Reminder to keep your account secure.

[Spedaval]

Tonight Killajokas account was compromised and he lost around 65m, this is a good time to remind everyone to make sure your runescape accounts, and other accounts for that matter, security is up to date. 

 

Remember to change your password every few weeks, using a password management program like LastPass can help you with keeping track of changes to your passwords and can even generate random passwords for you. 

 

Make sure you have an authenticator on your runescape account, as well as 2-step verification on your email account (don't use SMS 2-step, make sure its an actual authenticator, its very easy to spoof phone numbers or to get a phone company to swap over your number to a new sim card) 

 

Using an email that isn't connected to any other accounts other than your runescape account can increase your overall security, as you won't risk a database leaks from other websites. 

 

If you use social media (Twitter, Facebook, Grinder, so on) be careful about giving out "useless" pieces of information like a street address growing up, internet service provider, cell service provider, so on. This type of information can be used to attempt you recover your runescape account through Jagex's terrible recovery system. 

 

Be wary when downloading certain content from the internet, even if it seems useful. Just a couple years back many people ended up downloading a RAT from a jad simulator and lost their accounts due to this. 

 

Make sure you know who you're talking to on discord, in the past in WG we've had issues where people were trying to impersonate higher ranking members in the clan like Mojo on discord and asking people to go to suspicious links and enter their info on a "runescape website" Remember, no matter who it is, tell em to get stuffed if they ask for your information. 

 

Be careful when joining unknown Teamspeak or Ventrillo (Ancient tech, I know!) servers as there are a few malicious practices like having a message pop up asking you to upgrade your teamspeak, and linking you to a shady website where you can download said "update". 

 

As a reminder old school runescape DOES NOT a double exp weekend, you may see multiple twitch streams advertising things like double exp weekends for osrs, or that a large streamer like woox or B0aty are quitting, these are also scams. 

 

There are also many facebook posts about double exp and osrs mobile being released, these are also phishing links and should be reported/blocked/avoided at any cost.

 

No matter how close you are with someone don't give out your information, if you end up have a falling out the information you may have shared with them (passwords, bank pins, so on) could be used to later recover your account. 

 

Don't buy accounts or use accounts that your friends give you, if the original owner of these accounts wants to start playing again they can just recover their account and you've basically just played the game for them and there isn't a thing you can do, and no... Jagex doesn't care. 

 

Many players have dabbled with private servers in the past, make sure that you don't accidentally use any information that you used on these servers for obvious reasons. 

 

Make sure your passwords are hard to guess but easy to remember, also try to make sure your passwords are unique to eachother, and again... make sure to change these passwords every few weeks to every few months. 

 

Here is a link on how to set up a non-sms authenticator for a gmail account. 

 

 

 

Here is a reddit post that outlines more steps that you can take outside runescape, mainly focused around emails and lastpass, to step up your account security. 

 

 

Edited September 17, 2018 by Spedaval

[AAIGHT]

Most importantly is to use a different email for runescape. this is not your login email but the one jagex would email you too incase of password resets.

Ive been hacked once, but never since I got a different email WITH 2step.

 

Sick guide btw dude

[Wilderness]

Good stuff, everyone should have a read.

[Adult Cat]

I'm playing since late 2004. Never been hacked. Used only rs client (now using runelite, cos don't care bout game).

Don't have bank pin/auth. 

Playing fine. If you visit some phishing links, bots, private servers - you will be hacked 100%

And its ur fucking problem.

Edited September 17, 2018 by Adult Cat

[jared]

id love to know how he got hacked, you almost have to give your info away at this point

[whathefook]

16 years playing never gotten hacked. 

[Mojo]

I've not been hacked since I started playing in 2004.

 

LastPass is a really good tool provided you follow the outlined steps.

 

Thanks for all the info

[Lait Choco]

Just remember kids, Randy trims your armour like no other!

 

Really please me to see such a post dedicated to account security. RS always will have creepers lurking for your bank, better be protected

[AAIGHT]

4 hours ago, Adult Cat said:

I'm playing since late 2004. Never been hacked. Used only rs client (now using runelite, cos don't care bout game).

Don't have bank pin/auth. 

Playing fine. If you visit some phishing links, bots, private servers - you will be hacked 100%

And its ur fucking problem.

what would they even steal from your bank.

a ball of wool?

[Adult Cat]

11 hours ago, AAIGHT said:

what would they even steal from your bank.

a ball of wool?

Well, since I lended you my 3 tbows and billions of gp - yea. 

Time to give em back though

[Lait Choco]

On 9/17/2018 at 10:27 PM, AAIGHT said:

what would they even steal from your bank.

a ball of wool?

Bet you don't got any in your bank yourself