Hey Zam admins, how would you handle this kind of harassmentFollow

It depends where they are located at, and how much information I know about the actual location and ISP of the person doing the harrasment. It is unfortunatly very easy for someone to make use of a proxy address, but chances are they didn't start out doing so until they felt they had reason to make mischief. Anything approaching that level I would first go back and look at what information I have related to that person. Since you have his origional IP address and location, and Canada is a signatory to the Digital Millenium Copyright act (which included the cross border enforcement of computer related laws provision), you can at a minimum file a formal report with his ISP to have service shut off, as well as any e-mails that he may have used. He's also entered the realm of criminal activity, so you can take legal action if you have the resources and time to persue that. You can also hire (or have somene in house with a security and intel background) someone to locate all the pertinant details of the perpitrators existance, and then call them on the phone with a device recording the conversation and ask them to stop. They won't, but the reaction on the phone might be worthwhile, and once you have their phone number, the second call from your lawyers to them usually gets a more muted response unless they are bat sh*t insane, in which case law enforcement becomes your best option.

It's usually relitivly easy to get an ISP account terminated for abuse. It's next to impossible to get an overseas proxy server shut down. Depending on where your servers are located, there are various local and national statutes that can be acted on, most often the Computer Fraud and Abuse act.

Even if you get their ISP account terminated, there will usually be 2 or 3 other options they can sign up with, and local library aco@#%^s and whatnot within walking distance, so what we have in place are various account signature comparison and triage tools built into the forum so we can find and destroy incoming spammers and the like, prefferably before they post. People who spam almost always use the same junkmail service (gmail people keep using gmail, etc.) and similar naming convention on their throwaway e-mail addresses (same password too if you can get that from them) They create accounts during the same windows, and they often forget to turn on the proxy when making the account in the first place. Griefers, such as gourdraiden and what you are dealing with are easier and more difficult to deal with, because you don't get the same volume of potential targets, but you also aren't dealing with an army of India based computer roboposters to kill of either.

The law enforcement layer is tricky, and can be somewhat of a crapshoot unless you are persistant. FBI cybercrimes may or may not do anything unless actual money was stolen. Local law enforcement enaction on your server end or his end will vary based on the technical savvy of the officers you interact with. It helps if you have access to a lawyer to act on your behalf, as they tend to take your issue more serious at that point.

If you want, PM or e-mail me the details and I may be able to give you additional pointers.

edit: also, if the icon he used is your artwork, you can also sue him for copyright infringment for around $16k per use. Thats actually a pretty simple and quick legal matter most of the time.

Edited, Jan 21st 2014 12:24am by Kaolian

Whatever you do, do it. Dont have second thoughts and reservations about it. Nothing irks me more than people in authority letting people walk all over them. Well, abuse of rank and authority irks me more, but that's a side issue.

So today I learned I can very swiftly have a person's ISP deny them service on the basis they breached a website's Terms of Service given I can provide them with proof connected to their IP they have done so.

This leads me to wonder to what extent this will work.

His ISP hasn't done anything yet. They keep demanding more and more information and it's getting to the point where I can't give them everything they want to take action with.

So far they have asked for his IP and Enjin's ToS, which I have given them. Just now they are asking me for a complete log of everything he has been doing with his IP as proof. If something like that exists, it's not something I have access to. I have sent a support ticket to Enjin filling them in on the details of the situation and the IP of the offender, but they still have not responded to my first ticket after nearly two days.

I'd love to get a lawyer but I'm not exactly prepared to pay for one. For now he has not been making any new threads on the forums themselves. Instead he has been covertly bombarding individual's user profile pages with false information from an account he made to look identical to mine, most of which have no idea this person is not me, or think my account was "hacked." It really bothers me is how Enjin allows people to use names that have already been taken.

I'd really like to know how it is possible for people to find all the pertinent details of the perpetrators existence, as you say. What sort of person who does that would be for hire?

I was thinking of that. The trouble is finding an option that is anything close as convenient. The other factor being that a huge chunk of our traffic comes from the site's social network aspect.

Wait, your Minecraft servers make up to $4,000 a month?

I'm in the wrong business, holy ****.

Pray for google fiber?

We follow a "free to play" model. They can play for free all they want, but players pay in "donations" which first and foremost is to further the cause of the server and ensure it stays running. In return for their payments, they may qualify for special ranks and privileges, such as the ability to make use of certain in-game commands giving them the ability to do things like fly or instantly fill their food bar.

We also have shop pages on each of our server websites that communicate directly with our servers via Enjin (though other plugins are available to use for this purpose should we decide not to use Enjin, such as Buycraft). There players can purchase special in-game items that would otherwise be difficult (though not impossible) to obtain. On our Pixelmon (Pokemon in Minecraft) servers, players can pay to have pokemon spawned directly into their PC (in game PC used to store pokemon). Once the payment is made, the website communicates with the server which then runs a custom command automatically to do this.


Edited, Jan 24th 2014 2:49am by Kuwoobie

Wow, that's really stupid.

Congratulations, though.