Ah, ok, I misread initially. So he put the 2FA code that Steam generated, into a third party site? Did the 3rd party site look like/was trying to appear to be Steam?
My Steam Account was Phished
Moderators: Bakhtosh, EvilHomer3k
- Carpet_pissr
- Posts: 20041
- Joined: Thu Nov 04, 2004 5:32 pm
- Location: Columbia, SC
Re: My Steam Account was Phished
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
I didn't see any of it, but yeah, that was the impression that I got. "Three months of free Discord Nitro from Steam! Follow the link!"Carpet_pissr wrote: ↑Wed Oct 06, 2021 12:29 pm
Ah, ok, I misread initially. So he put the 2FA code that Steam generated, into a third party site? Did the 3rd party site look like/was trying to appear to be Steam?
His view: Follows the link. Looks like Steam. Asks for username/password. He provides it. Asks for his 2FA code. He checks his email, it's there as it normally would be when logging into Steam. He provides it. Twenty seconds later his account belongs to someone else.
The bot's view: Someone just provided username/password. Use these to attempt to log in to Steam. Steam requests a 2FA code, as you just attempted to log in, which you don't have. Knowing the user will receive the code normally, you wait. The user enters the code into what he thinks is Steam. You immediately use the code to confirm the real log-in and change the credentials. ? Profit.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
FWIW, the very first thing I did was go into my Steam friends list, find his profile, and report him. There is an option under Report Player/Involved in Scamming/Account Appears to Have Been Compromised. Then I did exactly the same thing with my other son's account (that is I used my other son's account to make a second report on him being compromised.) The idea was the trigger Steam's security to cause his account to be locked down as suspicious, and it seems to have worked.
He didn't have any valuable inventory (like CS skins) or more than a few cents in Steam credit, which is what these things are usually looking for. Once they have stripped those off of an account, or if the account doesn't have them, they use the account to contact all of the people on the friends list to try and get them to fall for it as well (that is the kind of thing that this thread has mostly been about - messages coming from compromised accounts.)
He didn't have any valuable inventory (like CS skins) or more than a few cents in Steam credit, which is what these things are usually looking for. Once they have stripped those off of an account, or if the account doesn't have them, they use the account to contact all of the people on the friends list to try and get them to fall for it as well (that is the kind of thing that this thread has mostly been about - messages coming from compromised accounts.)
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Rumpy
- Posts: 12685
- Joined: Sun Mar 27, 2005 6:52 pm
- Location: Sudbury, Ontario, Canada
Re: My Steam Account was Phished
From the sounds of it, it was a scammer pretending to be a Fanatical page? Then the part where Steam usually asks for the login credentials isn't really Steam at all, but a front for collecting login credentials. Glad he was able to get the account back, but this is why I remain skeptical about 3rd-party sites like Fanatical.
A good practice to have in general is to never save credit card information.
A good practice to have in general is to never save credit card information.
Last edited by Rumpy on Wed Oct 06, 2021 1:30 pm, edited 1 time in total.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Also note: There is a common means of logging in to third-party sites via Steam that is legitimate, official, and supported by Steam. An example would be Steam Completionist.
If you click the log in button, it will take you to the real Steam site to log in, then Steam will provide a limited (and safe) level of access to certain elements of your profile (Steam Completionist is a very useful data sorter if you have a big collection.) However, it is still up to you to make sure that you're looking at the real Steam site and not some other site masquerading as Steam.
However, there is a zero-risk alternative:
Simply go to the real Steam site - type it in normally, or use your own shortcut, and log in normally. Now if you click the 'Log in Through Steam' button on the third party site, it will just take you to a page confirming that you want to do so. If you are already logged in to Steam on that browser, it will not ask for your username/password.
If you click the log in button, it will take you to the real Steam site to log in, then Steam will provide a limited (and safe) level of access to certain elements of your profile (Steam Completionist is a very useful data sorter if you have a big collection.) However, it is still up to you to make sure that you're looking at the real Steam site and not some other site masquerading as Steam.
However, there is a zero-risk alternative:
Simply go to the real Steam site - type it in normally, or use your own shortcut, and log in normally. Now if you click the 'Log in Through Steam' button on the third party site, it will just take you to a page confirming that you want to do so. If you are already logged in to Steam on that browser, it will not ask for your username/password.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Heh, I was addressing just this as you were typing. It's completely safe to do that (with the qualifiers in my last post) as it doesn't give the site access to any of your data that isn't already public. It just links the accounts so that Steam will know which (say, Fanatical) account is yours and the other site will know which Steam account is yours. It's handy for the right sites. For example, I link my Steam account to Is There Any Deal, and it watches for any deals at any stores on my wishlist, plus warns me if any game I check on is already in my Steam account - but again, all it is getting is my wishlist and games list which are already public (via the Steam privacy settings.) It doesn't have access to any of my Steam account data.Rumpy wrote: ↑Wed Oct 06, 2021 1:26 pm From the sounds of it, it was a scammer pretending to be a Fanatical page? Then the part where Steam usually asks for the login credentials isn't really Steam at all, but a front for collecting login credentials. Glad he was able to get the account back, but this is why I remain skeptical about 3rd-party sites like Fanatical.
In other words, they get exactly what you have if I link my Steam profile here. Nothing more. It just creates a more stable link between the two than a URL that I might change (some people change their vanity profile - and thus the URL - from time to time.)
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Rumpy
- Posts: 12685
- Joined: Sun Mar 27, 2005 6:52 pm
- Location: Sudbury, Ontario, Canada
Re: My Steam Account was Phished
Yeah, I knew that. And it seems the scammer was trying to mimic that? That's what I'm trying to understand.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Again, I didn't see it myself. From what he told me, every indication was that when he followed the link, he was logging in directly on the Steam page. Part of the problem is that the *!&$#! Discord app (for android) uses its own browser, and you can't see the entire URL. I'm still trying to figure out how to get that changed.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Rumpy
- Posts: 12685
- Joined: Sun Mar 27, 2005 6:52 pm
- Location: Sudbury, Ontario, Canada
Re: My Steam Account was Phished
Ahh, another knock on Discord. Personally not a fan of it myself, and I could see how a scammer would use link obfuscation to their advantage. In other words, they likely want the user to do this via Discord for that very reason. Seems that given Discord's heavy focus on gaming, that they should have precautions against phishing.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Discord isn't great. But Discord is popular, which is why Discord is dominant, and why you pretty much need to use Discord if you're going to communicate with people, including any number of online groups, support groups for various games and tech, etc, etc, etc.
At least on the PC client you can tell it to use your system default browser instead of the Discord browser.
At least on the PC client you can tell it to use your system default browser instead of the Discord browser.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Getting suspicious messages from Debris.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Skinypupy
- Posts: 20389
- Joined: Tue Dec 07, 2004 10:12 am
- Location: Utah
Re: My Steam Account was Phished
Same. Exact same message that came from Stuie when he got hacked.
When darkness veils the world, four Warriors of Light shall come.
- dbt1949
- Posts: 25745
- Joined: Wed Oct 13, 2004 12:34 am
- Location: Hogeye Arkansas
Re: My Steam Account was Phished
Oddly, just this second I got a message from him too.
Ye Olde Farte
Double Ought Forty
aka dbt1949
Double Ought Forty
aka dbt1949
- coopasonic
- Posts: 20982
- Joined: Fri Mar 04, 2005 11:43 pm
- Location: Dallas-ish
- Daehawk
- Posts: 63697
- Joined: Sat Jan 01, 2005 1:11 am
Re: My Steam Account was Phished
Same. I posted it in my thread in the OO area too. I instantly replied that I knew he was a scammer that had Debris ' account because its the same "Hey man u busy" they always use. Told him scammers need better notes then blocked him.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- Lassr
- Posts: 16873
- Joined: Wed Oct 13, 2004 10:51 am
- Location: Rocket City (AL)
- Contact:
Re: My Steam Account was Phished
me too.
The only reason people get lost in thought is because it's unfamiliar territory.
Black Lives Matter
Black Lives Matter
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
He hasn't been here in four years, but I sent FYI messages to both his email and PM, just in case he can still get those. If anyone knows him outside of OO, you might want to let him know.
Strong recommendation:
Go to his profile page, then to the down arrow/drop-down in the upper right corner next to 'message.'
Report Player
Involved in scam/etc
Account has been compromised
If he gets a few of these, it'll block the hijackers from using the account until it gets sorted.
Strong recommendation:
Go to his profile page, then to the down arrow/drop-down in the upper right corner next to 'message.'
Report Player
Involved in scam/etc
Account has been compromised
If he gets a few of these, it'll block the hijackers from using the account until it gets sorted.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Don't tell the bad guys how to win!
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- Teggy
- Posts: 3933
- Joined: Fri Oct 15, 2004 10:52 pm
- Location: On the 495 loop
Re: My Steam Account was Phished
Oh, haha, I figured this was going on again. I got a PM from Debris with the following, so I guess the bot has limitations about how it responds:
[4:18 PM]
Debris:
heyare u busy rn?
[4:18 PM]
Teggy:
did you get hacked?
[4:19 PM]
Debris:
lol why?
[4:20 PM]
Teggy:
because last time I got a message out of the blue it was a bot that had hacked someone
[4:18 PM]
Debris:
heyare u busy rn?
[4:18 PM]
Teggy:
did you get hacked?
[4:19 PM]
Debris:
lol why?
[4:20 PM]
Teggy:
because last time I got a message out of the blue it was a bot that had hacked someone
- Aliasbuck
- Posts: 778
- Joined: Wed Oct 13, 2004 3:37 pm
Re: My Steam Account was Phished
I got this too. Initially I was going to do it, but considering Debris has never ever DM'ed me on Steam, that was the first red flag. So I've asked him where we met. I'm not expecting an answer.
- Skinypupy
- Posts: 20389
- Joined: Tue Dec 07, 2004 10:12 am
- Location: Utah
Re: My Steam Account was Phished
Done, thanks for the heads-up.Blackhawk wrote: ↑Fri Nov 12, 2021 5:27 pm He hasn't been here in four years, but I sent FYI messages to both his email and PM, just in case he can still get those. If anyone knows him outside of OO, you might want to let him know.
Strong recommendation:
Go to his profile page, then to the down arrow/drop-down in the upper right corner next to 'message.'
Report Player
Involved in scam/etc
Account has been compromised
If he gets a few of these, it'll block the hijackers from using the account until it gets sorted.
When darkness veils the world, four Warriors of Light shall come.
- dbt1949
- Posts: 25745
- Joined: Wed Oct 13, 2004 12:34 am
- Location: Hogeye Arkansas
- LordMortis
- Posts: 70197
- Joined: Tue Oct 12, 2004 11:26 pm
Re: My Steam Account was Phished
Aw nobody every tries to phish me. I feel so unloved.
I do get occasional emails from FB informing that someone is trying to log in to my locked account.
I do get occasional emails from FB informing that someone is trying to log in to my locked account.
- Daehawk
- Posts: 63697
- Joined: Sat Jan 01, 2005 1:11 am
Re: My Steam Account was Phished
I get that too. Got one today actually.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- Smoove_B
- Posts: 54670
- Joined: Wed Oct 13, 2004 12:58 am
- Location: Kaer Morhen
Re: My Steam Account was Phished
Do you set your status to Away or just leave it at "online" all the time? No idea if that increases chances or affects any of this at all, but that's my guess.
Maybe next year, maybe no go
- Rumpy
- Posts: 12685
- Joined: Sun Mar 27, 2005 6:52 pm
- Location: Sudbury, Ontario, Canada
Re: My Steam Account was Phished
I've personally set mine to private.
PC:
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
Ryzen 5 3600
32GB RAM
2x1TB NVMe Drives
GTX 1660 Ti
- Birdman042
- Posts: 51
- Joined: Mon Aug 01, 2005 11:30 pm
- Location: Chesapeake, VA
Re: My Steam Account was Phished
Just be on the lookout. Kasey Chang is the latest victim. I sent him a PM with the info. This is a copy of the chat
[3:05 PM]
kschang77:
heyhow u doing?
[3:11 PM]
kschang77:
?
[3:59 PM]
meusferus:
Sorry didn't see this earlier. Was working.
Doing well.
[4:01 PM]
kschang77:
can you vоte for the tеam of my friends in the csgo tоurnament?
[4:02 PM]
meusferus:
What is the team name?
and where do I vote
[4:05 PM]
kschang77:
https://unicybersport.com
here u can vote
in the voting section team "SPROUT"
[4:16 PM]
kschang77:
?
do it now pl
[4:18 PM]
meusferus:
Not falling for the scam.
Fraudulant CS GO Tournament Voting Site :: Steam Discussions
https://steamcommunity.com/discussions/ ... 889974412/
- Carpet_pissr
- Posts: 20041
- Joined: Thu Nov 04, 2004 5:32 pm
- Location: Columbia, SC
Re: My Steam Account was Phished
If, in theory, someone were to not CLICK the link being offered, but to copy and paste it into a browser, say, just to see if it was legit...ummm, would that bad? Asking for a friend...
- Birdman042
- Posts: 51
- Joined: Mon Aug 01, 2005 11:30 pm
- Location: Chesapeake, VA
Re: My Steam Account was Phished
Copy/paste link is fine. (I loaded up Brave Browser in Private mode to check out the link) On the website, when you click on the vote button, it tells you that you need to log in with your steam account to prevent bots from voting. It then opens up a separate pop-up window that looks really close to the actual "log in to website with your steam account" screen. If you were to enter that info into the pop-up, the "hacker" (I use that term very loosely) gets your steam login info.
- Carpet_pissr
- Posts: 20041
- Joined: Thu Nov 04, 2004 5:32 pm
- Location: Columbia, SC
Re: My Steam Account was Phished
I didn't even get that far. As I pasted and "went" to see if legit (how stupid was just doing that!?!?), "he" texted me again and said "Do it now, please". At which point I promptly closed everything, including the chat window. The funny thing is that it wasn't bc that tipped me off that it wasn't him...I still assumed it was him, but DAMN how rude is that?!Birdman042 wrote: ↑Wed Nov 17, 2021 5:47 pm Copy/paste link is fine. (I loaded up Brave Browser in Private mode to check out the link) On the website, when you click on the vote button, it tells you that you need to log in with your steam account to prevent bots from voting. It then opens up a separate pop-up window that looks really close to the actual "log in to website with your steam account" screen. If you were to enter that info into the pop-up, the "hacker" (I use that term very loosely) gets your steam login info.
Fuck you, Doppelganger Kasey Chang, get some manners!
- dbt1949
- Posts: 25745
- Joined: Wed Oct 13, 2004 12:34 am
- Location: Hogeye Arkansas
Re: My Steam Account was Phished
I don't do chat so if any of you guys text me to chat chances are I'll ignore you. Just fair warning.
Ye Olde Farte
Double Ought Forty
aka dbt1949
Double Ought Forty
aka dbt1949
- Grifman
- Posts: 21257
- Joined: Wed Oct 13, 2004 7:17 pm
Re: My Steam Account was Phished
Yep, I got the same suspicious chat messages from Kasey also today. Figured it was the same scam as earlier, came here to check. I responded just to see what they were going to say but it was a couple of hours after the message was sent to me and I never got a message back.
Tolerance is the virtue of the man without convictions. – G.K. Chesterton
- TheMix
- Posts: 10950
- Joined: Thu Oct 14, 2004 5:19 pm
- Location: Broomfield, Colorado
Re: My Steam Account was Phished
Looks like scoop20906 is the latest victim. FYI.
Black Lives Matter
Isgrimnur - Facebook makes you hate your friends and family. LinkedIn makes you hate you co-workers. NextDoor makes you hate your neighbors.
- Daehawk
- Posts: 63697
- Joined: Sat Jan 01, 2005 1:11 am
Re: My Steam Account was Phished
blocked and reported.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
Do not block him. He doesn't deserve to be punished. Report him instead. I just gave the whole process in the Meta thread.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- JetFred
- Posts: 4805
- Joined: Fri Oct 15, 2004 11:26 am
- Location: In an open field west of a white house
Re: My Steam Account was Phished
Yep, I just got messages from three of you in a row (so far) for this. I did not login to the e-sports site with my Steam account but I changed my account password anyway.
I have but one advocate.
- Blackhawk
- Posts: 43817
- Joined: Tue Oct 12, 2004 9:48 pm
- Location: Southwest Indiana
Re: My Steam Account was Phished
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
- $iljanus
- Forum Moderator
- Posts: 13687
- Joined: Wed Oct 13, 2004 3:46 pm
- Location: New England...or under your bed
Re: My Steam Account was Phished
Locking this thread because all Steam hack reports can now be reported on a stickied thread in Meta which has all sorts of good advice as well.
Black lives matter!
Wise words of warning from Smoove B: Oh, how you all laughed when I warned you about the semen. Well, who's laughing now?
Wise words of warning from Smoove B: Oh, how you all laughed when I warned you about the semen. Well, who's laughing now?