So.. you not been hacked - you're given your account credentials to the thief.
Create ticket to steam support for help.
https://help.steampowered.com/pl/wizard/HelpWithAccountStolen
Comment has been collapsed.
Is enough, you're safe. One important thing:
LOG-IN ONLY in steam main page (https://store.steampowered.com).
My video in polish language (I will create subtitles too):
https://www.youtube.com/watch?v=Z45eWPas3II
Comment has been collapsed.
I dont understand how people are so lazy, if some page asking you to log in, just open new browser window, go to steam homepage, log in there, refresh that link what you got, if it still want login you know it is fake site. ... its like 10 seconds... why is not everyone doing this.
Comment has been collapsed.
They can't. Some fake login websites will also fake the 2fa prompt so you also provide the hijacker with the 2fa code, but otherwise if you have 2fa enabled and you only provide your login info, they cannot access your account.
Gabe Newell demonstrated this when 2fa was introduced.
Of course, if you do share your login info somewhere by accident, you should still change your password ASAP as a security precaution, since that makes it easier for a hijacker to access your account, even with 2fa enabled.
Also footnote... this is my personal understanding of how it works - if something I said is incorrect, please do feel free to correct it.
Comment has been collapsed.
I asked one of these dudes why they keep spamming me and they actually apologized and said it was a different person the other time LOL
Comment has been collapsed.
I've thought about asking those bots why they keep spamming me, but seeing as how they have no games in their accounts and are level zero, I decided it wasn't worth my time. P
Comment has been collapsed.
Yeaaaah, That is kind of a big deal in steam for a few years now.
Always check url address on your browser to make sure you are not login into a fake website.
Comment has been collapsed.
Sent you a friend invite. You may, of course, turn me down. No hard feelings.
Comment has been collapsed.
damn just found out about it :c , i was hacked too
Comment has been collapsed.
You didn't get hacked. You got hijacked. Those are two different things. :P
You unwittingly gave your account details to a scammer by signing into a fake page.
There is a way to avoid getting hijacked. You could check the link to make sure that you're on the right page. But, I Always make a rule of going to the actual steamcommunity link myself and log in there first before linking any website, even if it's one I think I trust. When linking, you shouldn't have to enter credentials again once you're already logged into Steam on your browser. ;)
Comment has been collapsed.
I once fell for that many years ago, but luckily, was able to get my account back in a matter of minutes, but I remember the horrible feeling. I probably didn't have any good items or whatever he was looking for so he logged out, this was before 2FA was introduced.
But the funny thing is, I didn't fall for the classic "get free games" scams, but a friend sent me something like that, vote for favorite team or whatever it was.
Also the link had a j instead of an i in community.
Comment has been collapsed.
I'm confused by the people saying that this person wasn't hacked.
I get why they think social engineering isn't a "real" hack, but I'd also bet that any hacker worth their salt would concede that social engineering is very much a part of real hacking.
Anyway... best of luck to you, hope Steam support can resolve it quickly, and stop clicking random links!
Comment has been collapsed.
seems more like you gave your credentials in a plate to someone, it's more like phishing attack than hacking as far as I know. also I remember one of moderators I guess made a thread and posted a very useful YouTube video which explained all kind of scams and ways they will try to get to your account, and this method was obviously one of those, So I guess you might not looked into it or skipped it somehow!
Comment has been collapsed.
haha yeah :) I got the same message from old friends in past 2 weeks, but told them I would never use my login info for some random shady website, and also they offered to give me some tf2 or cs go keys in return just for a vote! just right there I became 100% sure it is a scam :)
Comment has been collapsed.
Sorry this happened to you. I work with data security and one thing I do tell people to do when they ask how to make things more secure is to consider using a password management tool.Something that will auto-fill the password on a known website. It's very easy to tell if a website is fake, because your credentials won't be shown there. Even your browsers built in password storage is better than nothing, especially if you are using secure, unique passwords. I know with steam it's a little different because you have to type your password into the client to login, so you need to know it, but I don't know most of my passwords on websites, because I'll set them once and forget. I know some people have concerns about 'what if the password manager gets hacked', but the simple reality is that far more data breaches happen because of social engineering or insecure passwords, than because of an actual 'hack'.
And the number of people who use the same password for everything is frightening. When I give them a login with a nice secure password, the first thing they want to do is go and change it to their 'favourite' password. I nearly punched the person through the keyboard the other day when they got the new google chrome popup show up for them on our system, telling them the password they used has been involved in a data breach and they should change it. They were shouting about a data breach on the system and I was like, 'Dude, it's your damn stupid password that you've used on every site that is the problem!! Change it right now or I will lock your account'
Anyway, glad nothing too bad happened to you, never underestimate the lengths con artists will go to for access to your stuff.
Comment has been collapsed.
46 Comments - Last post 1 minute ago by Calibr3
43 Comments - Last post 1 hour ago by MyrXIII
291 Comments - Last post 3 hours ago by JX8
250 Comments - Last post 5 hours ago by McZero
795 Comments - Last post 7 hours ago by FranckCastle
364 Comments - Last post 7 hours ago by Zepy
44 Comments - Last post 8 hours ago by IronKnightAquila
41 Comments - Last post 8 minutes ago by BlaiddGwyn
2,322 Comments - Last post 10 minutes ago by canis39
189 Comments - Last post 11 minutes ago by Vampus
93 Comments - Last post 22 minutes ago by grcemeise
541 Comments - Last post 25 minutes ago by Vampus
603 Comments - Last post 25 minutes ago by Mostack
135 Comments - Last post 28 minutes ago by Mikurden
one of my good steam friends messaged me and asked me to vote for his csgo team, so i trusted that link and signed in with my steam info. later on the hacker had access to my steam account and started messaging every friend and whoever didnt reply to him got blocked.
i've lost so many friends and got blocked from so many thinking im the one whos trying to hack them, but it wasnt me. sorry about that, but luckily i got my account back and it's all good now :)
heads up: be careful of these kinda scam, warn your friends about it
message from steam support:
Comment has been collapsed.