forums.rs

Forums

YouTube Phishing scam

Quick find code: 317-318-478-66190333

of 7
Noromatsuj
Jul Member 2020

Noromatsuj

Posts: 32 Bronze Posts by user Forum Profile RuneMetrics Profile
Eldar Rogon said :
It is foolish to think that these are "nutjobs". Sadly, because of the popularity of Runescape, game assets have a real world value, AND people still want to break the rules. These are professional criminals who are making a good living from this: hijacking accounts, selling the loot - for RS gold, to sell on the illicit web sites - and to use them as further burn accounts in their botting/gambling infrastructure to make more gold - to also sell on the illicit web sites.

*snip*


I stand by what I said. They are nutjobs.

Saying they are professional criminals is frankly a joke. These are likely school children, college kids, or otherwise intermediate or entry level 'criminals' who use readily available scripting and tools others have created to take advantage of gullibility of people who want quick turn around of cash or materials.

They are, frankly, in the same category as phishing email, or simple xml, pdf, or other email attachment viruses. Taking advantage of what other people write, and just piggybacking on the greed of others.

It's like responding to an email from a Nigerian prince that says you are getting 50 million. It's entirely greed-based.

So no, these are not 'professional criminals'. Those who are 'professional' tend to run and/or control huge bot farms and work on remote controlling systems as it allows them a greater return.

These type of people would be easy enough to fight against. They use base proxies or VPN's in marginal attempts to hide where they come from, but use repetitive measures of attack vectors. They're not inventive and just re-use accounts they have previously hacked before.

It'd not be overly difficult to remove these attack vectors, but it will cost revenue to do so, which is why Jagex likely isn't caring much to fight against it. Their loss vs revenue model doesn't make them care.

18-Jan-2021 16:30:33 - Last edited on 18-Jan-2021 16:51:59 by Noromatsuj

Jims Rcing

Jims Rcing

Posts: 76 Iron Posts by user Forum Profile RuneMetrics Profile
I do agree that these look professional, and to a new or unsuspecting player I can see why people fall for it.
Sadly the people who fall for it ends up having their account botted on or sold on the black market furthering the issue. 2k+ maxed 20 defence 87m/200m Runecrafting

18-Jan-2021 16:57:25

Noromatsuj
Jul Member 2020

Noromatsuj

Posts: 32 Bronze Posts by user Forum Profile RuneMetrics Profile
Jims Rcing said :
I do agree that these look professional, and to a new or unsuspecting player I can see why people fall for it.
Sadly the people who fall for it ends up having their account botted on or sold on the black market furthering the issue.

I think you have a good point on a relatively cheap solution Jagex can do.

They should alter the security awareness and invest in showing people how the most common attack vectors (like the youtube ones, the wild/drop party, etc) are done and reward people who go through the classes/training.

Carrot & Stick training classes.

Most businesses do this as well with phish email, cold-call, or other methods people attempt to gain entry into companies. There's no reason Jagex can't do similar.

18-Jan-2021 17:08:17

ByteDancer

ByteDancer

Posts: 1 Bronze Posts by user Forum Profile RuneMetrics Profile
I post this as I was almost a victim of the scam

I have just witnessed spammers on multiple accounts advertising youtube links with external phishing websites as a link in the description of their video. I reported the spammer but this appeared to have done nothing, and every moment that passed without action, malicious sentences were being exposed to flocks of players.

I attempted to seek a mod's attention in the 'Mod Mark' clan chat to get a faster response but was told to "stop making a big deal about it" by ranking members of the chat.

22-Apr-2021 17:28:28

Sihba-W

Sihba-W

Posts: 1 Bronze Posts by user Forum Profile RuneMetrics Profile
Sadly, I fell a victim to the Youtube hack. They logged into my account sold all my valuable stuff on the GE and took off with the money. They also emptied my EOC and action bar and messed up my interface. I've only played for 1 month but they were able to run away with 50M (80% of my net worth). It sucks cause I can't even report hacks on Runescape, I was able to get in contact with Mod Bones who offered his deepest sympathies.. but really no follow-up or understanding of what now. I wish I came across this forum earlier, but I was too excited about this game.

Will my account keep getting hacked? Was I used as a bot and am I at a risk of getting banned? I wish RS did a little more to help with this and gave info about what the hacker did, when did they log in, did they say stuff using my acc. I installed a pin and 2-step login now, but I still feel so disoriented every time I log in.

31-May-2021 06:45:48

Malua
May Member 2006

Malua

Posts: 43,049 Sapphire Posts by user Forum Profile RuneMetrics Profile
Sihba-W said :
Will my account keep getting hacked? Was I used as a bot and am I at a risk of getting banned? I wish RS did a little more to help with this and gave info about what the hacker did, when did they log in, did they say stuff using my acc. I installed a pin and 2-step login now, but I still feel so disoriented every time I log in. The thief did not "hack" your account, they "hijacked" it.
These two terms really do mean different methods of getting your login information.

Just because it happened once does not mean it will happen again.

You need to NEVER LET YOURSELF BE SUCKED IN BY PROMISES THAT ARE TOO GOOD TO BE TRUE and never believe anything you get shown on another website about Runescape.
If you stop yourself from being a victim to this type of deceit you will keep your account safe.

Change the password to your email.
Change the password to your Runescape account.
Make sure the new passwords are brand new, never used before and different to each other.

You said you have set up Authenticator and a Bank PIN - excellent! :)
Just make sure you do the password changes as well.
Good luck. :)
Information article on Fake websites
Forum Community Helper -
Information about Moderators and Community Helpers

31-May-2021 07:33:42 - Last edited on 31-May-2021 07:46:06 by Malua

ShroudChode

ShroudChode

Posts: 1 Bronze Posts by user Forum Profile RuneMetrics Profile
I unfortunately think I might be someone that feel for this, a similar thing happened to me and I lost all my bank today, being about a month later. I don't care too much about losing my bank but am more worried that clicking on the website they may have accessed my computer, I don't see anything weird going on with my computer but is this something that is possible/likely?

30-Jun-2021 09:26:02

Corder
Oct Member 2017

Corder

Posts: 27,892 Sapphire Posts by user Forum Profile RuneMetrics Profile
ShroudChode said :
I unfortunately think I might be someone that feel for this, a similar thing happened to me and I lost all my bank today, being about a month later. I don't care too much about losing my bank but am more worried that clicking on the website they may have accessed my computer, I don't see anything weird going on with my computer but is this something that is possible/likely? Hey,

I'm sorry to hear this happened to you, to answer your question it is possible that your device gets infected. That is why it's important to secure your device and browser as soon as it happens. Get started here

See Malua's post above for other steps to follow :) Life is like a camera: Just focus on what's important, capture the good times, develop from the negatives, and if things don't work out, take another shot !

30-Jun-2021 16:40:50

24for7

24for7

Posts: 92 Iron Posts by user Forum Profile RuneMetrics Profile
seems odd that this stuff still happens say iv not played in 6+ months and they were doing then and now im back for a bit there still shouting the same stuff and people fall for it, can you set up a auto mute for people saying it?

07-Sep-2021 22:21:54

The contents of this message have been hidden.

18-Nov-2021 05:36:38

Quick find code: 317-318-478-66190333 Back to Top