forums.rs

Forums

Jmod help plz and ty

Quick find code: 86-87-854-65804599

of 2
Ignore List
Sep Member 2011

Ignore List

Posts: 4,879 Adamant Posts by user Forum Profile RuneMetrics Profile
Dave Mercer said :
Mod Matthe said :
I have locked the account - it was clearly a hijacked PMod account.

This is why people need to use everything to protect their account. If even a pmod can get hijacked. Authenticator is best way.

Don't forget 2 step verification on your email - otherwise having Authenticator is pointless as they can disable it if they have access to your email!

Also Mod Matthe to the rescue :D
Ray
|
Need Help?
Try the Support Centre |
Owner
of Bass and Drums

21-Jun-2016 22:23:45

Lisaa
Jun Member 2014

Lisaa

Posts: 7,018 Rune Posts by user Forum Profile RuneMetrics Profile
Ignore List said :
Don't forget 2 step verification on your email - otherwise having Authenticator is pointless as they can disable it if they have access to your email!

Also Mod Matthe to the rescue :D Also don't forget that it's pointless with 2 step verification on the email because they can submit an account recovery and claim to not have access to the email address. That's how most people who have Auth are getting hacked nowadays. @Lisaa_RS - Followed by @Runescape
FashionScapers - a 9000+ Member Discord Community | https://discord.gg/fashionscape

21-Jun-2016 22:40:28

Messiah ofRS

Messiah ofRS

Posts: 1,407 Mithril Posts by user Forum Profile RuneMetrics Profile
Lisaa said :
Ignore List said :
Don't forget 2 step verification on your email - otherwise having Authenticator is pointless as they can disable it if they have access to your email!

Also Mod Matthe to the rescue :D Also don't forget that it's pointless with 2 step verification on the email because they can submit an account recovery and claim to not have access to the email address. That's how most people who have Auth are getting hacked nowadays.

That sucks had no idea... Jagex should bring back the jag guardian too that way they still need to answer the questions if they have access to your email (still need to answer question to disable it)


Edit: sorry misread if it's easy for them to submit a account recovery stating they can't access email, wouldn't that mean anyone can get hacked provided they know your password?

21-Jun-2016 23:18:59 - Last edited on 21-Jun-2016 23:22:17 by Messiah ofRS

Lisaa
Jun Member 2014

Lisaa

Posts: 7,018 Rune Posts by user Forum Profile RuneMetrics Profile
Messiah ofRS said :
That sucks had no idea... Jagex should bring back the jag guardian too that way they still need to answer the questions if they have access to your email (still need to answer question to disable it) Yeah, I know people were declined trying the NXT beta in its late stages because it asked them to deactivate JAG. Even if it's "broken" according to Jagex, it's sounding like Auth isn't that much safer.

Here's a video I found (made by A Friend), that talks about the security issues surrounding Auth:
https://www.youtube.com/watch?v=xg_we-J-wgk @Lisaa_RS - Followed by @Runescape
FashionScapers - a 9000+ Member Discord Community | https://discord.gg/fashionscape

21-Jun-2016 23:23:33

Erehk

Erehk

Posts: 15,453 Opal Posts by user Forum Profile RuneMetrics Profile
It's very far from easy for someone to hijack an account through an account recovery. They would have to know an incredible amount of information about the account, the account's creation, and the account owner.

The only real way for it to be possible is if the account owner voluntarily hands every little detail right over to a hijacker (like in the case of the streamer in that video).

Most accounts are hijacked as a result of either not having the Authenticator on the RS account, or not also having 2-step verification on the registered email.
@RS_Erehk

22-Jun-2016 02:54:00 - Last edited on 22-Jun-2016 03:02:47 by Erehk

Body btw

Body btw

Posts: 19,488 Opal Posts by user Forum Profile RuneMetrics Profile
or maybe, just MAYBE, the pmod sold the account for cheap to some chinese gold/account buying site.

naaaah nvm, no one would ever do that! x_x
"Why are you posting threads, asking questions and making discussion???"


All I do anymore is fish - 2017

22-Jun-2016 05:16:45 - Last edited on 22-Jun-2016 08:33:02 by Body btw

Fire Hawk154

Fire Hawk154

Posts: 9,001 Rune Posts by user Forum Profile RuneMetrics Profile
Erehk said :
It's very far from easy for someone to hijack an account through an account recovery. They would have to know an incredible amount of information about the account, the account's creation, and the account owner.

The only real way for it to be possible is if the account owner voluntarily hands every little detail right over to a hijacker (like in the case of the streamer in that video).

Most accounts are hijacked as a result of either not having the Authenticator on the RS account, or not also having 2-step verification on the registered email.

If nobody knows your email address, nobody can hack it. At least, that's my theory. ^_^ One of my friend's email got hacked a couple of years ago (luckily not his RS account), which was quite a valuable lesson. When a recovery question is about favourite food, don't fill in something extremely obvious.
Clan Europe Staff
|
Clan Cup Winners
|
Maxed Pure F2P

22-Jun-2016 08:43:21

L M Jane
Sep Member 2009

L M Jane

Posts: 389 Silver Posts by user Forum Profile RuneMetrics Profile
I got something similar thru Facebooks messenger one night & sent a copy to a pmod friend of mine. I already figured it was bogus concidering I didn't know who the jmod was & never heard of their name & how on earth would they get my messenger since that isn't even under my Jagex name lol.

23-Jun-2016 04:32:37

Quick find code: 86-87-854-65804599 Back to Top