lol you don't se what else they can do...   they are legally obliged to do a lot more than they are currently doing under EU GDPR data protection laws!  As site owners they have many tools at their disposal to curb this scam activity!  reserving those sensitive names so that users cannot create accounts with them is a requirement, not doing so shows blatant breach of user data security allowing your systems to be used for deception! it is such a simple thing to reserve certain usernames, is zazzle simply created a few accounts using the sensitive names that could be used to trick users then  its impossible for new users to create such usernames if they aren't available. its so simple its frightening but to have still not done so after months of hack attempt reports is quite concerning to me.

Not allowing external, links from chat is a super simple server setting that again, hasn't ben implemented and is the main reason the hackers keep coming back because they know if they can trick a user to click a link they can scam them.  If this was my site, it would be the first action i would take to safeguard my members, if you cant post external links in chat there is  no way of processing payments, hence its pointless them even trying but while the owners of this site continue to allow external links all new members are at risk.

The popup warning actually gave me the impression it was verifying the message in my inbox as it was the first time i had used the message center and it was the first message i received with that banner saying make sure they have a zazzle badge.. and the scammer had used a Z logo which i wrongly assumed was what they were referring to..   If however, in that banner was examples of the official badges they refer to, i would of immediately released the message was fraudulent.

I understand a lot of you are veteran zazzlers and cant understand why these people get tricked but please remember that new members here are simply looking at the homepage and creating an account and are immediately in design mode concentrating on  learning the site functions, thinking about your store, there are no forced popups to let new users know the message center is not a secure staff internal msssage center as i initially assumed but is an insecure message center.

look at how ebay handles messages it's tied to a product so the message arrives with the seller as a product enquiry which is proper, not as an open message that you can change the title and use fake usernames and site logos.

I just don't think it is too much to ask the site owners to help protect us more, with a few really simple changes this place could be infinitely more secure and less of a risk to users.

regards

DD

I only know Etsy is flooded similarly with these messages so it seems to be they find a way but yes banning and sifting the users names is a good idea and has been suggested . They are actioning things and I assume this is in the works. It has also been suggested to ban external links in messages. It’s a good idea to use search to see if thread has already been posted and is under review. And to post these issues in technical forum. It helps admin see them. Have a review of that forum along with tips and ideas etc. lots of great info for new and older members.

 It has also been suggested to ban external links in messages

Just an FYI that they did add a warning to chat links: