Forums

Random Hacking

Quick find code: 408-409-868-66090496

of 3
Malua
May Member 2006

Malua

Posts: 30,447Sapphire Posts by user Forum Profile RuneMetrics Profile
With respect, if Jagex files were insecure and "hacked" the hijacker would start with the wealthy, higher stat accounts first.
It would be some time before they worked their way down to a mid range account like yours.
And, long before they got to your account there would be a significant amount of online outrage about what was happening and the files would be secured.

Have you checked the logins to your email?
Have you changed your email password?
I believe your email is secure and that instead you have been deceived into allowing access to your device.
The fact that your Bank PIN has been bypassed is significant - this alone indicates a particular type of intrusion.
Do you use third party programmes? e.g. Runelite, OSBuddy
Forum Community Helper -
Information about the Community Helper Team

19-Mar-2019 08:26:23

Skod†River
Nov Member 2009

Skod†River

Posts: 6,010Rune Posts by user Forum Profile RuneMetrics Profile
@Sirnorfolk94.

I asked you if you used OSBuddy / Runelite client , and you have not answer this question yet , beside this :

Without saying if I have or havenít used a client, itís clear to me that itís easy to use an open source client as a scape goat.

With this answer do it really sound like you did use one of them , and now are you just trying to find excuses for your own mistake , and it is so easy to blame Jagex and saying their platform are insecure.

We know so many players are using those clients , even to Jagex have always said they are used in our own risk.

@Malua

So i believe he did, with that answer he came with.
Clan : Order Of Adventurers

FriendsChat : Ooa team

19-Mar-2019 10:35:23

Ladyolake
Jan Gold Premier Club Member 2008

Ladyolake

Posts: 3,373Adamant Posts by user Forum Profile RuneMetrics Profile
If it were something to do with Jagex not being safe, there would be thousands
of people posting right now about getting hijacked.

And it is your responsibility to keep your account secure, starting with using
the security features suggested by Jagex.

And I find on the forums that alot of people hijacked are using OSbuddy and/or
Runelite. You do know you are giving away your info each time you log in, dont
you? Do you really want to trust people you dont know by giving away your
info like that?

Good luck in your endeavors.
The richest person is not who has the most. It is who Needs the least.

19-Mar-2019 10:41:51

SirNorfolk94
Nov Member 2018

SirNorfolk94

Posts: 12Bronze Posts by user Forum Profile RuneMetrics Profile
I havenít entered my details into a phishing site, my email does appear to be secure however. Using your own logic, there are thousands of players with higher stats that are using Runelite for example.

I say itís Jagexís job to keep the accounts secure, as it is in a real life bank scenario, the 84 million pound turnover company seems to have done little to improve their own internal systems since I played in 2008.

Indeed I thought Iíd just been cleaned from my inventory and was most surprised to see my entire bank wiped. The fact they left me in edgeville shows they must have accessed my account for some time to kill me each time and take my stuff. Realistically you couldnít deny I could have been individually targeted through Jagexís system if someone was upset with me in game. Itís up to Jagex to prove that itís system wasnít compromised even by an lone attack, for example.

19-Mar-2019 13:05:52

SirNorfolk94
Nov Member 2018

SirNorfolk94

Posts: 12Bronze Posts by user Forum Profile RuneMetrics Profile
Is there anyway to change the email my account is associated with? Also, how come I donít need auth every time I log on, even from the same PC? I will continue playing, without a doubt, but I want it all water tight.

19-Mar-2019 13:07:19

Skod†River
Nov Member 2009

Skod†River

Posts: 6,010Rune Posts by user Forum Profile RuneMetrics Profile
Your question about Auth of why it do not ask for code each time you log in , that is pretty simple to answer.

When you have open the client and used your login details and Auth code to log in , then will it not ask about that code again , before you close the client and open it again or if you ticked that remember this device for 30 days (which never hold 30 days).

Again if you used those clients , did you use something that Jagex do not have any control of , so each time you log in , do you give your details and such away to other parties there has nothing to do with Jagex , and that statement about it is a Open source , do that not mean it is safe to use.

If you want to be safe in the future , can i only advise you to use those clients that Jagex do provide for us to play on.

If you look into their T&C # 17 , then will you see that they do not endorse using those clients , so just because so many are using them , do it not mean the are allowed or approved by Jagex and also here where they always have said they are used in your own Risk.

It was your choice to Use it , not Jagex ;)

Look into this support page : Changing your registered email . that will not change your login email , since that is settle in stone.
Clan : Order Of Adventurers

FriendsChat : Ooa team

19-Mar-2019 13:36:05 - Last edited on 19-Mar-2019 13:40:26 by Skod†River

SirNorfolk94
Nov Member 2018

SirNorfolk94

Posts: 12Bronze Posts by user Forum Profile RuneMetrics Profile
Okay, so if I ticked authorise for 30 days. How do I undo this, or to I have to disable and redo my auth.

Changing the registered email will prevent anyone from changing something, that requires email login.

Is it considered safer to have a different registered email than the one you use to log into OSRS

Realistically if you need auth to get in via my mobile phone, there is no way they can get in??

I am still very concerned how my bank pin was obtained, and why me?

I will pursue my other concerns elsewhere as itís become clear that doing so here probably isnít the place I need to do it.

19-Mar-2019 14:05:26

Skod†River
Nov Member 2009

Skod†River

Posts: 6,010Rune Posts by user Forum Profile RuneMetrics Profile
Well if you ticked that remember this device for 30 day's , then do you need to wait until it ask for your Auth code again or disabled it and set it up again.

Well you can set Auth up on your Mobile Phone , USB stick or even a file on your computer.

Auth are so secure as your email are , if your email are insecure then are Auth insecure as well , since our registered email for our account(s) are the front door key to our account(s) can you protect it with 2fa on your email.

Auth can be bypassed in the same way as the Bank pin for our in game wealth , so if it is still active can it only be bypassed in this way's :

1. You got Phished (where you gave them all the information) , or some one close to you know your login details and can access your phone for the code.
(know that most of the phishing scams there are , do many of them ask for your Auth code and Bank pin) keep in mind Jagex will never ask about those 2 things.

2. With a Rat in your system

Well we can't tell why it happen to you , but i have seen a lot of cases like yours , when players has used it for a very long time , with out anything has happen , until they where so lucky to get one of the TOP drops or when they have made a lot of GP.
Clan : Order Of Adventurers

FriendsChat : Ooa team

19-Mar-2019 14:23:38

Quick find code: 408-409-868-66090496Back to Top