Welcome to TRiBot Forums

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.

Sign in to follow this  
Followers 0

How to Avoid Being Hacked (WIP)

11 posts in this topic


There are so many people out there getting their accounts wiped / hacked per day due to many of these methods and I hope that making this thread will help at least a few of those people. A lot of this guide is copied and pasted straight from the runescape website.


The 'hacked/free tribot client'

If you've ever downloaded a version of a 'hacked' or free VIP version of Tribot, then you've been deceived. There is no working crack of Tribot, every single youtube video is a lie. All the latest and greatest Tribot hacks are just Viruses or Phishers. The only place you should ever download Tribot is from Tribot.org.

furthermore if you have clicked any of the following links in the past 6 weeks, you have been a victim of a Scammer.

  • RS Gold Generator
  • RS Gold Hack
  • RS Level Hack
  • RS Hack
  • RS Pin Generator
  • RS Money Duper
  • RS Membership Hack
  • RS Mod Hack
  • RS4 Beta Testing
  • Signed up for any RSBot except for Tribot.
  • RS Exploit
  • RS Cheat Engine
  • RS Damage Hack
  • IDungeon Bot
  • Any bot advertised in game


The email phishing scam
Scammers will send you emails that appear to be from runescape itself. If you click the links on these emails then you will be forwarded to a site that will attempt to steal your information.

I probably get about 15 or so of these a day. Normally they are sent to my spam filter but occasionally they manage to sneak in to my main inbox. The easiest way to tell if it's a real email is that the real ones will contain your IN-GAME NAME



When reading an email that appears to be from Jagex, check that it makes sense! We don’t want to make a bad impression, so when we contact you through email, we will always use the correct spelling and grammar. If it looks to be written by a 5 year old then don’t trust it.



Pretty much every phishing email you see will have a hyperlink which will direct you to a malicious version of the RuneScape website.


NEVER click on these links!


If you are unsure, you can hover over the link with your mouse and your browser will display the actual location of the URL at the bottom of your screen. If this address differs significantly from what is shown in the email, do not visit the site.




There are some occasions where we will want to reach out to you through your email address and when we do, I can promise we WILL NOT contact you about the following:


Offering you Moderator status

Verifying account details/requesting identity that you are the account owner

Your account being suspended, muted or banned for any reason

Your account being about to "receive an infraction"

To recover your password (if you haven't requested it)

Confirm a change of e-mail address if it was not requested

Selling your RuneScape account, real world trading or that Jagex has a lawsuit against you

Passwords expiring or being wrongly entered

Account intrusion/unusual activity on your Account

Eligibility for a free gift



Most phishing is done by posting threads to something that people would generally like to see on forums like these. It's pretty easy to know what is real or fake because all you have to do it scroll over it or copy the link into notepad and make sure it's runescape.com. If you spot a phisher, it's good to report it to it's host so it is taken down.

Preventing Phishing

Use Chrome, Use Chrome, Use Chrome. Seriously go install it right now. Chrome has removed Java Applet support and has excellent phishing protection.



Click the spanner (or wrench) icon in the top right of your browser

Choose Options

from the options menu at the left of the window choose Under the Hood and check "Enable phishing and malware protection"



Be smart. Only enter your runescape password on runescape.com.


General Account Safety

  • Never give your password to anybody
  • Make your runescape password different than every site you use.
Edited by J M C
8 people like this

Share this post

Link to post
Share on other sites

I found another one. Simplybot.com - if you want to know if a .jar file is backdoored or not just unpack it with Winrar and read it's contents. You'll notice with the site mentioned there's 2 files with racist names that are backdoor files launched within the client upon execution.

Share this post

Link to post
Share on other sites

lastpass with 2fa is nice. use 2fa when possible.

wip get to work

Share this post

Link to post
Share on other sites

Perhaps u could add some info about keyloggers & rats. 

People should be carefull about what they download, click & execute on their computers.

The stub of  a rat can even be spoofed into a .jpg extension.



Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.