i explain better

years ago, i bought my first Roblox card and wrote the code and eventually get the robux, but 3 hours later my account got hacked and more than 900 robux got donated on a random gampeass of 15 ROBUX! i repeat, 900+ robux donated on a 15 robux gamepass

the worst thing, is that i had 2 step verification enabled, and NOBODY had access to my account or pc, cause nobody was at home that time.

(yeah roblox didnt give me a refund)

there is a way to ACTUALLY protect your account? if not then im going to make games on unity or talk with the law (if this happens again) cause in my country i can do this and is not against the ToS

Maybe add 3 step verification (Pin).

But I don’t think the gift card is to blame, you must’ve done something else that got you hacked.

Just don’t make enemies with any sort of hackers and never click on suspicious links or stuff.

Alr, to narrow down how your account got hacked please answer the following questions:

Do you use any chrome extensions if so what are they?

Do you use discord? And did you verify your Roblox account with some type of method it required?

Also I wonder if you went on any websites that used cookies to cookie log your account. Suggestion clear your cookies.

Hackers/Exploiters can easily bypass that sadly.

Also when you say they hacked you did they change the password of your account or anything? Also make sure change your password if you haven’t already.

only and only an ad blocked

of course, but i only joined servers in the page of Discord and of roblox games by their description

Email

i delete the cookies once per month constantly
also, i make virus scan once a week and delete things i dont need frequently.

yeah, im a very obsessed with security, but mostly because i work with this

the only thing i could say is maybe the reasons are Data leaks

You should use an authenticator instead. Also While using discord did any the servers you were in ask to verify your Roblox account and how?

You can try using https://haveibeenpwned.com/ to see if any your data has been leaked.

i mean, i verified with an email but i use the Authy

also, some discord servers (one of my friend) have bots that ask me for access on my account, something like RObot

for your edit: i checked 10 mins ago i found nothing. i really want to know whats going on

maybe the reason why i got ha cked is because 3 years ago i didnt do all these security checks

Doubtful unless they were already in your account. Check under account security and see if there is any unknown logins. I still wonder if the verify bot in the discord might of had a data leak or a backdoor script or virus and that’s how someone accessed your account.

Another thing I thought of is there anything you recently downloaded or didn’t know you downloaded that has any malicious scripts in it?

the four things you need are:

• a strong enough password (you should probably know what that looks like)
• email verification (roblox nags about it enough already)
• another verification method, be it an auth app or a hardware key
• common sense (arguably the most important one, e.g. not clicking dumb links)

following all these you should basically be fine even if you’re facing a targetted attack by a group of script kiddies, don’t be too concerned about hackers since the ones who actually know how to do some damage tend to not really be interested
i wouldn’t rely on roblox support too much since they’re by far the worst support group i’ve tried to talk to, zero help even when i literally showed proof of myself being doxxed; always take preventative measures instead of relying on them

It’s probably because you linked your EVERYDAY Email which you use DAILY to your Roblox account.

You must create a completely new, unique Gmail and link it to your Roblox account with a strong password and Email address.

This is very important, because if anyone has access to your Gmail, they can easily have access to your Roblox account by requesting a password reset.

OR … It’s probably because you clicked on one of these links which collects your cookies and access your account.

Check Security and make sure you’re not logged into any devices other than you’re own

also, some discord servers (one of my friend) have bots that ask me for access on my account, something like RObot

There has been a documented case about Discord having account stealing verification bots that will execute a script on the Roblox website while you’re logged in and perform many things in quick succession. (Stealing Robux/Limiteds and if your account is valuable enough it will be stolen entirely). Of course there are other ways this is accomplished (cookie logging, app authorization, etc.)

I haven’t heard of “RObot”, so if you verified with it there’s a possibility that’s what has compromised your account.

How to secure your accounts?

1. Never share your account’s email with ANYONE (Malicious users may reverse engineer support and gain access to your accounts).
   | 1.2 The same goes for your phone number and anything else that’s connected to your account.
2. Do not access/run any unknown/suspicious applications, links or browser extensions.
3. Use stricter anti-virus/browser security configurations.
4. Frequently change your passwords and use a password manager.
5. Use a passkey or a 2FA application on a physical device.
6. If you suspect your devices or network have been compromised, remove the threat and update your account’s credentials.

What to do if your account has been compromised?

1. Remove the threat and make sure your device is clean.
2. Contact support and in detail explain what happened, state your previous account settings.
3. Co-operate with support agents if additional verification is required.
4. Once you have gained access to your account, replace your old email with a new one.
5. If you have lost Robux then you can file a refund request in Roblox Support [Type of help category: Purchases Using Robux > Website Item / In-Experience Item]. Then explain in detail that while your account was hacked the hacker or the automated script has purchased the item without your authorization. IMPORTANT: Link the Item in the ticket, and state the amount of Robux lost, however Roblox could(?) only refund once per single unauthorized purchase.