Security considerations
Posted: Wed Aug 01, 2012 1:57 pm
Source: RSOF Clan Leader's Forum (Authored by Forum mod: Archaeox)
Uncle Arch's Security Corner
Some of the dangers
---------------------------
It's a dangerous ol' world out there, and if you're not careful, even something simple can lead to your computer being infected with a keylogger or worse.
* Visit a website that uses banner ads provided by another company... and there's a risk that an infected banner ad will use a script to infect your computer. This has happened in the past even to respectable Fortune 500 companies, and well-known web portals!
* Visit an RS-related scam site or gold-selling site... and there's a high risk that the site owner is using scripts to infect your computer. This shouldn't be a surprise - the people who run such sites are criminals (as a minimum they're breaking their contracts with Jagex, and many are involved in international credit card fraud).
* Use your RS login details on any other website, and there's a danger that either the owner is logging them, or that the site is compromised by a hacker who will steal them. You may trust the site owner... but you have NO WAY of verifying their back-end site security! (This has happened on popular fansites in the past!)
* Click on a malicious weblink or open a file sent to you by someone else, and there is a risk of infection.
* Download any software at all, and there's a risk that it carries a malicious payload (heck, even one of NASDAQ's executive tools got hit like this recently...).
* Your IP address can be revealed by using IRC channels, or through voice chat servers hosted by the dishonest. This in turn can make you vulnerable to Denial of Service attacks and even direct hacking.
So you need to be careful!
Preventative measures
-----------------------------
To help protect yourself, you can do the following:
* Install a script blocker on your browser, and learn how to use it (NoScript for Firefox is a good example).
* Install an advert blocker on your browser, to block malware-infected adverts (e.g. AdBlock Plus for Firefox). [*cough* you'll need to leave the RS site unblocked to stay within the game rules]
* Make sure you have a proper antivirus and firewall; learn how to use them, and update them regularly. Choose an antivirus that includes link checkers for popular search engines (e.g. AVG or McAfee).
* Get some anti-malware software as well, learn how to use it, and update it regularly. MalwareBytes and Spybot Search & Destroy are good examples of this type of software.
* Keep your operating system fully patched.
* Set an RS bank PIN!
* Don't open attachments if you don't know what they are, and scan before opening if you think you *do* know what they are.
* Don't visit scam sites, RS gold sites etc., even if it's "just to see what they look like". It's an unjustifiable risk.
* Don't download RS-related software (clients, bots), many are laced with malware.
* Don't use easy-to-guess passes, PIN or recovery questions. Make them unique to you.
* Never, ever share pass or recovery question info with anyone else. And make sure they don't use information that you have made available on social networking sites!
* Never give out the email address you registered for RS with. Use a disposable address instead.
* Use different passes for EVERY site you use! Try to use different login names too.
* Don't write your passes down - someone will find them, however secret you think your hiding place is... You have a brain, use it!
* Change your passes from time to time (as long as you are SURE you have no infection when you do!)
* Your login name and your in-game (screen) name don't have to be the same! Changing your screen name can confuse potential hijackers
What to do if your account is hijacked
-------------------------------------------------
Step I: find the keylogger
* Update your antivirus program
* Update your anti-malware program
* Come OFFLINE and run your antivirus and anti-malware programs. Anti-rootkit scans may need to be done manually (e.g. in AVG), so check!
* Use the task manager (press CTRL, ALT and DELETE simultaneously) to identify any remaining unknown processes. There's plenty of information online to help you work out which ones are genuine, and which are fake (even if they look genuine!)
* If you still didn't find anything, use online antivirus checks such as those provided by Trend Micro, Kaspersky Labs, Symantec, McAfee etc. (remember that some malware can disable or effectively hide from your own antivirus!)
Step II: recover the account
ONLY do this once you have identified and removed your problem, or you will just be open to hijacking again!
* Recover the account if necessary
* Change the pass
* Get a new bank PIN
* Reset your recovery questions
On the road - RuneScape away from home
---------------------------------------------------
One of the good things about RuneScape is that it is entirely browser based - there's no need to buy and install a copy of the game online or in a shop first. This also means that, in theory, you can log into the game from anywhere you happen to be.
While this is all very wonderful, there are major security issues that need to be considered.
* When logging in from someone else's computer, you are relying on their security, which may not be good enough. You have no way of telling if someone else's computer is infected with malware, keyloggers etc.
* Computers in Internet cafes etc. often log all the activity that takes place on them - including logins and/or keystrokes. There is no such thing as a secure public use computer.
* WiFi connections can *easily* be spoofed in public places by someone looking to steal credit card and website login details from others (it just needs a spoof front page, a laptop and a powerful signal - demonstrated on TV by 'The Real Hustle', where a $3000 fraud took under 45 minutes).
* Logging in from anywhere near other people increases the risk that they will just see what you type! No extra tech required...
Unless YOU control the security of a computer, it is a risk to trust your login info to it. Simple as that.