I know that many has seen already about the accounts being hacked, just wanted to write exactly the message, so that everybody can be warned.
Comment has been collapsed.
DANGER: Careful with "1 more discussion about scams! reply to the one you want! https://steamgifts.com"
Comment has been collapsed.
My account was hacked and I am trying to recover it right now smh...
Comment has been collapsed.
Yes you have, You've been spamming me like crazy XD. Typed the message into google, brought me straight here. Hope you get it back.
Comment has been collapsed.
Danger! Danger! High voltage!
Don't click the link!
Seriously, don't.
Why did you?!
I said don't!
Comment has been collapsed.
TIL there are more stupid people in this world than I realised. Time to clear out those fake friends people.
And I thought my esteem of others couldn't get any lower.
I've decided I don't want to take over this world, it's too dumb for me.
Comment has been collapsed.
Why wouldn't you? It looks so easy to take control of so many people with one simple free game and turn them all into slaves.
Comment has been collapsed.
What are you even talking about? Epic is love, Epic is life!
Anyway, haven't you heard Steam is dead?
Comment has been collapsed.
Everyone makes mistakes and people don't need holier than though little cunts like you mouthing off about how superior you are.
Comment has been collapsed.
The Enemy is Weakened! Attack! Attack! Attack!
It was really me who scammed your naive little butt!
Comment has been collapsed.
And your vocabulary is extremely limited. I'm guessing English isn't your native tongue.
Comment has been collapsed.
-
Judging by "holier than though", I'd guess that English is in fact their main language. Such mistakes in set phrases are more common among native speakers. The reason is, they, having heard a phrase a lot, intuitively grasp its meaning and don't feel the need to double-check. On the other hand, a learner of English has no idea what "holier than thou" could even mean, and when they do research the phrase, the etymology is imprinted. Another indicator of the grandparent being a native speaker is their usage of "mouthing off", which, being a colloquial phrase, isn't something a learner of the language could encounter in a textbook or a work of fiction.
-
What exactly is wrong with English not being one's native language?
-
For that matter, what is the benefit of using advanced words when the level of nuance required to get the message across is achieved without them?
Comment has been collapsed.
Thank you. Seriously. This eloquent comment made my day.
Comment has been collapsed.
There's a twin site, rolldatgame . com it's exactly the same
Comment has been collapsed.
Please edit your post so that it no longer contains a link.
Comment has been collapsed.
You're the mod, can't you edit his comment or delete it?
Comment has been collapsed.
Meanwhile, I'm wondering why the duplicate threads aren't getting closed, as I seem to recall that SG (as per the norm for most forums) has an established expectation of closing duplicate threads in situations such as these. A single thread's be easier to oversee, and then maybe staff could do something about clamping down on the instigators who are trying to escalate up drama in the threads.
Defi manages to properly format her title and manages to not violate any site rules with her threat title and description, so that thread seems like the clear choice for retention. Unless, of course, the consideration is that the matter is warranting excessive visibility. None of these threads appear to be doing anything other than posting additional links to the scam site and building up drama, though, so the benefits seem questionable.
Comment has been collapsed.
You're the mod, can't you edit his comment or delete it?
No. Only the author and Admin have editing privileges.
Comment has been collapsed.
Guys be careful in the support area, one of the support might have been hacked too. I doubt these people/bots even care about sg but if they log in it could make some damage.
Comment has been collapsed.
done, sorry for that, I thought the plain link was not converted
Comment has been collapsed.
Could you please explain in steps how you survived this serious hacking attack?
Wait, maybe I got this...
Comment has been collapsed.
Yeah, pretty tasteless and ridiculous of some people on here. It's almost as annoying as the scam itself.
Comment has been collapsed.
I mean it's the same level of scam as sending money to a Nigerian prince or going to see all those hot singles in your area.
It is funny that people would think it was real.
What do you mean I'm getting a free AAA game for just logging into my steam account in this suspicious about: blank page made to look like steam's login page... What an unbelievably great deal!
If people don't look at a url before logging into a site, then internet literacy has a long way to go.
Comment has been collapsed.
On a superficial level you are right with that comparison, however I have to credit the makers of this newest scam with the execution of their site, the enticing partial reveal of a legit looking Steam key and fake login widget, which can look deceptively similar to the real thing at first glance. That's the thing really, I clicked on the link knowing full well what it was, just to see what it looks like, and if you are just used to seeing Steam's open ID linked login from benign services I can see how it could have fooled someone who let their guard down for a second.
But my comment was really more about being annoyed at the uncalled for display of arrogance and pathetic superiority complex over the "stupid" victims who fell for it by one user in particular in this thread.
Comment has been collapsed.
I've got that message too.
https://imgur.com/a/G9u6v44
Comment has been collapsed.
The website is not connected to official steam api
It make a FAKE login page, try to steal your accont name and password
Please remind your steam and sg friend , bcos I saw some friends already got hacked
Those hacked accounts will keep sending messages to who on steam friend list
Comment has been collapsed.
thats an old phishing technique yet people still fall into it , ironic
Comment has been collapsed.
BUMP.
This is a MALICIOUS site that copies the steam login page, but the URL does not match - they are hiding it - if you log in, you could have your account stolen worst case ... don't risk it
Comment has been collapsed.
And this is one of the reasons I choose my Steam friends carefully and keep my friend list small.
People who "collect" friends are, simply put, begging for this kind of thing to happen. The bigger your list, the easier you're making it for them to steal accounts.
Comment has been collapsed.
I have a huge friend list but really don't care since I won't click every single random link people send me.
I'm honestly really surprised that people still fall for this kind of thing in this day and age of regular scam website and knowledge of them. In any case, hopefully most of the victims will recover their accounts intact, and return with nothing lost but with a solid lesson learned about internet safety and how easy it is to get your account hijacked.
Comment has been collapsed.
I choose my Steam friends carefully and keep my friend list small.
I feel special now 😍🤭
Comment has been collapsed.
Not sure I'd agree with that. If you're smart enough not to fall for these obviously fishy links then you've got nothing to worry about no matter how many friends you have on Steam.
I got message for that phishing website today and it was from a person I really wouldn't expect to fall for that. It was from keohookalani (I'm sure you remember him), I immediately thought the links are fishy, especially since he spammed 4 links in a row.
You never know who can fall for that, even people who really should know better do, unfortunately.
Comment has been collapsed.
Yeah, it's really surprising that so many experienced gamers fall for scams like that. I already had 5 or 6 people spamming that link today. And they were all traders and collectors with several thousand games. You'd think they know how a phishing link looks. But you're right, you never know who will fall for a scam like this in the end.
Comment has been collapsed.
A free game was offered, especially for collectors that's everything they need to know to give it a (last) look. 😉
Comment has been collapsed.
About keo, do you happen to know why he was suspended (not sure if this is calling out)? I went to his SG profile because I also got the message from him and he's permanently suspended. :S
Comment has been collapsed.
I collect friends and they still haven't got me yet.
Comment has been collapsed.
I don't collect friends and I've not even received one phishing link ... ever.
No phishing links = 0 possibility of being phished.
They are constantly sending me this message. HA!
And I don't have to deal with that.
Comment has been collapsed.
I would censor those links just to be sure... The end result of people trying them is annoying...
Comment has been collapsed.
I actually put in the word DANGER bigger : Careful
Comment has been collapsed.
There's no constructive merit to typing out the name in full, it still violates certain site rules (as they're written) to do so, it's uncomfortable from a social perspective, and you just completely crossed the line by posting it as a direct link anyway. This thread was all-around dubious to make on top of all the existing threads to begin with, but you keep inflating that sense of unease.
The real eyeraiser is, you felt the need to make an additional thread, but you clearly didn't look through the other threads, or you'd have seen staff requesting such links not be posted.
Comment has been collapsed.
Dont post the link plz
Some ppl thought they have Steamguard protected and go to try ...
The Steamguard will be unlinked and email got changed in a sec
Comment has been collapsed.
sorry but how could they remove the authenticator without being able to access the steam guard mobile device, the backup codes or all the info steam requires if you lost phone/no backup codes?
Comment has been collapsed.
I duno the tirck
But one of my friend got phisinged
He said when he entered id and password to the site
He got steam forced logout , authenticator got removed and account email got changed in a sec
Because I try to remove authenticator by web browser ,it wont let me to do that
It told me I have to remove it by steam app
Comment has been collapsed.
jeez, so they have full access to the account because they know id and password! well in that case it's a matter of milliseconds, everything is done automatically by code..
Comment has been collapsed.
Account lost after being signed with steam to spindatgamex😵
Comment has been collapsed.
helyrejött, suport tickettel, igaz 16 óra után válaszoltak, de sokat megfertőzött ez a link
Comment has been collapsed.
Töröltelek emiatt, sajnálom. Mondom véletlenül se szívjam meg. Erre több embertől is kapom. Ha gondolod jelölj majd be, ha minden oké.
Comment has been collapsed.
nem baj, másik gyerek melyiktől kaptam az üzit most is vírusos egy török, ez ilyen😐
Comment has been collapsed.
A new site is being promoted.
https://rolldatgamexx(dot)com ----> don't click that, it's here for awareness only
Comment has been collapsed.
I don't think anything happens if you just click it. Logging in to the website with your Steam credentials is the problem.
Comment has been collapsed.
Yeah.
We're also the bad guys if we point out the obvious red flags.
Comment has been collapsed.
You're not the bad guy for pointing out red flags. That's always useful. It's more about how you do it. You can do it in a matter of fact manner or you can shit all over victims by arrogantly claiming your obvious vast inherent superiority over the worthless idiot losers who fell for it (but not even point out the red flags). Not saying that's you, if that wasn't clear.
Comment has been collapsed.
This has become quite the epidemic.
Atleast 4 accounts on my friendslist have been compromised so far.
Comment has been collapsed.
Firstly, don't put the malicious link in your title. xD Secondly, it's NOT only this one. A steam friend of mine, that got hacked, sent me this link AND another malicious link too. I didn't click them, obviously. But the hacker is probably adapting. :P So, don't click any link, even if it's not the one in the title.
Comment has been collapsed.
I really would like to know, how that site get's past Steam authenticator? I understand it's a fake Steam login, so once they get someone to log in with their Steam data, they basically know their usersname/password. That still doesn't explain how they get past the 2-factor authentication, though. Also, since it's a fake login, could we just feed them random username/password combos to drive them crazy?
Comment has been collapsed.
You give them your authenticator code when you log in to a site like that.
Comment has been collapsed.
I think, since Steam Guard code lasts few seconds, the site logs in "somewhere" immediately after receiving the data still using the same code.
Comment has been collapsed.
Sorry, who thinks about logging in with their Steam credentials to a website that isn't Steam? Are people that desperate to get 1 free game?
Comment has been collapsed.
I don't think you understand how it looks like from the perspective of a person who isn't cautious. You go to some webpage, see a "Sign in through Steam" button, click on it, get a page which looks almost exactly like Steam login page (but isn't one), after you input your login and password you get a popup asking for your mobile authentication code and that's it - your account gets stolen.
So basically the answer to "who thinks about logging in with their Steam credentials to a website that isn't Steam?" is "everyone who logs in through Steam to SG / BLAEO / achievement trackers / trading sites, etc."
Comment has been collapsed.
I might be wrong but logging into other sites using Steam never requires the authenticator code.
Comment has been collapsed.
It does. You can try logging to Steamgifts from a private browser window if you want to see it yourself.
Comment has been collapsed.
Ah, I'm always logged into Steam in my browser hence I don't get the authenticator code request. Damn, that pretty evil.
Comment has been collapsed.
Still, you just need to check if the URL says "store.steampowered.com". That's why I said "to a website that isn't Steam".
Comment has been collapsed.
They really want me. They are constantly sending me this message. HA!
Comment has been collapsed.
This is the message I have gotten from an SG member, whose account has been hacked too. I am showing this message just to warn everybody that if you receive that message, DON'T PRESS THE LINK
Comment has been collapsed.