0 Members and 1 Guest are viewing this topic.4001 views

*

Offline Only Lilly

  • *
  • Join Date: Sep 2011
  • 17844
  • Gender: Female
  • Awards This player has 200m EXP in the skill: Fishing!
  • Rsn: Only Lilly
Guide To Shutting Down "Youtube Giveaway" Scams
« on: June 17, 2014, 19:04:35 »
A kind member has sent me this guide to help the war against youtube scams.  I love it  O:)


It seems that you can't throw a mithril bar in the G.E. on world 2 (and other worlds for that matter) without hitting a bot advertising a "Youtube giveaway" scam.

I will post a guide, for those interested, on how you can do your part to help ensure these scams fail.


STEP 1: Report The Bot
The account spamming the phrase "Free giveaway search [Youtube ID] for info!" and its variants is likely a victim of the scam itself.  Sad as that is it must be stopped.  Report it for the following:
- Advertising websites
- Macroing/botting
- Solicitation

If you happen to be a mod, and are so inclined, mute the offending account.


STEP 2: Alert Youtube
Next, go to Youtube and search out the Youtube ID.  Locate the video.  Invariably, it will be some video of someone's bank with some tinny techno/electra "music" playing and possibly a voiceover along the lines of "hey guys I'm quitting RuneScape...".  You will be instructed to click the link in the description to be taken to the "RuneScape page" to log in and explain why you should get the giveaway.
This is, of course, a phishing website designed to steal your account.
What you should do is copy the URL and paste it into Notepad.  Once you have done this, flag the video under Fraud -> Spam and enter why you are flagging it.  Indicate that it is a phishing website designed to steal RuneScape players' accounts.  Youtube, hopefully, will act quick to remove the video.


STEP 3: Ping The Phishing Site
Next, open your Command Prompt.
Type the following:
ping phishingsite.domain

You should get an IP address out of this.  Type in the IP into Notepad.  Close the command prompt.


STEP 4: Resolve The IP To Its Host
Next, go to this site: http://tools.whois.net/whoisbyip/
Enter the resolved IP and hit ENTER.  You should get a readout of the site's information, including its host and, more to the point, the complaint/abuse e-mail address such as: [email protected]


STEP 5: E-mail The Phishing Site's Host
Open your e-mail and send an e-mail to the abuse contact, explaining that the site in question is a phishing site trying to steal people's account info.


And thus, you have gone the extra mile in stopping scam sites and making RuneScape a bit safer.

*

Offline Emma

Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #1 on: June 18, 2014, 11:08:00 »
Nice :)


*

Offline Joel

  • *
  • Join Date: Sep 2011
  • 3305
  • Gender: Male
  • Oldschool: Joely
Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #2 on: June 18, 2014, 12:33:33 »
Could probably manage step 1 and 2 :P

Click Me


*

Offline Slayer Wolf

  • *
  • Join Date: Sep 2013
  • 1853
  • Gender: Male
  • Awards maxed with 120 dung For Capping 52 Times Questpoint Cape This player has 99 in the skill: Hitpoints! This player has 99 in the skill: Attack!
  • Rsn: Slayer Wolf
Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #3 on: June 18, 2014, 15:46:18 »
From step 3 it begins to be complicated ;P
"We work in the dark to serve the light. We are Assassins.
Nothing is true, everything is permitted."

*

Alizadeh

Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #4 on: June 18, 2014, 18:00:51 »
Yey, maybe now we can finally stop these idiots in game!

~Sean

*

Offline HomeScape

  • *
  • Join Date: Mar 2014
  • 77
  • Gender: Male
  • Awards Created 5 Guides maxed with 120 dung
  • Rsn: HomeScape
Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #5 on: June 18, 2014, 19:45:23 »
So i tried this, but the command prompt thing wont work for me:

Quote
WARNING THIS IS A SCAM SITE DO NOT LOG IN





WARNING THIS IS A SCAM SITE DO NOT LOG IN



Any solution or reason why this doesnt work? the link seems "legit", even for me whos playing 5 years nonstop and had a lot of crap over me. lel
It looks like the legit site is used, but somehow sends the login to somone, once the login button is clicked there appears a small, odd box wich normaly never happens. Also a weird message appears when you login without password, wich normaly never happens.

*

Offline Redtunnel

  • *
  • Join Date: Sep 2011
  • 2655
  • Gender: Male
  • Awards For Capping 52 Times Won three CTS games tournaments This player has 99 in the skill: Firemaking! This player has 120 in the skill: Farming! This player has 99 in the skill: Mining!
  • Rsn: Redtunnel
Re: Guide To Shutting Down "Youtube Giveaway" Scams
« Reply #6 on: June 19, 2014, 01:47:18 »
So i tried this, but the command prompt thing wont work for me:

Quote
WARNING THIS IS A SCAM SITE DO NOT LOG IN





WARNING THIS IS A SCAM SITE DO NOT LOG IN



Any solution or reason why this doesnt work? the link seems "legit", even for me whos playing 5 years nonstop and had a lot of crap over me. lel
It looks like the legit site is used, but somehow sends the login to somone, once the login button is clicked there appears a small, odd box wich normaly never happens. Also a weird message appears when you login without password, wich normaly never happens.

Whatever comes after the top-level domain (.com) shouldn't be a part of the echo (ping) request.

Pinging secure-runescape.com [127.42.0.1] with 32 bytes of data:
Reply from 80.82.64.104: bytes=32 time=45ms TTL=59
Reply from 80.82.64.104: bytes=32 time=44ms TTL=59
Reply from 80.82.64.104: bytes=32 time=57ms TTL=59
Reply from 80.82.64.104: bytes=32 time=46ms TTL=59


On a side note, if you can't distinguish malicious domains from the legit ones, you can install e.g. Malwarebytes. It should actively provide protection against these type of websites (it blocks the site in question). In this instance, you can tell by the domain that "secure-runescape.com" is different from "runescape.com". If "secure" were a subdomain of runescape.com, the domain would look like "secure.runescape.com", and this would be legit. If you go to rsof, you will see that they are hosted on services.runescape.com
"The purity of a person's heart can be measured by how they regard cats"



 

SimplePortal 2.3.6 © 2008-2014, SimplePortal