddit has, although obviously you would not be able to show IP addresses but you can include login time, user-agent, and duration of login to name a few things. With this, you will even be able to show a user an alert that their account has possibly been phished. For example if the user is showing a login every 30 minutes with a user-agent that is different than the user-agent that logs in intermittently (daily, weekly) this is a sign of the user being phished.

This is a fleeting thought, but I thought it good enough to post in hopes of implementation to protect some users.


Comments


[1 Points] MLP_is_my_OPSEC:

The user-agent for the Tor Browser is the same for everyone

https://www.torproject.org/docs/faq.html.en#NoDataScrubbing


[1 Points] None:

Or only allow 2-FA a much simpler solution. I agree something should be done. But seriously you can't fix stupid. Guy on here today talking about his two orders not showing off AB same link from hidden wiki he used for two months. First orders. My grandkids understand searching the fucking internet.

I am simply amazed some days. Top post EIC down. Hour later fuck " I just sent 5 BTC to EIC. Will I get it back? " Who the fuck knows man.


[1 Points] InspectorDNM:

On our market have unique method how to prevent phishing. If I do not count 2FA then every user must have set his personal payout address (which can be changed anytime), because our market is without online wallets - that means, coins cannot to be lost or stolen.