• 
2013-02-12 19:03:54
Well, one of the problems with JAG is a lot of people sign up without realising how much of a commitment it is so they don't bother writing the answers down anywhere... So there has to be some way to disable it without having the answers or people will be locked out forever (their fault, but sucks for everyone if a ton of people quit). All you have to do is send an e-mail and it will be deactivated if they believe it's you. I don't know just how much info you have to know before they give in, I do have faith it's intensive, but it's definitely possible to get it disabled without the answers...
I've seen a couple of cases where the JAG answers themselves have been found out because they've saved the answers somewhere on their system, or even had them uploaded online (auto-synching through the cloud). If your computer is infected your documents aren't secure, thus they can find them that way. I think if you ask Jagex themselves whether JAG was deactivated or if they just knew the answers they are able to find out and let you know, which should help narrow it down a little bit. You might even be able to find out yourself when you regain control, I'm not too sure. There's also always the possibility it was a friend who just knew the answers if they were honest (it's recommended to use answers like "dshafsh121kdh" to avoid that).
Either way, it's definitely worth scanning your computer and making sure there's nothing on there. They found our your password somehow and it's pretty common for people who get hacked once to have it happen again a month or two later. Plus, if they have access to your e-mail then your runescape account could be the least of your worries. I personally use Malwarebytes' Anti-Malware and Microsoft Security Essentials for my scans and have never had any problems.
When you set up two-step verification it's worth creating a separate account just for your runescape account and nothing else. For example, mine is something like pssfafafhbfbfasf@gmail.com; you don't want it something guessable. Write the username and password down somewhere safe (mine's in a drawer & in my filing cabinet). It may be overkill but it's not really that much effort and it's worth it for the piece of mind.
I'm no security expert btw, some of this might be a little off (I'm sure someone will come along and offer something better/correct me) but it should cover most of the important things! There's plenty of threads on the Account Help forum about how to secure your account too if I remember correctly. There is the concern that they used some sort of software to capture you typing in your RS bank PIN at some point, but fingers crossed you caught it in time! Should definitely be able to prevent it from happening again at the very least
I've seen a couple of cases where the JAG answers themselves have been found out because they've saved the answers somewhere on their system, or even had them uploaded online (auto-synching through the cloud). If your computer is infected your documents aren't secure, thus they can find them that way. I think if you ask Jagex themselves whether JAG was deactivated or if they just knew the answers they are able to find out and let you know, which should help narrow it down a little bit. You might even be able to find out yourself when you regain control, I'm not too sure. There's also always the possibility it was a friend who just knew the answers if they were honest (it's recommended to use answers like "dshafsh121kdh" to avoid that).
Either way, it's definitely worth scanning your computer and making sure there's nothing on there. They found our your password somehow and it's pretty common for people who get hacked once to have it happen again a month or two later. Plus, if they have access to your e-mail then your runescape account could be the least of your worries. I personally use Malwarebytes' Anti-Malware and Microsoft Security Essentials for my scans and have never had any problems.
When you set up two-step verification it's worth creating a separate account just for your runescape account and nothing else. For example, mine is something like pssfafafhbfbfasf@gmail.com; you don't want it something guessable. Write the username and password down somewhere safe (mine's in a drawer & in my filing cabinet). It may be overkill but it's not really that much effort and it's worth it for the piece of mind.
I'm no security expert btw, some of this might be a little off (I'm sure someone will come along and offer something better/correct me) but it should cover most of the important things! There's plenty of threads on the Account Help forum about how to secure your account too if I remember correctly. There is the concern that they used some sort of software to capture you typing in your RS bank PIN at some point, but fingers crossed you caught it in time! Should definitely be able to prevent it from happening again at the very least
![[Image: portus-champ-2012.png]](https://images.clansurreal.com/proxy/http://images.clansurreal.com/portus-champ-2012.png)
![[Image: portus.png]](https://images.clansurreal.com/proxy/http://images.clansurreal.com/motm/portus.png)