One thing for sure.. a couple people have been dead on the mark and their perspective lets me know that im not going crazy and that i am getting through to not only the mods but everyone reading this thread too!
I was re-reading this thread and it seems $username has been calling it how he sees it the whole time! He has been money and i will use him and another member as an example to show that im not coming out of left field when i say there is a huge flaw in the forum and i have been taken advantage of because of it.
There is no 2factor, no email verification when a users email is changed .. nothing. That in combination with the allowing of accounts to be bought and sold (WITHOUT A SIGNED MSG FROM PREVIOUS OWNER) i believe creates and environment perfect for the manipulation of the flaw.
Just posting here to let you know I'm in a similar boat so this is no means an isolated case. My account got hacked which could have been prevented had email confirmation been enabled on this forum to begin with. The only difference is no one has stepped up to dispute my claim to my account yet. Unfortunately, I haven't received so much as a peep from theymos and I've been sending him weekly PM's since Sept. in the required signed format outlined.
Frankly, I don't understand how a forum so lax in security can be used to conduct any serious business or money related matters -- this is just ludicrous. Your forum password is the only line of defense and should that be compromised -- whether your fault or not -- then it's basically game over. There's no other recourse then to keep PM'ing forum admin until they respond.
If it were up to me, this is clearly an open-and-shut case: you provided a signed message proving ownship of said account -- the current person in control of your account cannot provide a signed message proving he bought the account legitimately. Ergo, account access should be restored back to you.
Sorry to hear about your expierience man, that sucks. Thats the part that pisses me off too. For some reason from our viewpoint its crystal clear a simple email confirmation could have prevented the whole thing. Im a lil tired of spelling it out eli5 style for people like Willisius so i wont even bother.