Forums

Recovering from Hijack [Info]Thread is lockedThread is sticky

Quick find code: 408-409-321-66033695

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
Recovering from Hijack [Info]


If your account has been hacked - don't panic! You'll be able to secure your account and your device in no time. However it's important that you take the right steps in the right order to keep not just your account as secure as possible, but your devices as well.

Below is a step by step guide on securing your account and device in the best and most secure way possible.

What are the Steps to Recovery?

1. Securing your Device (PC/Mobile)
2. Securing your E-Mail
3. Securing your account

If you do these steps in a different order, you risk your account being hijacked again.

Securing yourself after an account hijack means more than getting your account back into your own hands. It may be that your E-Mail has been hijacked, and your device may have a keylogger installed. If you can't be certain that your E-Mail and device aren't 100% secure, then you can't be sure that your account will be secure even after it is recovered.

… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

07-Aug-2018 16:33:35 - Last edited on 17-Jun-2023 15:27:45 by Iceberg

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
Security Checklist - Step by Step

Below is a checklist of items that you can refer to on securing your account the best way.

Device Security


1. Run a malware and virus scan.
Sometimes computer viruses are only found through an anti virus or anti malware program conducting a full scan. If you're using mobile, your phone needs protection too!

2. Make sure your device is up-to-date.
An up-to-date device helps to protect you from exploits. Make sure that the time and date on your device is accurate. This will help with adding Authenticator to your account later.

E-Mail Security


3. Make sure that your E-Mail account is secure.
Most E-Mail providers have the option to add further authentication methods to your E-Mail account, such as 2-step verification. You should also change your password for your registered E-Mail address. Advice on keeping your E-Mail account secure can be found here. Make sure that the recovery E-Mail and phone number for your E-Mail address are also yours.

4. Ensure E-Mail forwarding is not switched on.
If your E-Mail account was accessed, they may have set up E-Mail forwarding to forward E-Mail to another address.

5. Ensure that your E-Mail account filters are not set to block incoming Jagex E-Mails.
This will help later on when you get to the RuneScape Account section.

Note:
Make sure you only open E-Mails that you've specifically requested from Jagex. Advice on spotting suspicious E-Mails can be found here.
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

07-Aug-2018 16:33:45 - Last edited on 17-Jun-2023 15:02:35 by Iceberg

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
Linked Accounts


6. Review your RuneScape account's linked accounts.
You should unlink any accounts that look unfamiliar, and ensure that your accounts on these platforms are also secure if you have any of your own linked. Advice on linking/unlinking third-party website accounts can be found here.

Steam (applies if you have your Steam account linked to your RuneScape account)


7. Securing your Steam Account.
If your account is linked via Steam, it's important to make sure that is secure as well. It is HIGHLY recommended to enable Steam Guard. You can find out more about Steam account security here: https://support.steampowered.com/kb_article.php?ref=1266-OAFV-8478

RuneScape Account


8. End your Account's active sessions.
You can do this via your Account Settings on the website, and clicking "Active Sessions" on the bottom.

9. Make sure the registered E-Mail for your RuneScape account is still your E-Mail that you secured earlier.
Check this in your Account settings by heading to "E-Mail and Communication Preferences".

10. Change your RuneScape password.
Jagex have provided some excellent password creation advice here.

11. Set up Authenticator for your RuneScape account.
Advice on setting up Authenticator can be found here. This can be done with or without a smartphone!

12. Set up a bank pin if you don't have one already.
Advice on setting a bank pin can be found here. You can talk to a banker in-game to increase your reset period to up to 7 days.
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

07-Aug-2018 16:33:54 - Last edited on 06-May-2021 14:32:26 by Iceberg

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
Booting & Locking Your Account


If you need to boot your account out of the game and lock it, there are a few quick steps you can take. If the password to your account has been changed, you will need to proceed with a password recovery, which will lock your account. Resetting your password if you know it will simply kick whoever is playing it offline. The instructions below detail how to do this varying on the circumstances.


Do you have control over your account recovery email?

Click here for instructions on booting your account offline. Note: This won't help if your account is stuck online due to server issues.

Has your account recovery email has been hijacked?

Click here for steps on setting up a new email and securing your account.

Has your account recovery email has been changed by someone else?

Click here for steps on setting up a new registered email and secure your account. You can also click here for advice on how to keep your email account secure.

Does your account recovery email no longer exist?

Click here for steps on setting up a new registered email address for your account if it has been deleted by you or the email provider.

Have you ended active sessions?

If your account is logged in via Social Media, you'll need to end all active sessions. This option is found in your Account Settings.
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

07-Aug-2018 16:34:03 - Last edited on 06-May-2021 14:37:17 by Iceberg

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
If you have control of your account recovery email...


Booting your account:

• Click here to access the Hijacked Account page where you can submit a recovery request.
+ Entering your login name and solving the puzzle will send your registered email a link.
+ Simply click the link in the email you receive to set a new password.
= The hijacker will be kicked out of the account, allowing you to log in and continue playing.

This will not work if there are server issues.
You must use the account recovery option. Normal password changes are not the same.


IMPORTANT:
Even if you have access to your E-Mail, you should still scan your device, and then make sure that your E-Mail address is secure. You don't know if someone else has access to it until you check your E-Mail security settings!

Guiding somebody else through:

• Tell them to go to the RuneScape homepage.
+ In the top right hand corner of the page, there is a 'sign in/join' link. Click it.
+ An interface will appear, asking for a username and a pass.word.
+ Underneath the password box, there is some text that says Can't login? - Click it.
+ Select I forgot my password
+ Enter your log-in name and solve the puzzle.
+ An email will then be sent to your registered email address.
+ Click the link in the email to change your password.
= The hijacker will be kicked out of the account, allowing you to log in and continue playing.

Not receiving any emails from Jagex?

Click here for some tips on making sure that emails can come through to you.
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

06-May-2021 14:32:56 - Last edited on 06-May-2021 14:38:42 by Iceberg

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile
If your account recovery email has been hijacked...


Scan your computer:

If you need some good security programs, take a look at this page. It contains some links to recommended programs (which are free) that will help you along the road to account recovery.

It is important that you let the scans finish before you make a new email. If you still have dangerous software on your computer your account will most likely get stolen again.

Once the scans are finished:

You need to create a new email account. It's recommended to create a 'google mail' account due to their excellent security measures.

Setting up 2-step verification:

Whilst you are here, you should consider setting up 'Gmail two step verification', as it keeps your email account very secure too. When someone tries to log in to your email, it sends your phone a text. They need the text to log in to your email, so hijackers are unable to log in.

After you've scanned your pc and created a new email, click here to submit an account recovery, and enter your new email as contact email.

Setting up Authenticator:

You should enable the RuneScape Authenticator to keep your RuneScape account secure. You do not need a smartphone for this!
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

06-May-2021 14:33:05

Iceberg
Sep Member 2008

Iceberg

Posts: 20,620Opal Posts by user Forum Profile RuneMetrics Profile


—————————————————————————————————————

Many thanks to Nurses and Samora Kiba for the support in revitalizing this thread. And thanks to Salubrious for creating and maintaining the previous version of the lock/boot your account guide thread, and to many years of service to the RuneScape community. :)
… .
_|―――|_

… …
( '
v
' )
.……
I
C
E
B
E
R
G

>--
(
…
:
…
)
--<

06-May-2021 14:36:19 - Last edited on 17-Jun-2023 15:28:04 by Iceberg

Quick find code: 408-409-321-66033695Back to Top