How to avoid being hacked in Runescape

There are so many people out there getting their accounts wiped / hacked per day due to many of these methods and I hope that making this thread will help at least a few of those people. This is a very vague explanation of what these are and I may not have got it all 100% correct so please don't have a rage at me =/.

The Team Viewer scam
Team Viewer is one of the most insecure types of software I've ever come across. It's only good in case you want to help a friend fix their computer or something similar to this. If you really want to view their screen ask for a screenshot or use the function through MSN. 

Team Viewer allows the other party to have almost full control over what is sent to and sent out by your computer. Most people will infect you with a keylogger or a RAT using this method and you won't even realise you have the keylogger unless you scan your computer.

The email phishing scam
There has been plenty of threads like this of people going around asking if these emails are legit and from Jagex, they are not. These emails are from people that go through runescape member list forums and send mass emails out with links to phishing sites. To get a better explanation on this CLICK HERE. Jagex will almost never send you emails and if they did there would also be a message in your inbox on runescape.com.

Host File Editing
This happens very rarely and you would have to be infected by a program such as a RAT before this happens. Editing runescape.com to a phishing site makes it so you will not even notice that you are on another website other than runescape until your password has been changed. Check the page source if you suspect that it isn't the real runescape site for anything related to hosting or a free host such as ***.

Most phishing is done by posting threads to something that people would generally like to see on forums like these. It's pretty easy to know what is real or fake because all you have to do it scroll over it or copy the link into notepad and make sure it's runescape.com. If you spot a phisher, it's good to report it to it's host so it is taken down. 

Java driveby
Java Driveby's are one of the hardest to detect. You won't actually know that it's infecting you and you won't be able to tell if it is a clean applet or not. Generally you shouldn't go on any website that you do not trust or any runescape IRC channel. If you want to use a IRC channel then download mirc which is a piece of free IRC software. Generally Java driveby's place a Keylogger/Rat onto your computer. I've even seen some RSPS's (Runescape Private Servers) that inject your computer with Rats/ Keyloggers so be careful with what you join.

Keyloggers / Rats
Keyloggers / Rats are the worst of all. Thousands of people get them and most virus scanners will not detect them. Most people get them from downloading off non-trusted sites or off a YouTube video. The file could be of any format because I have even seen someone bind a Keylogger to a text document. Most keyloggers market their video's on Youtube as the following things:

  • Free runescape Hacks
  • Runescape Money hacks
  • Runescape member pin generators
  • iDungeon bots

And many more. I highly recommend if you think you are infected to read the section below on how you can get rid of it if you are infected.

Recovering accounts
This isn't a issue for many new accounts but it is for old accounts. Even if you had a bad password years ago it could still be used against your account now or in the future. Make sure that you use a different email for runescape as you do for things like Facebook / personal things because information from their can be used for answering recovery questions or extra information on recovering your account. This happens to only a few people but when the person manages to get the information, it's really hard to get your account back. Also take in mind that some keyloggers / rats keylog recovery information so if your password is changed please read the section on how to remove the keylogger before submitting the appeal.

Email hacking
This isn't really a issue unless you use one email for everything. If you are on a runescape forum and your email there is connected to you runescape account, it could potentially be hacked. Email addresses are now becoming the main target due to people having more knowledge about Phishers, Keyloggers and more. People are generally only targeting wealthy accounts but you still could have your email compromised. Due to the new system, people are able to recover your account just using your email set on your account. This means that you can get the person's runescape account without even knowing the password. For more information on email hacking, read my other guide located HERE.

What should I do if I fall for one of these hacks?

The Team Viewer scam / Keylogging / Rats / Java driveby's: Keyloggers / Rats are very hard to detect and I've even had one before. Virus scanners like AVG, Norton and Adaware will not detect keyloggers. There is only one program that I found successful which is MalwareBytes. To prevent getting Keyloggers / Rats in the future, I would recommend Comodo Firewall. Even if you don't think you have one and you have not re-installed windows recently, I would recommend doing a quick scan with Malwarebytes anyway. If you have entered your recovery information for your account at any time before you removed the keylogger / rat then read the recovery section below.

Phishers / Email Phishing Scam: Falling for phishers isn't such of a big deal unless you enter your recovery information as well (Read the recovery paragraph below). All you need to do is change your password on the http://runescape.com website.

Host File Editing: Firstly read the method on how to get rid of a Keylogger / Rat and make sure that it is gone. Read This webpage for the location of your host file and open it in notepad. Search for runescape.com or something similar and delete that line.

Recovery: If you suspect that your account has been recovered because you have changed the password after you have scanned your computer then do a second computer scan just to be sure and make sure it is with Malwarebytes. If this fails visit the runescape forums and go to the topic with the quick code 250,251,395,61725846 or CLICK HERE. The account clean trial will only work if you are the original owner of the account. If you are not there isn't much you can do.

Email hacking
If you suspect that someone has access to your email and it is connected to your runescape account, I'd recommend to changing it at least temporarily to a email provider like hushmail straight away. Generally, people will go straight for your account but if they are able to hack it once and obtain your information, they are able to get it back again. Remember that it's probably better not having a email connected to your runescape account. It's easier for you to recover but it's also easier for others to recover. If you have a email on your account already, it's not such a big deal but keep the email secure.