This is posted to warn all players about a potential threat to Scam Runescape Passwords, that is currently happening.
I have heard some Fansite Forums are being attacked by users who post topics with links that look like an official forum link, but it is not, and if you type your password in there your password will be stolen.
The links look like official forum links, but If you hold your mouse over the link you can see at the bottom that it is not an official forums link but a re-direct.
Many people have been scammed by this apparently, and everything is being done by the Fansite Staff of various forums to stop this, but these scammers are creating new accounts by the minute and continuing.
I advise players to not follow any links on any sites especially sent through Pm from those you do not know and to double-check the link, but to log into the Runescape Forums the Correct way only to access forums.
(This is a copy/paste from elsewhere that I edited slightly)
This is from Tip It where most scammers go first to attack as it is among the biggest and their warning to forumers.
Full Version: Beware: Some Fansites Hacker Attacks
Addition: if you happen to receive a suspicious PM, take a screenshot (if possible) and, if possible, conserve the PM in your inbox for a few days (IP checks and such, done by Sal).
Would it be possible to stop new accounts from registering temporarily since that might be the best course of action if an Admin can get on?
QUOTE (Cxkslei @ Nov 12 2008, 03:23 PM) 
Would it be possible to stop new accounts from registering temporarily since that might be the best course of action if an Admin can get on?
Wouldn't that be over-overkill?
QUOTE (Arianna @ Nov 12 2008, 09:28 AM)
QUOTE (Cxkslei @ Nov 12 2008, 03:23 PM)
Would it be possible to stop new accounts from registering temporarily since that might be the best course of action if an Admin can get on?
Wouldn't that be over-overkill?
Depends on how much you value security. It would be over overkill but it's still a temporary fix which should be able to be easily removed to prevent the scenario from happening to anyone here. From a buisness perspective, people that want to use said place 'site' would hate you - 'temporarily' but you remove said risk of accounts being hacked. Depends on how you want to look at it.
this is a bad issue but not everyone would see this wouldn't it be better to put this warning up as a site announcement so most people could see this after this has been properly confiremed
The thing is, Sals has admin verification which would hinder 99% of it anyways, I am doubting that tip it could boast the same for their 300k+ forumers...
There is no harm in letting people know what is going on around the fansites and make sure none slip through the net here and get hold of someones account.
Shutting down the forums completely to new members would effectively kill them, maybe not today or tomorrow but I have seen what happens when the same people are on a board by themselves...
I say we leave the forums open to new blood, if they have to have their accounts verified which could take hours they will go somewhere else for an easier score..wouldn't you?
I was considering where to put this before and 2 choices came up, here and the board announcements...it isn't such a bad idea so I will move this there and see if more people get to see it
There is no harm in letting people know what is going on around the fansites and make sure none slip through the net here and get hold of someones account.
Shutting down the forums completely to new members would effectively kill them, maybe not today or tomorrow but I have seen what happens when the same people are on a board by themselves...
I say we leave the forums open to new blood, if they have to have their accounts verified which could take hours they will go somewhere else for an easier score..wouldn't you?
QUOTE (dei wei @ Nov 12 2008, 07:40 PM)
this is a bad issue but not everyone would see this wouldn't it be better to put this warning up as a site announcement so most people could see this after this has been properly confiremed
I was considering where to put this before and 2 choices came up, here and the board announcements...it isn't such a bad idea so I will move this there and see if more people get to see it
If you're not sure about a link, quote the person. For example; I could link to youtube like this:
http://runescape.salmoneus.net/forums/inde...howtopic=247306, although it seems to be to this topic.
http://runescape.salmoneus.net/forums/inde...howtopic=247306, although it seems to be to this topic.
this happened to me beaware i thought they was telling truth 
got account back now wub:
got account back now wub:
That really is terrible! Thanks for the heads up alot Spar and everyone!
I think we probably are more safe, but this could still be an issue. Hacking for the loss.
It is the first time I've said this in a while about someoen other than myself
But What A Noob they are.
I think we probably are more safe, but this could still be an issue. Hacking for the loss.
It is the first time I've said this in a while about someoen other than myself
But What A Noob they are.
in an emergancy defense move I am going back into hiding, lol i'm joking, I only use this forum for advice, my own events, fun and games and the news announcements....
This is horrible. I will not click another link on this site, unless it's a forum. I think we should un-allow them to join so they will go to other people. We should alert the other fan-sites though.
QUOTE (- Penguin - @ Nov 12 2008, 08:32 PM)
This is horrible. I will not click another link on this site, unless it's a forum. I think we should un-allow them to join so they will go to other people. We should alert the other fan-sites though.
There is no way to "unallow" them to join, they wouldn't exactly come and register with a name such as "scamsite1" "scamite2" and so on lol
The only thing that will achieve is blocking genuine people who want to join, by being vigilent and reporting dodgy PMs, posts and topics is the only way it can be done effectively
dang, so this is a link found where exactly, on a typo site, or fan site forums... and how long has this been going on for 
, thanks for answers if you can pplz
Just what we need, oh well hopefully there won't be too many incidents here thanks to admin verification (for those who don't know it means sal has to check and validate each validating member before they can become a regular forumer). With any luck this will blow over soon.
So, from what I'm interpreting, that we should carefully look at links, because some links have keyloggers?
OR
We should look carefully at links, because some have a username-password type in.
OR
We should look carefully at links, because some have a username-password type in.
I'll be keeping my eyes open. 
Thanks I'll watch for it.
Edit:
Seems if you hover over link a small box appears showing you the real linked site. Well for me anyway.
Edit:
Seems if you hover over link a small box appears showing you the real linked site. Well for me anyway.
QUOTE
QUOTE (-Nacho Ninja- @ Nov 12 2008, 08:55 PM)
So, from what I'm interpreting, that we should carefully look at links, because some links have keyloggers?
OR
We should look carefully at links, because some have a username-password type in.
OR
We should look carefully at links, because some have a username-password type in.
Basically when you are about to click a link, just hover your pointer over it for a second or two and it will show the true address of where you are going, either right over the link or in the bottom of your browser window
And in answer to the post just upwards, this has been going on about 24 hours or so that I know of...but since you now know of it you shouldn't have too many problems
Silly skiddies.
Jeez Spar, you seem so excited, all those run-on sentences. Don't worry, I don't really even bother with the Official forums anymore.
Declare war on Hackers! This happend on a forum I went to long ago and they posted naughty pictures!
I WAS SCARED FOR LIFE!
I WAS SCARED FOR LIFE!
I hate hackers. Guess i'm going to have to be careful every time someone posts a link. Have the hackers invaded sals?
This dosent sound all that good, i tried clicking on the link (hear me out) and nothing happened on my comp, it said "firefox cannot find that page" (the one on tip.it)
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
I remember we had something like this earlier this year. I forgot when, though.
No messages so far, though.
No messages so far, though.
Thanks for the warning, Sparhawke. I'll be sure to report the person if this happens to me! 
QUOTE (MrGandW1 @ Nov 12 2008, 09:10 PM)
This dosent sound all that good, i tried clicking on the link (hear me out) and nothing happened on my comp, it said "firefox cannot find that page" (the one on tip.it)
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
They changed the redirect address to "scamsite" to show what they meant, it is easier to show someone than tell them
So this is for RuneScape forums only? Well, I don't get on the officials. Do I have anything to worry about? 
QUOTE (Sparhawke @ Nov 12 2008, 04:17 PM)
QUOTE (MrGandW1 @ Nov 12 2008, 09:10 PM)
This dosent sound all that good, i tried clicking on the link (hear me out) and nothing happened on my comp, it said "firefox cannot find that page" (the one on tip.it)
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
i dont know if it is just me, or all firefox users, but it may not work on firefox.
only advice i can give is to check the the text down at the bottom of the screen.
They changed the redirect address to "scamsite" to show what they meant, it is easier to show someone than tell them
no wonder it didnt work...
im so dumb
but, yeah, remember to check the link down at the bottom of the page
Thanks for the warning... Any accounts that post this will have their IP's BANNED! YOU HEAR ME!?!?!? BANEED!!!!!!!!!!!!!
Thanks Spar...
And Sal <3
~Vincent
Thanks for the warning... Any accounts that post this will have their IP's BANNED! YOU HEAR ME!?!?!? BANEED!!!!!!!!!!!!!
Thanks Spar...
And Sal <3
~Vincent
Thanks Spar...
And Sal <3
~Vincent
Thanks for the warning... Any accounts that post this will have their IP's BANNED! YOU HEAR ME!?!?!? BANEED!!!!!!!!!!!!!
Thanks Spar...
And Sal <3
~Vincent
I don't know why you'd get a PM from someone who isn't your friend or a mod, so people will just use common sense and not click on a link that's been sent to you like that. Now that people are aware of this 'danger', we won't go opening links that were sent by strangers.
Ip ban them, disallow them to post links to whatever site it is or make members need like 50+ post count to post links = problem solved.
QUOTE (Josh @ Nov 12 2008, 09:44 PM)
Ip ban them, disallow them to post links to whatever site it is or make members need like 50+ post count to post links = problem solved.
Ip ban, they'll just use proxies. And i really doubt its possible to restrict them from posting links.
Idea: Put all PMs from new members with less than 10 posts under watch.
SO if there's a link, then if you just typed the link into your adress bar it should be okay (providing it's something like. *forums.runescape.com/topicjosh-is-awesome* as then it won't redirect?
~Josh
~Josh
I have a temptation to virus scan my computer . It seems rather odd to me though that we just hear of this now. Ive heard of hackers getting on forums and posting links to keyloggers before.
. It seems rather odd to me though that we just hear of this now. Ive heard of hackers getting on forums and posting links to keyloggers before.
QUOTE (Amanda @ Nov 12 2008, 09:46 PM)
And i really doubt its possible to restrict them from posting links.
It is.
QUOTE (Chocolate)
*forums.runescape.com/topicjosh-is-awesome*
Thanks, I know I am.
I had my account hack too. And i'm glad that SOMEONE actually figured this out. And to all Runescape player: DO NOT CLICK ON ANY LINKS UNLESS IT FROM www.runescape.com don't fall victum to this scam. And plus if you look at the Link in Tip.It you see at the bottom of your screen when you put your mouse over it says :
If you can't read my hand writting it say. www.scamsite.com (<- DON'T CLICK!!!!) Very Suspicious. hmmmmmmmmm?
So the link at the bottom is avious that it's a scam site. No i'm not being a smart ellic i'm just stating my opinion.
If you can't read my hand writting it say. www.scamsite.com (<- DON'T CLICK!!!!) Very Suspicious. hmmmmmmmmm?
So the link at the bottom is avious that it's a scam site. No i'm not being a smart ellic i'm just stating my opinion.
Durn haxxors.
*grabs a stake and torch*
*grabs a stake and torch*
OH LAWDY, DRAMA IN THE PLAYHOUSE!?
It's called common sense, I know a lot of you think OMG HAXORS IN MY RENESKEP ACCOUNT I BETTAR RUN.
"Hackers" can't hack into the Runescape database. Think about it, if someone could "hack" into the file-base of Jagex, a company who makes millions, which they could probably gain access to, why would they want to steal some 12 year olds account?
It's not "hacking" its just being deceitful and intelligent to get skiddies to give in their password.
How to fix the problem;
Install CommonSense v1.0
lrn2read (URL bar.)
It's called common sense, I know a lot of you think OMG HAXORS IN MY RENESKEP ACCOUNT I BETTAR RUN.
"Hackers" can't hack into the Runescape database. Think about it, if someone could "hack" into the file-base of Jagex, a company who makes millions, which they could probably gain access to, why would they want to steal some 12 year olds account?
It's not "hacking" its just being deceitful and intelligent to get skiddies to give in their password.
How to fix the problem;
Install CommonSense v1.0
lrn2read (URL bar.)
Wow never thought anything like that is posible but thanks for warning. IM new to forums but you can search me on highscores and see that im not so new to runescape. I might even make some guides.
This topic makes me hesitent to click on the link YOU posted, darn you Sparhawk *shakes fist* I sure hope they dp not infiltrate Sals , thanks for the warning though, some moderator should make an undercover account and try to find the people that do this and when they get their passwords stolen, they should remove those people from the forums 
, thanks for the warning though, some moderator should make an undercover account and try to find the people that do this and when they get their passwords stolen, they should remove those people from the forums
I got hacked (I didn't lost my account) and then Salmoneus were attacked by stupid hackers who breaks the laws?! Why can't people add the "spy thing" like you can spy on the IP address from the hacker and then find that hacker in real life and then get him jailed.
I'm not gonna click ANY links. I will not.
-Cake
I'm not gonna click ANY links. I will not.
-Cake
Thanks for the heads up!
In order do defeat a hacker/One must think like a hacker
If i was a hacker i would have key loggers install themselves on visitors to the scam sites computer. Then transfer that key logger onto all posts they make. The more they warn people the faster people get hacked.
I'm to smart for my own good!
If i was a hacker i would have key loggers install themselves on visitors to the scam sites computer. Then transfer that key logger onto all posts they make. The more they warn people the faster people get hacked.
I'm to smart for my own good!
This is serious business.
QUOTE (Drebin @ Nov 12 2008, 06:37 PM)
OH LAWDY, DRAMA IN THE PLAYHOUSE!?
It's called common sense, I know a lot of you think OMG HAXORS IN MY RENESKEP ACCOUNT I BETTAR RUN.
"Hackers" can't hack into the Runescape database. Think about it, if someone could "hack" into the file-base of Jagex, a company who makes millions, which they could probably gain access to, why would they want to steal some 12 year olds account?
It's not "hacking" its just being deceitful and intelligent to get skiddies to give in their password.
How to fix the problem;
Install CommonSense v1.0
lrn2read (URL bar.)
It's called common sense, I know a lot of you think OMG HAXORS IN MY RENESKEP ACCOUNT I BETTAR RUN.
"Hackers" can't hack into the Runescape database. Think about it, if someone could "hack" into the file-base of Jagex, a company who makes millions, which they could probably gain access to, why would they want to steal some 12 year olds account?
It's not "hacking" its just being deceitful and intelligent to get skiddies to give in their password.
How to fix the problem;
Install CommonSense v1.0
lrn2read (URL bar.)
You aren't comprehending what is happening at the moment, you made yourself look like a complete fool.
QUOTE (Spleen Cake @ Nov 12 2008, 06:59 PM)
I got hacked (I didn't lost my account) and then Salmoneus were attacked by stupid hackers who breaks the laws?! Why can't people add the "spy thing" like you can spy on the IP address from the hacker and then find that hacker in real life and then get him jailed.
I'm not gonna click ANY links. I will not.
-Cake
I'm not gonna click ANY links. I will not.
-Cake
You may click links, just be sure that they're from people you trust, come on.
QUOTE (Jr Josh @ Nov 12 2008, 08:36 PM)
This is serious business.
Well played.
Thank for the heads up and i'm guesing this isn't fun and games. Do we have ppl tht look into this stuff?
Will keep my eyes open for any suspicous pm's ty.
Jodragonfire
Will keep my eyes open for any suspicous pm's ty.
Jodragonfire
I'll keep on the lookout for these and alert anyone if needed. Thanks for the warning!
Finally, a perk of having a perpetually full inbox!
Still...yikes. Better keep a lookout, everyone.
Still...yikes. Better keep a lookout, everyone.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.