are tricksters a problem?

9 Feb 2006 - 9:55am
8 years ago
1 reply
222 reads
ewengert at com...
2006

I just wrapped up a project with a client extremely concerned about tricksters (different from hackers). The site we created allows users to sign up for special offers to be sent via cell phone. The client repeatedly brought up the worry that a trickster would enroll other people in the program, thereby “harassing” them with a text message that prompts a double opt in. Despite our concerns that this scenario wasn’t very probable, the client pushed back enough times that we eventually added in quite a bit of functionality to “prevent” this, some of which we believe mildly damaged the more typical user experience in the process.

Now that the project is complete, I’m wondering if others have encountered client concerns about tricksters or have their own concerns. Any stats out there on the likelihood of a site being abused? I know blogging sites are vulnerable to spam, for instance, so many have those warped letter entry fields. But our site involved a 2-page, rather lengthy signup (including supplying a phone number and creating a password). Anyone ever seen a signup form like that misused?

Emily

Comments

9 Feb 2006 - 6:56pm
Steve Baty
2009

Emily,

We regularly include a range of safeguards in our service subscription forms
to avoid just this kind of abuse. Further, in the outgoing communications
generated as a result of such subscriptions we include a notification to the
effect that "This email has been sent to you from <siteName>. We're sending
you this because we believe you requested it through our site. If you
believe you have received this communication in error, you can unsubscribe
at <siteURL> or contact <siteOperatorEmail> for assistance."

We typically protect against the form being submitted from an external
address - since this is how an automated trickster-type would operate.
However, it is difficult to stop someone from going through and completing a
form on behalf of somebody else. That is why you will see many service
subscriptions generate a notification asking the recipient to come back and
confirm their sign-up before activating the service.

Best Regards,

Steve Baty
Director, User Experience Strategy
Red Square

On 10/02/06, ewengert at comcast.net <ewengert at comcast.net> wrote:
>
> [Now that the project is complete, I'm wondering if others have
> encountered client concerns about tricksters or have their own concerns. Any
> stats out there on the likelihood of a site being abused? I know blogging
> sites are vulnerable to spam, for instance, so many have those warped letter
> entry fields. But our site involved a 2-page, rather lengthy signup
> (including supplying a phone number and creating a password). Anyone ever
> seen a signup form like that misused?
>
> Emily
>

Syndicate content Get the feed