is this a good idea?
No, there's already a buttload of threads about it that are spreading awareness. Putting together a big list of people who fell for it would just be name and shaming. Including who you mentioned, I don't think it's right to call anybody out like that if it's not necessary
Comment has been collapsed.
i don't think there's anything to be ashamed of, we are all humans and we make mistakes, i do however think it's important to let people know who got phished so they can be careful, if this helps even 1 person avoid the hassle of recovering his account, this thread was worth it.
Comment has been collapsed.
I wouldn't think there's anything to be ashamed of either, these kinds of scams are becoming more sophisticated by the hour, but given that some users seem to go out of their way to bemoan the alleged "stupidity" and "lack of common sense" of the victims (showing off their pretty tasteless and risible superiority complex in the process), unfortunately I think naming all individuals in one place would do more harm than good at this point, especially as general awareness of this newest ruse has spread quite a bit now.
Comment has been collapsed.
It isn't really name shaming, but it does fall into the category of calling out, which in and of itself, is against the rules here.
Comment has been collapsed.
Vader was scammed too. Palpatine gave him a false promise to save his beloved. Boy quickly fell for it. He wasn't Vader until he lost everything but it all started with a scam if that matters.
Comment has been collapsed.
"of course sensible thing is to click and see the website" lol
Comment has been collapsed.
in case if someone wanted to test their knowledge about phishing
somehow Google create some test for phishing
https://phishingquiz.withgoogle.com/
Comment has been collapsed.
But it sucks. Some emails seem reall legit if and only if you know the sender and hes real. There is no way to distiguish real from phishing (for some of the mails) without having backgroundknowledge.
Apart from that it boils down to
Hover the Link and check the domain
Don't open attachements of unknown origin.
Comment has been collapsed.
There's no reason to create a list of compromised accounts because if anyone comes here and sees this page, they won't click the link from anyone anyway, so a list would be fairly pointless. At least for awareness, I guess you could create a list if you are just curious of how many SG users encountered this.
Comment has been collapsed.
Because we really needed one more thread about this, just in case someone missed the other half dozen?
Comment has been collapsed.
we definitely didn't need another one, i do think this one is a tad different, it helps people avoid future phishing(hopefully), with knowledge and tips.
Comment has been collapsed.
Take a look at this:
https://forums.steamrep.com/pages/hijacking/
it's been helpful to understand the methods.
Comment has been collapsed.
Replace "standards" with "threads":
Comment has been collapsed.
Phishing Quiz 5/8 correct. Thanks for sharing the PSA
Comment has been collapsed.
Well, I'm going to be THAT girl. I am after getting this scam message too from a friend who has his account stolen.
Clicking links for random giveaway sites that you don't recognise even if it's from a friend is pure desperation for more games. I'm not going to call you stupid, because it could happen to anyone... BUT... how much do you really need that +1. Even if it was legit, the likelihood of it being anything more than achievement spam is soooooooo small.
For the love of all that is good, don't risk your accounts for some random shitty game. If there's something going free for real, someone is going to post it here on SG, or one of those known sites or steam groups that informs people about freebies.
Comment has been collapsed.
It's not just +1. The site is promising AAA games. but offering them for free is an obvious red flag.
Comment has been collapsed.
Even so. The 1 in a million chance of getting an AAA game from a potentially legit random-never-before-heard-of site isn't worth the risk. I only hope people learn from this. :(
Comment has been collapsed.
The site has a fake raffle and shows you that you won an AAA game and then offers you a link to a fake "login via Steam" to claim it.
Comment has been collapsed.
Aye, but... you had to click it to find that out. My point is not to check them out in the first place, not without googling it if you're really that tempted. I dunno, maybe I'm just a naturally paranoid person, but that's just me. ;)
I am subscribed to a steam group or two that informs me anytime there is a legit freebie. There are a few of these groups. I encourage people to just join one and go by those. They generally catch all the good ones.
Comment has been collapsed.
Also that game-site has such a cliché scam-name, it's a huge red flag
Comment has been collapsed.
Comment has been collapsed.
Got Fished, clicked and logged in quickly on the first notification from my friend, didn't wait or think or look as to the login area.
The amount of threads I've seen over the last two days and the lack of speed on Steam's side to recover accounts leads me to believe there's a lot of us. Maybe this will help steam change its policies from just notifying changes to your account to actually VERIFYING THEM WITH YOU.
Comment has been collapsed.
well, i woke up this morning getting 7-8 messages from a friend
1 free game for new users!
take the game you want!
website name.
of course sensible thing is to click and see the website(never login though).
figured it was another fishy wishy website, entered discussions and saw couple of threads about it.
so let's have it organized!!
if you are unsure about an account getting hacked/want to report a user getting hacked/just want to see how many people fell for this
obligatory giveaway(i don't think darth vader would ever get scammed, do you?)
p.s a tip for everybody, if you want to never get phished, ONLY login from https://store.steampowered.com/ and only from there, if you want to login into a website use your logged account, if it still requires your login credentials, move on buddy.. move on.
edit. credit to Jinkujaku(i didn't know about this), https://phishingquiz.withgoogle.com/ test your phishing knowledge.
edit2. apparently this is considered calling out(against site rules), i deleted the person that got phished.
edit3. credit to acexavier, https://forums.steamrep.com/pages/hijacking/ more information about phishing.
Comment has been collapsed.