Forums

Account has been cleared

Quick find code: 408-409-172-66288585

meeeesh

meeeesh

Posts: 1 Bronze Posts by user Forum Profile RuneMetrics Profile
I've recently started playing OSRS again and thought I'd login back to my OG RS account to my disbelief as all my valuables including my SANTA was gone. Checked my bank for all my items and GP to find it all gone. I looked at previous GE sales and it had been sold. My email and mobile had not been compromised so nothing would suggest why I had been phished. No one even knew I owned a santa. I can only assume a Mod has done this as my account was inactive for a very long time (last log in was 1277 days ago from the time this is posted). This is the only time the account has been compromised in over 13 years of existence!

I'm getting back into the game so could a Mod please confirm the following:
- when were the GE sales made?
- the last several accounts it had traded with?
- is it possible to get all my lost items and GP back?
- IP address of where my account was logged in (the last 5 times)?

I assume what's happened is everything of value has been sold and the GP has been traded over to another account. I'm hoping Jagex's security will improve.


side note: how do I attach screenshots to prove what was sold on GE?

11-Oct-2023 14:48:32 - Last edited on 11-Oct-2023 14:49:56 by meeeesh

Mrs Ana

Mrs Ana

Posts: 9,010 Rune Posts by user Forum Profile RuneMetrics Profile
Hey, meeeesh.

Unfortunately, according to the Lost items Support article, items that are lost due to a hijacking or scamming event may not be returned. Furthermore, the information that you are requesting cannot be obtained from Jagex, only with a court order, if applicable.

My suggestions to you are to review the overall security of your account ( Security tips ) and to upgrade your account to a Jagex Account if you haven't already done so: Upgrade your RuneScape character to Jagex account . You will be provided with the best security settings.

11-Oct-2023 19:19:29

Gil Webber

Gil Webber

Posts: 26 Bronze Posts by user Forum Profile RuneMetrics Profile
can't remember how many years ago it was, but Jagex had a security breach and as a result p-words and account names were compromised (I don't think any payment info was affected). They sent out numerous emails to ALL accounts giving all the details of what happened and made the suggestion of updating your p-word and changing your e-mail

long story short ... I ignored those warnings and continued playing, a number of months passed (maybe a year or more) and I forgot all about the breach ... UNTIL !!!!!!

until I logged in one day and found myself at the Shanty Pass in Al Kharid ... that was odd because I had just logged out at Catherby the night before (I was chopping yews) ... it was then that I noticed my pocket change of a few million dollars was missing. I quickly hit the bank chest I was standing next to and guess what ... everything was gone .... all my money, all my weapons, all my armour, a hundred thousand logs, tens of thousands of runes ... everything was gone .... then it dawned on me

the security breach ...

I shot off a message to Jagex explaining what had happened. I told them that i KNEW I could not get my stuff back (didn't care, after all - I was warned to change my p-word) ...

I ALSO asked them to track down the last IP address that used my account and go after them

that was about 18 months (or so) ago ... never heard back from Jagex

I can only guess that it has taken someone this long to finally gotten around to your account (or some time within the last 1200+ days ... 4 years) ...

change your email, change your p-word, update to a Jagex account, use the Authenticator code ... it may seem like a waste of time to do all that now, but if someone has access to your account, then the above tips will help to secure the future of your account

BTW ... it took me more than 15 years to get where I was before my mishap ... but only 18 months to RE-GAIN nearly everything that was stolen from me ... so hang in there, all is not lost
It's not who I am under the mask ... but what I do that defines me

13-Oct-2023 09:41:08

Malua
May Member 2006

Malua

Posts: 43,113 Sapphire Posts by user Forum Profile RuneMetrics Profile
Grim al Kin,
when I read your post I thought, this did not happen. There has been no breach of Runescape passwords and account names.

You need to check that email you received about changing your password and email again.
Did it come from Jagex?
Maybe the email itself was a phish.
I recommend you read the Is this a Jagex email? [Info] thread.

I feel you did not dig deep enough when the hijack happened and never found the source of the hijack. But I assume you did a security review and made your account stronger and the hijacker has not returned.

Re: the email you sent to Jagex:
If you reported the hijack, Jagex typically does not reply however they WILL have tracked the source of the activity on your account.
Why don't they reply?
They legally cannot inform you about the details of the investigation they did.
Forum Community Helper -
Information about Moderators and Community Helpers

13-Oct-2023 13:22:11

Gil Webber

Gil Webber

Posts: 26 Bronze Posts by user Forum Profile RuneMetrics Profile
we're getting off the subject here ... BUT !!!

Since you can't recall Jagex ever having a security breach, I went hunting on the old inter-web for info (I'll show her that I THINK I know what I'm talking about - LOL) .... anyways, I did not find any info that a breach had ever taken place

instead, I did find several mentions of a certain Mod getting fired for messing with accounts (I'm not mentioning any names for my own reasons ... let's just say it involved RWT, the police and a whole lot of speculation)

I also ran across an old Reddit post (on r/runescape ... about 3 years ago) about a massive amount of OLD accounts that suddenly started receiving p-word recovery e-mails from "no-reply@jagex dot com" (it seems that the majority of these accounts did not use an e-mail to log-in, but instead used their "original" screen name to log-in) ... several Mods did post on this thread, stating "that Jagex was aware of the situation and were actively investigating the problem" ... they also asked for anyone to "screenshot the email (subject line and all), and send it to [email protected], so it could be used to help in the investigation"

don't get me wrong here .... I don't recall any of those things happening (BUT THEY DID)

AS FOR THE E-MAIL I RECEIVED (I'm thinking around 2015-2016 ish) ... I no longer have access to THAT PARTICULAR single piece of e-mail, as when I read it, it talked about a possible security breach and suggested that I change my p-word and e-mail ... I tossed it into the trash and never thought about it again, until a few years later

as to where it came from ... I'm pretty certain it came from Jagex dot com, I never replied to it, I never clicked on any links, I just simply opened it, read it and moved it into the trash bin

how could I "dig deeper" into the hijacking ??? I had no access to what IP address had accessed my account, only Jagex has that information, and they would not and WILL NOT share that info ... so how could I "dig deeper" ???
It's not who I am under the mask ... but what I do that defines me

13-Oct-2023 21:03:14

Asahel Frost
Dec Member 2007

Asahel Frost

Posts: 16,541 Opal Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
I also ran across an old Reddit post (on r/runescape ... about 3 years ago) about a massive amount of OLD accounts that suddenly started receiving p-word recovery e-mails from "no-reply@jagex dot com" (it seems that the majority of these accounts did not use an e-mail to log-in, but instead used their "original" screen name to log-in) ... several Mods did post on this thread, stating "that Jagex was aware of the situation and were actively investigating the problem" ... they also asked for anyone to "screenshot the email (subject line and all), and send it to [email protected], so it could be used to help in the investigation"

don't get me wrong here .... I don't recall any of those things happening (BUT THEY DID)

AS FOR THE E-MAIL I RECEIVED (I'm thinking around 2015-2016 ish) ... I no longer have access to THAT PARTICULAR single piece of e-mail, as when I read it, it talked about a possible security breach and suggested that I change my p-word and e-mail ... I tossed it into the trash and never thought about it again, until a few years later

as to where it came from ... I'm pretty certain it came from Jagex dot com,

The 'from' address on an email is easy to fake, so never rely on that to judge the authenticity of an email. All the emails you mention above are most likely phishing emails.
Glad to be of service :) (Powered by GPP™ - Share and Enjoy!)
Official Community Helper
( Info )
Discord: Asahel Frost
FC: SilverScaper

13-Oct-2023 21:38:19

Quick find code: 408-409-172-66288585 Back to Top