A bunch of guys have lately been stealing players’ passwords in gms, through websites promising bytes. I assume they’re using the accounts they steal to advertise them further in gms, as some of the player gming had pretty high lvls (One even had lvl 161).
The websites are not using .com domains and instead are going for cheaper, and even free options, as I predicted a long time ago.
(Ik this info isn’t really useful, but I wanna share it cuz I feel cool from predicting that)
Now onto the suggestion. Block the entire list of TLDs. Also parse every gm to remove spaces before checking (To prevent “. com” from passing). This could be a temporary, or a permanent measure, I’m voting for permanent. If I’m right about them using the stolen accounts to gm, then lots of accounts have already been stolen, action needs to be taken immediately.
.tk domains are notorious for being taken away when the site’s traffic gets high, and redirected to some questionable websites, so don’t be surprised when that domain starts leading you to the darkest places of the internet…
This would probably lead to massive overblocking, as there are many TLDs that are just regular words. Having multiple sentences in one message then makes it very likely something will get censored wrongfully.
Then just do that with every free domain at least.
Something needs to be done, those aren’t just noob accounts, they are people who probably played for years already.
They could also just completely remove punctuation for now, can’t type any links that way.
Edit: Just checked, they do it for every free domain already. Just need to parse the spaces off and probably check for a space after the TLD, to ensure it isn’t just a part of a word.