Jump to content

[INFORMATION/WARNING]RuneScape Phishing Mails


Dropbox

Recommended Posts

Hello,
 
A lot of users are getting emails from Jagex / RuneScape that there account has received an infraction. This emails are only trying to steal your RuneScape login details.
 
Jagex will NEVER contact you by email, Jagex will ALWAYS use the RuneScape Message Center to contact you about offences or other things.
 
Here are some examples of Phishing-mails:

Greetings, 

We regret to inform you that your account has received an infraction due to a major macroing offence. Please visit the appeal section under Account Management to view evidence of your infraction(s) and to appeal any infraction(s) that you feel were unjustified. 

To view the evidence please click the link below or copy and paste it into your browser: 

hxxps://[scamSite]scape.com/m=weblogin/loginform.ws?mod=offence-appeal&ssl=1&expired=1&dest=account_history.ws < Phishing

Please note: Due to a recent bug in our infraction system, some accounts may have received a void infraction. The majority of void infractions have been removed but we cannot ensure that all infractions have been removed. We urge you to visit the appeal section to appeal any unjustified infractions received due to system errors. 

If you don't have any infraction then please ignore this email and we sincerely apologise for the inconvenience we may have caused you. 

Kind regards, 
RuneScape Account Support


© 2014 Jagex Ltd. Jagex® and RuneScape® are registered trademarks of Jagex Ltd in the United Kingdom and trademarks used in other countries of the world. 

This is a service email, you have not been subscribed to any mailing lists and there is no need to unsubscribe. View our Privacy Policy. To ensure you always receive your RuneScape account emails to your inbox, please [email protected] to your address book. 

Jagex Ltd. St John's Innovation Centre, Cowley Road, Cambridge CB4 0WS United Kingdom

 

 

Greetings, 

We regret to inform you that your account has received an infraction due to a major macroing offence. Please visit the appeal section under Account Management to view evidence of your infraction(s) and to appeal any infraction(s) that you feel were unjustified. 

To view the evidence please click the link below or copy and paste it into your browser: 

hxxps://[scamSite]scape.com/m=weblogin/loginform.ws?mod=offence-appeal&ssl=1&expired=1&dest=account_history.ws < Phishing link

Please note: Due to a recent bug in our infraction system, some accounts may have received a void infraction. The majority of void infractions have been removed but we cannot ensure that all infractions have been removed. We urge you to visit the appeal section to appeal any unjustified infractions received due to system errors. 

If you don't have any infraction then please ignore this email and we sincerely apologise for the inconvenience we may have caused you. 

Kind regards, 
RuneScape Account Support
 © 2014 Jagex Ltd. Jagex® and RuneScape® are registered trademarks of Jagex Ltd in the United Kingdom and trademarks used in other countries of the world. 

This is a service email, you have not been subscribed to any mailing lists and there is no need to unsubscribe. View our Privacy Policy. To ensure you always receive your RuneScape account emails to your inbox, please add[email protected] to your address book. 

Jagex Ltd. St John's Innovation Centre, Cowley Road, Cambridge CB4 0WS United Kingdom

A new version tells you to confirm a email change:
 

 

 

 

Hi,

We have received a request to register this email address for your account. if this change was NOT requested by you please click here:

hxxps://[LikelyScam]/m=weblogin/loginform.ws?mod=www&ssl=0&dest


Kind regards,
RuneScape Account Support


© 2015 Jagex Ltd. Jagex® and RuneScape® are registered trademarks of Jagex Ltd in the United Kingdom and trademarks used in other countries of the world.

This is a service email, you have not been subscribed to any mailing lists and there is no need to unsubscribe. View our Privacy Policy
. To ensure you always receive your RuneScape account emails to your inbox, please add [email protected]
to your address book.

Jagex Ltd. St John's Innovation Centre, Cowley Road, Cambridge CB4 0WS United Kingdom

 

 

In all examples, all links are disabled.

 

Please forward the full email to reportphishing@jagex.com so they can take action against this.

See here the difference of a Phishingand official website:
554e451beb7ec-Screenshot_135.png
554e452f7f973-Screenshot_136.png
554f9078270cf-Screenshot_137.png
Please check the link and be safe!

 

 

Oh another note, when forwarding emails to Jagex, you should view the full header and paste it into the email so they can track down the scoundrels and possibly take some action - otherwise all they really have is the message body, which is great to be aware of a new scam and pass on to players, but gives them no idea who the actual sender is.

  • Like 1

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

All good points - I did break the links though, as they were being processed/appearing live.

"Fight for what you believe in, and believe in what you're fighting for." Can games be art?

---

 

 

cWCZMZO.png

l1M6sfb.png

My blog here if you want to check out my Times articles and other writings! I always appreciate comments/feedback.

Link to comment
Share on other sites

All good points - I did break the links though, as they were being processed/appearing live.

Thanks! :wub:

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

I still see scammers advertise links to their clan page on a fake duplicate of the RuneScape website. :angry: Once logged in one's account details is considered gone. Good post @Dropbox, it is great to spread awareness because this still goes on.  :ohnoes:

irs.png

Check out my upcoming Progress thread in the spoiler!

 

imperatorrssig.png

*Currently postponed until further notice

   

Link to comment
Share on other sites

I still see scammers advertise links to their clan page on a fake duplicate of the RuneScape website. :angry: Once logged in one's account details is considered gone. Good post @Dropbox, it is great to spread awareness because this still goes on.  :ohnoes:

Thanks! :wub:

Phishing, not phising

Sorry, fixed. Can't edit title.

 

#buysticky

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

Actually, Jagex does email you sometimes, but only in accordance with Authenticators and other stuff. 

 

Yeah, I have about 100 of those in my junk email box right now.

j0xPu5R.png

Link to comment
Share on other sites

I've also heard of people using Youtube as a way to get info to your account... so that's why I don't search or look up any Youtube videos sent by random players (except if it's a RS video maker that's well known) or what's said in chatbox that appears to claim to be having a "giveaway" or "contest" of some sort.

 

And Skype too. 

 

I know that if you hover your mouse on the link, doesn't it show the actual link? 

Scapin' since September 2007 and Hardcore Ironwoman since October 2014.

Link to comment
Share on other sites

Yep, if you hover over the link it will show the true path, or you can right click and choose 'Copy Link Address.' Often it's a subtle difference to someone taking a quick look though, and that's what they prey upon. :(

"Fight for what you believe in, and believe in what you're fighting for." Can games be art?

---

 

 

cWCZMZO.png

l1M6sfb.png

My blog here if you want to check out my Times articles and other writings! I always appreciate comments/feedback.

Link to comment
Share on other sites

Good thing to spread awareness, and I thought it had been like that for very long. I've been getting rs and wow phishing emails for years, although I don't even have a wow account.

Link to comment
Share on other sites

Oh another note, when forwarding emails to Jagex, you should view the full header and paste it into the email so they can track down the scoundrels and possibly take some action - otherwise all they really have is the message body, which is great to be aware of a new scam and pass on to players, but gives them no idea who the actual sender is.

  • Like 2

"Fight for what you believe in, and believe in what you're fighting for." Can games be art?

---

 

 

cWCZMZO.png

l1M6sfb.png

My blog here if you want to check out my Times articles and other writings! I always appreciate comments/feedback.

Link to comment
Share on other sites

Actually, Jagex does email you sometimes, but only in accordance with Authenticators and other stuff. 

 

Yeah, I have about 100 of those in my junk email box right now.

Cool. :)

 

I've also heard of people using Youtube as a way to get info to your account... so that's why I don't search or look up any Youtube videos sent by random players (except if it's a RS video maker that's well known) or what's said in chatbox that appears to claim to be having a "giveaway" or "contest" of some sort.

 

And Skype too. 

 

I know that if you hover your mouse on the link, doesn't it show the actual link? 

Yes, if you hover your mouse on the link it shows the website where it links to, see this example:

https://www.google.com > You will see it doesn't link to Google.com but Tip.it

 

Yep, if you hover over the link it will show the true path, or you can right click and choose 'Copy Link Address.' Often it's a subtle difference to someone taking a quick look though, and that's what they prey upon. :(

True.

 

Good thing to spread awareness, and I thought it had been like that for very long. I've been getting rs and wow phishing emails for years, although I don't even have a wow account.

I'm getting also emails from a Dutch bank (Rabobank) with the signature of the ING Bank; seems very legit. :P

 

Oh another note, when forwarding emails to Jagex, you should view the full header and paste it into the email so they can track down the scoundrels and possibly take some action - otherwise all they really have is the message body, which is great to be aware of a new scam and pass on to players, but gives them no idea who the actual sender is.

I've added this to the first post, thank you!

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

I've added a new kind of phishing, this one ask an email confirmation because you have changed it.

If you didn't change it, ignore the email and if you changed it CHECK THE LINK!

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

I've spotted an phising website which uses also httpS:// which users let think it's safe, it's NOT! I've putted the phishing link and the official link on the same image to see the difference.

Phising website will link to RuneScape.com itself without the extra information, I've tested that before I shared.

554f9078270cf-Screenshot_137.png

5502f35d690a3-Screenshot_62.png

Sometimes I like to dig a hole in the ground and pretend I'm a carrot.

userbar_350.gif

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.