- RuneScape Wiki
Phishing - more information
|This template is being phased out. If you have found it, please remove it from the page.|
Phishing is used to acquire personal information such as usernames and passwords by posing as the RuneScape website or an email from Jagex. In almost all cases the source appears to be legitimate, and usually looks professional however the intent is always malicious.
Phishing is illegal in the UK under the Computer Misuse Act 1990, and in the USA under the Computer Fraud and Abuse Act 1986, as well as equivalent legislation in many other countries around the world.
Phishing attempts can appear to be official and relating to RuneScape and Jagex. These range from near identical websites and emails promising free membership, moderator status and Beta invitations for upcoming Jagex releases. They can also threaten to take action against your account unless login information is provided. Remember that Jagex will NEVER ask for your account information.
How to Spot a Phishing Website
There are a number of people who will create fake websites to try and trick you into giving out your RuneScape username and password. Don’t worry Phishing websites are easy to spot if you know what to look for.
1. The main giveaway is the URL, which will NOT be associated with any of our official domains see below;
You can always bookmark www.runescape.com, this way you will always know you are visiting the official site.
2. The best way to know when it is safe to enter your account details is the SSL Certificate in the URL bar (where you enter the website you want to look at). This is a security protocol which you can use to check the legitimacy of the website. You can also left click on the certificate to find more information about who is running the site.
Our new website does not show this SSL certificate on the homepage so please make sure it is definitely www.runescape.com before you enter any login details.
A large number of phishing sites will use the "login" or "failed login" pages instead of the homepage. These pages will always have the green SSL certificate. Pictures of the way these pages should look can be found on the Identifying Phishing Websites thread in the account security forum
You can also access the game via the "Play Now" button. This looks slightly different to the login page accessed through the top menu bar of the RuneScape home page and it does NOT include a SSL Certificate. The URL will always be http://www.runescape.com/game.ws?j=1. If the URL looks any different to this, DO NOT enter your details as it will be a phishing site.
3. Jagex will never offer free membership, beta access or P-Mod status through a website.
Forum Phishing Sites
Some phishing sites can appear to be the RuneScape forum as our security measures are based on the login pages.
These forums commonly ask you to post a message to join a clan or offer free items if you post. For you to be able to do this you must first login using your RuneScape details. It’s at this login page where your account information can be phished. The hijacker is hoping that you have been drawn into the scam with the forum so you won't be vigilant with your security checks on the login page.
This information is all you'll need to identify a phishing site and keep your account safe. If you don't see a SSL Certificate then please don't use the site.
How to Spot a Phishing E-Mail
Phishing emails are very easy to spot if you know what you are looking for. Jagex rarely contact players through their personal emails, the exceptions are newsletters, billing support, and password requests, otherwise we use the in game mail box. If you do happen to receive an email from Jagex, you will be able to tell it's genuine by looking for the following points;
1. E-mails sent by Jagex will always originate from either: firstname.lastname@example.org, email@example.com, @email.Jagex.com or @email.runescape.com addresses.
2. Any emails sent by a Jagex representative will have the correct spelling and use of grammar. If the email you're reading has any spelling mistakes or strange sentence structures, be cautious.
3. Jagex employees will NEVER ask a player for your password. We have no need for it.
4. Phishing emails may offer free membership, Player Moderator Status, free in game items and beta access. If it sounds too good to be true, it usually is. Check the validity of these offers on the official RuneScape website, and also confirm the senders e-mail has not been "spoofed"(more information on this below).
5. In most cases phishing e-mails will contain links to malicious websites. Do not follow these links without double checking the hyperlink before you click it (more information below). The official link that takes you to the game page is http://www.runescape.com/game.ws?j=1, so if it does not look like this be wary.
Phishing E-Mail examples
1. Subject - Your account is under our suspicion participating in Unusual Account Activity!
The subject of this email is very badly written and doesn’t really make a great deal of sense.
Be extra careful with emails like this which contain buttons though. The malicious link is concealed behind the button and is much harder to spot than a simple ‘masked’ link. Hovering your mouse cursor over the button should still pop-up the actual destination of the link in most mail clients.
The highlighted sections of the image show the most obvious clues that this is phishing:
1. The email contains the wrong RuneScape Logo
2. It is addressed to “Player” if we were to send an email about a specific account, we would address the email to that account name.
3. The email includes detailed IP and host information – We are not legally allowed to supply this information.
2. Subject - RuneScape Account – Notice
Both the “Play Now” button and the link below the text lead to a fake malicious website
1. The email contains the wrong RuneScape Logo
2. As with example 1 this email is not addressed to your account name
3. We will never email you about “conflicts with the EULA” or any other rulebreaking, we will contact you via your in-game message centre. We do not even have a EULA other than the Terms & Conditions you agree to when creating and playing on an account.
4. We will never ask you to validate ownership of your account in an email
5. The text contains a large number of grammar errors (The last sentence doesn’t really make sense)
3. Subject - Your account received a infraction
This is one of the simpler forms of Phishing email. It is entirely text based and relies on your fear of being banned to catch you.
1. The email is addressed to “Player” again
2. There is no “Danger Zone” that we would place your account in. Every offence added to an account will have an accompanying entry in the account management section of our website
3. If we were to take any action against your account, we wouldn’t email you about it.
4. There are no “Rules and Conditions” there are “Rules” and there are “Terms & Conditions”
5. The grammar of the subject is incorrect (It should say Your Account has received an infraction) and we don’t give “Infractions”
6. The grammar of the first paragraph of the email is also incorrect. Any email sent by Jagex will contain correct spelling and grammar.
How to Identify "Spoofed" E-Mail Addresses
If you do receive an official looking e-mail from Jagex still be cautious, there are ways to change the appearance of a sending address in the "From" field of an e-mail. This process is called "spoofing" and may make an email look official. There is a way to check the actual sending address of an email and this can be done by looking within the emails header information.
The header information contains a report about who sent the message, and how it got to your inbox. It's a great way to help determine malicious and safe e-mails.
Most e-mail providers will have the ability to view an e-mails header information. We have included instructions about how to do this for the more popular providers below. If your provider is not mentioned here, please review the help documentation that is available within the application for more information.
|AOL||Open the email message. Click "details" under the "To" field.|
|Gmail||Open the email message. Click the down arrow next to the "Reply" button. Select "Show Original".|
|Hotmail, MSN and Windows Live||Right click the email message. Select "View Message Source".|
|Yahoo||Open the email message. Click on the "Full Headers" option (lower right hand corner).|
What the Jagex Header Looks Like
If you receive an e-mail from us, hopefully the header information should look like the below;
Received: from mta.cheetahmail.com
From: "RuneScape" @email.runescape.com
How to Spot Hidden Links
Hijackers often try and hide links to their phishing sites behind legitimate looking links in their e-mails. You can add a link to any site on any text like this. But this means you can also pretend it's going to the RuneScape site like this http://runescape.com/. As you can see it looks like it's going to RuneScape.com, but it actually goes to Jagex.com (don't worry, it's not dodgy :))
To stop this happening, hover over any link with your mouse before clicking it. Your browser will show you the link in the bottom left. If the site looks dodgy then don't go there.
How to Report Phishing
The best way you can help us and your fellow players is to report any malicious looking websites and emails direct to us. There are several ways you can report phishing depending on how you come across it;
- If you see a phishing website being advertised in game, you can report that to us by using the report abuse button. Please classify this under the advertising website offence.
- If you should happen to come across a site out of game, then please report the link via email to firstname.lastname@example.org.
It is advised that you run a virus and malware scan on your computer before logging into the forum.
- If you have received a phishing email, you can report it to us via email. To do so, follow these simple steps:
- Make sure you include the email header in your report as it contains information about who sent the message, and how it got to your inbox. For more information in this please see the "How to Spot a Phishing Email" section at the top of this page.
- Forward the phishing email, along with the email header information to email@example.com.
- Remember not to copy and paste the email as this will mean vital information is lost.
Once we have received your report we can then work to remove the phishing sites as quickly as possible.
More information about ways you can helps us in our fight against Phishing can be found on the main Phishing page.
Report a wiki page
If you have identified content on the wiki that breaches the wiki policies or RuneScape rules it is possible for you to resolve this by editing/updating the content.
However if you feel that a user has seriously breached our rules or editing policy and this requires urgent attention from a member of staff, then please specify the issue from the below categories: