There are so many people out there getting their accounts wiped / hacked per day due to many of these methods and I hope that making this thread will help at least a few of those people. A lot of this guide is copied and pasted straight from the runescape website.
The 'hacked/free tribot client'
If you've ever downloaded a version of a 'hacked' or free VIP version of Tribot, then you've been deceived. There is no working crack of Tribot, every single youtube video is a lie. All the latest and greatest Tribot hacks are just Viruses or Phishers. The only place you should ever download Tribot is from Tribot.org.
furthermore if you have clicked any of the following links in the past 6 weeks, you have been a victim of a Scammer.
- RS Gold Generator
- RS Gold Hack
- RS Level Hack
- RS Hack
- RS Pin Generator
- RS Money Duper
- RS Membership Hack
- RS Mod Hack
- RS4 Beta Testing
- Signed up for any RSBot except for Tribot.
- RS Exploit
- RS Cheat Engine
- RS Damage Hack
- IDungeon Bot
- Any bot advertised in game
The email phishing scam
Scammers will send you emails that appear to be from runescape itself. If you click the links on these emails then you will be forwarded to a site that will attempt to steal your information.
I probably get about 15 or so of these a day. Normally they are sent to my spam filter but occasionally they manage to sneak in to my main inbox. The easiest way to tell if it's a real email is that the real ones will contain your IN-GAME NAME.
When reading an email that appears to be from Jagex, check that it makes sense! We don’t want to make a bad impression, so when we contact you through email, we will always use the correct spelling and grammar. If it looks to be written by a 5 year old then don’t trust it.
Pretty much every phishing email you see will have a hyperlink which will direct you to a malicious version of the RuneScape website.
NEVER click on these links!
If you are unsure, you can hover over the link with your mouse and your browser will display the actual location of the URL at the bottom of your screen. If this address differs significantly from what is shown in the email, do not visit the site.
There are some occasions where we will want to reach out to you through your email address and when we do, I can promise we WILL NOT contact you about the following:
Offering you Moderator status
Verifying account details/requesting identity that you are the account owner
Your account being suspended, muted or banned for any reason
Your account being about to "receive an infraction"
To recover your password (if you haven't requested it)
Confirm a change of e-mail address if it was not requested
Selling your RuneScape account, real world trading or that Jagex has a lawsuit against you
Passwords expiring or being wrongly entered
Account intrusion/unusual activity on your Account
Eligibility for a free gift
Most phishing is done by posting threads to something that people would generally like to see on forums like these. It's pretty easy to know what is real or fake because all you have to do it scroll over it or copy the link into notepad and make sure it's runescape.com. If you spot a phisher, it's good to report it to it's host so it is taken down.
Use Chrome, Use Chrome, Use Chrome. Seriously go install it right now. Chrome has removed Java Applet support and has excellent phishing protection.
Click the spanner (or wrench) icon in the top right of your browser
from the options menu at the left of the window choose Under the Hood and check "Enable phishing and malware protection"
Be smart. Only enter your runescape password on runescape.com.
General Account Safety
- Never give your password to anybody
- Make your runescape password different than every site you use.