Phishing is a form of identity theft, where personal information is collected by someone posing as a trusted individual or organisation. In some cases, the stolen information is used to assume that identity in order to access and take over an account. Examples might include:
- An unprompted email requesting you take action on your account
- Someone asking you to provide personal or financial information
- Messages from someone impersonating a Jagex Mod
- Unofficial competitions requiring you to share personal information or log in to a third party application
To avoid being phished follow these tips.
Activate your browsers phishing filters
You can activate your browser's phishing filters to alert you of potentially unsafe websites. Here's how to enable phishing filters on some popular browsers:
Keep your personal information safe
Phishers might try to trick you into providing your personal or financial information so they can take over your accounts.
- Don't respond to requests for your private information
- Only enter contact information, such as your email address, into websites that you've navigated to yourself and confirmed are legit
Avoid clicking links
Links may discretely download malware onto your device or direct you to a fake website to collect your personal details.
- Always mouse over to see where links lead
- If you click on a link and are asked to enter your password, don't enter your information, navigate to the website yourself
- If you're suspicious of a security email from Jagex, log in directly to manage your account settings
Be wary of unusual behaviour
Fraudsters use emotion to try to get you to act without thinking.
- Beware of messages that are asking you to take urgent action
- Watch out for offers that seem too good to be true, you can check the RS / OSRS news to verify any offer or promotion
- If a message appears to be from a friend or family member asking for help, always contact them via an alternative contact method to confirm before taking action
- If a message appears to be from a bank, law enforcement or other authority, always contact them directly to find out if the message is authentic
Official Jagex domains
Check email and website addresses carefully as some fraudsters spoof our official Jagex domains. Official website and email domains will always end in:
What to do if you've been phished
If you've fallen victim to a phishing scam, follow the steps in our Security tips article to protect your account and device. You can also report the scam:
- Report scam emails, websites and adverts to the National Cyber Security Centre
- Report phishing websites to your browser, for example Google and Microsoft Edge
- Flag suspicious emails as phishing or spam to your email provider: Gmail, Hotmail, Outlook
- If you encounter phishing in game, please report them so we can take suitable action