when using automatic auth scripts you need to build in checks.
I'm on netgamers which uses a uworld service bot called P.
the auth is done by using: /msg
P@cservice.netgamers.org LOGIN <NAME> <PASS>
this makes it impossible for others to fool you into being P, because the reply you send goes to 1 server only.
people have to spoof their hostmask to get around this one ;-]
with nickserv it's always best to use /NICKSERV and not /MSG NICKSERV...