I was trying to join a steam group, and the browser had me sign in to to Steam, which seemed like normal. However, if I had looked more closely (I was till mostly asleep) I was actually redirected to a fake steam log-in site which grabbed my user name, password AND my steam guard authenticator code ><. I caught it almost right away, but by then steam guard, my phone number, and the e-mail on the account had been changed. I couldn't even lock the account out. Submitted a ticket immediately, but it took more than a day before someone even looked at it let alone tried to lock it down. It was not a good morning.
Comment has been collapsed.
I reported both the account that sent me the group invite, and the one all my gifts were sent to, yes.
Comment has been collapsed.
- it's calling out, it's against SG rules and will get you suspended. Better remove the profile link.
Comment has been collapsed.
Thank Zel, but that wasn't Marcio's intent, I just made a mistake trying to be helpful. I've deleted the post.
Comment has been collapsed.
My apologies, I was scrolling through topic quickly b4 leaving PC and must have misread comment, then jumped to conclusion because of reply, edited my comment and sorry once more.
Comment has been collapsed.
This seems to be becoming more common.
I don't use the app to authenticate, email is more secure in my opinion.
They should at least show the IP address you are logging in from on the authenticator app, that way it is easier to see that the login is coming from an IP address/domain you are not familiar with. Probably the best thing for the app to do would be to keep a record of the IP addresses used to log in to Steam, and any time you log in from one that you have not used before, to let you know so that you can double-check that it is not some foreign address and really is your current IP address.
Comment has been collapsed.
I agree, actually the exact same idea was brought up in my Discord. And the e-mail does seem more secure somehow. I use the app because it seemed more secure and faster for routine stuff. ::grumble::
Comment has been collapsed.
Email and app are similarly (in)secure if you enter the authenticator code on the fake site.
Comment has been collapsed.
^ this ^
Also, if you're already signed into steam on your browser, it will never ask you to sign in again.
Comment has been collapsed.
sometimes it asks me to relog but I think thats for a 30days expiry? I am still figuring out or because my ISP issues different IPs at times. I am lucky not to had entered a phishing site. Though at times I enter the Steam page logged in but when I refreshed I am logged out.
Comment has been collapsed.
Yeah I run into this from time to time, plus using multiple browsers sometimes I pull it up in on or the other. I stay logged in to some items sometimes. I'll just have to pay a LOT more attention.
Comment has been collapsed.
I only use 1 browser. At times I just lose the cookies I guess. And because my ISP sends out different IPs at times sometimes I run into the issue of having to provide a code to log in on sites like indiegala. Indeed we all need to be more careful. Sorry for your losses. <3
Comment has been collapsed.
Yeah, sounds like we have the same issues making us more at risk. Thank you!
Comment has been collapsed.
I'm really sorry to hear this. It's sad that there are people like this in the world who just want to steal from people and create so much misery.
To hopefully prevent this from happening again to someone else it would be nice if you sent the phishing information to Google, Microsoft and some other places.
https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
https://www.trishtech.com/2017/08/how-to-report-malicious-sites-in-firefox/
https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site
https://www.us-cert.gov/report-phishing
Comment has been collapsed.
Unfortunately I can't view the history (as far as I can tell) since it was done via the in-steam web browser ><
Comment has been collapsed.
C:\Users\yourname\AppData\Local\Steam\htmlcache
has some data in that regard. Specifically the "IndexedDB" folder, the content of which can be sorted by time and at least gives an idea about the main domain involved.
Comment has been collapsed.
I am on OSX, so that location doesn't work; however, I found the mentioned file, and like most of the other stuff it's devoid of anything but what I did since getting it back :(
Comment has been collapsed.
The Steam browser won't ask to login (again) because you're already logged on steam. And always search for the green padlock before de URL.
Comment has been collapsed.
You know Chrome removed GREEN padlock a few months ago?
Comment has been collapsed.
Besides, you can get free certificate nowadays. Padlock only means "your connection is secure, nobody can peek at it", not "this site is trustworthy".
Comment has been collapsed.
The certificate would be different from the original site, phishing sites are always "fishy". I not using Chrome, Firefox and the Steam browser both have green padlock on secure sites.
Comment has been collapsed.
I'm using Safari and Chrome, only one of which has the padlock
Comment has been collapsed.
this only happen because there isn't laws VS this garbage people.
Comment has been collapsed.
What's frustrating is that there are laws but no one wants to put the time and effort ($$$) into tracking down these people.
Comment has been collapsed.
they would need international laws and steam could give two shits about helping people cause it takes up their time and resources.
Comment has been collapsed.
I mean, I don't want to hate on support because it's not their fault and I did get my account back. At the same time though, any other place I would have my money stored would be insured in some way.
Comment has been collapsed.
This is one area where saving your passwords seems to work pretty well, I'll know a site is phishing if my browser doesn't autofill the password boxes right away.
Comment has been collapsed.
except it was the stupid steam browser...otherwise, yes, I would have noticed as well
Comment has been collapsed.
Always check the URL when you're directed or redirected to other sites.
Your browser always identify an insecure site. I use Firefox and secure sites will always have a green padlock before the URL.
Comment has been collapsed.
I think that's not allowed? But it was along the lines of "Skins Welcome"
Comment has been collapsed.
Sorry to hear that about your inventory and Steam gifts :(
However, I'd like to note that Support member's signature, which I absolutely love... Powered by coffee, Lana
Comment has been collapsed.
Screw Lana. That is a shitty policy that does nothing to deter scammers and thieves..
Comment has been collapsed.
Agreed it's a frustrating policy, but I doubt Lana makes that policy, she's just doing her job.
Comment has been collapsed.
She explains why they do not duplicate an item to restore it, but not why they don't remove items from accounts. That's just a policy with no explanation.
Comment has been collapsed.
I did which was what was in the screen shot I posted. Basically, policy since 2016 is: tough luck.
Comment has been collapsed.
I meant ask for an explanation for why Steam doesn't REMOVE the stolen items and give you a new copy of them. Or is that what you asked?
Comment has been collapsed.
Yes, correct. The answer was merely to direct me to the policy again :(
Comment has been collapsed.
Sorry for you.
I receive lot of scam attempt but always lucky to not click on this.
Comment has been collapsed.
lowers the value and scarcity? Economy?
We're effectively talking about downloads not physical copies.
It's one thing if you were asking for trading cards to be restored but game gifts shouldn't be treated the same especially if you purchased them.
Comment has been collapsed.
That's how I looked at it as well. Like, if you invalidate a key and replace a key there's no actual change. Granted Valve may not want to pay the content creator for an additional key, but you'd think they'd have extras for that sort of thing :(
Comment has been collapsed.
No, they are talking about items on the Steam market and steam gifts that are actually limited. Read it again.
Comment has been collapsed.
sucks so sorry .i wanted to ask with them changing your number how did they take all your gifts out ? would there not be a 7day thing blocking it ?
Comment has been collapsed.
Apparently not if they have your 2fa since they just send your gifts away and THEN change the info. It happened super fast so my guess is that it was scripted.
Comment has been collapsed.
Can I also just mention how I am a new member here so I bought a few things specifically for SG because I like this place and everyone seems pretty cool...so I also feel like this person/group stole Christmas (or some other kind of) presents, you know? A lot of it was extra copies of games I have or things I bought specifically for other people.
Comment has been collapsed.
Sorry your account got cracked.
If you don't mind me asking. How did you buy gift copies in the last month? Is that possible again or do you have a work around?
Comment has been collapsed.
Sorry for you Bobisbadat.
Next time when you log-in Steam account via website, recheck the URL and web certificate if you feel strange. I hope Steam can provide more ways to help user to protect their inventory(cards, gifts and so on) like the secondary password.
Everything is going to be fine, just join more giveaways you like and I wish you a good luck to win them:)
Comment has been collapsed.
Now I'll be double wary over trash group invites @_@
Comment has been collapsed.
Yes, please do. It seemed like a million others that I've never had an issue with but of course just this one time I didn't catch it in time. If it were any other browser besides stupid steam's locked down crap I probably would've been okay, but it is buggy so often that I an't tell a woking as normal bug from a scam.
Comment has been collapsed.
Yeah I was invited to a group before that was way outta the blue, decided to join but could find anything keeping me there so I left. But goodness gracious to think they could be misused like that, those invites. I'm happy for you getting your account back at least.
Comment has been collapsed.
Exactly. I'm new to game sharing communities as a whole ( I had no idea this was a thing up until a month ago), so sometimes I join groups and they are iffy but end up being okay. I just wasn't expecting that joining would be what got me :(
Comment has been collapsed.
Yeah my steam account is only about a year old since before this I had an even worse computer XD So much to learn still!!
Comment has been collapsed.
Did they change their policy? I remember getting everything back when I got hacked as a 'one-time exception'.
Otherwise, I would suggest making a new ticket, Steam Support policy differs from person to person and their mood apparently.
Comment has been collapsed.
Apparently they used to do that but as of March 9, 2016 they no longer do. https://store.steampowered.com/news/20631/
Comment has been collapsed.
They pretty much changed their policy when they introduced the steam mobile authenticator.
Comment has been collapsed.
Wow, I didn't know Steam Support is so terrible. They are saying the thieves can have everything they stole from everyone and the victim will not get anything back because market value would drop down? In other words: glory to the thieves, go f.ck yourself customer. What policy is that? Superlooterhappy policy? I am shocked and disgusted.
Comment has been collapsed.
I get their response about duplication. I'm down with that.
But if they don't have a history of people's inventories and info on who got them to get them back, then they're extremely inept for being the market leader in PC gaming. I get that they wouldn't want to give you guarantees as a legalese way of saying to not hold them accountable. But they should give it an honest try every time. It's frustrating beyond belief that this seems to be their response in the end though.
Hopefully this gets sorted out for you and I'm glad you got your account back. As others have mentioned, feel free to also add me on Steam to do what others have offered. The less of these types of low-life, scum of the Earth shithead losers we have floating around, the better for everyone. Even if it helps one person avoid being scammed, I'm all for it.
If you don't contact me, I wish you good luck with whatever you pursue about it and I hope this keeps you a bit more vigilant.
Comment has been collapsed.
Yes. The wording makes it seem like they think steam guard is infallible, and therefore if you have steam guard you're fine. Also, fried request sent on steam
Comment has been collapsed.
But if they don't have a history of people's inventories and info on who got them to get them back, then they're extremely inept for being the market leader in PC gaming.
They do have. They just can't be bothered with it since it's basically TC's fault. If it's a Steam glitch they'd act on it.
Comment has been collapsed.
Well, then they're just total assholes. Can't even just call them inept...
Comment has been collapsed.
Even thought I never got my account stolen, I got scammed pretty hard sometimes with some shaddy trades (the old trade a game and revoke it) so I can get it how you feel. Try making another ticket, maybe you get someone who isn't lazy who knows. When I got scammed there were more victims, and one whom I talked about got the stuff he traded back while they did nothing to me. even thought it was the same guy, same method, same time.
Also I am lying on some unused keys (both postals, dragon fin soup, to name something), they're not great games but I can give some to you if you want to feel better and you can activate them/give them away on steamgifts. I could even give you one of the trash steam gifts I have in my inventory to make your inventory less empty lol
Comment has been collapsed.
It's appreciated, but you should simply give them away to the community here. Most of what I had was, sadly, decent games. I really wanted to give away a couple of games I already owned and ones that I thought the community would like.
Comment has been collapsed.
Thanks. I just wish there was more accountability for the people doing this and better resolution.
Comment has been collapsed.
Sorry to hear that. I'm glad you were able to get your account back, at least.
Comment has been collapsed.
And this is why I don't belong to groups, or generally anything extraneous to my interests.
Glad to see you at least got your account back, sorry about the sg losses.
Comment has been collapsed.
Yeah I want to be in groups/communities because I like to social game (sometimes) but with the good comes the bad.
Comment has been collapsed.
this is why the stupid steam authenticator is trash compared to how blizzard's auth works.
each time you log in, you get a request in your phone, so you know for sure you put your info in an official site/app. you don't get a random number every 30 seconds that you can input in a phising site, so there's no way to get your account stolen that way.
it's probably not fool-proof, but it's x9999 times more secure than the crap valve took years to develop...
btw, sorry you lost everything. it's a pity valve showed again they don't care at all about customers.
Comment has been collapsed.
Yeah the Blizzard authenticator seems much better. I've never had an issue with it (not to say other have the same experience)
Comment has been collapsed.
It would drive down the value.... pfft. If you invalidate it on the account that activated them and replaced the gifts things would be restored to the way they were. What kind of math are these people using where that drives down value. Dumbbbbbb
Comment has been collapsed.
Hopefully (ironic word tho) only the gifts were missing and you got no suspension/VAC right? That'd be a double nightmare.
Comment has been collapsed.
I don't know what suspension/VAC would look like, but I assume it would be obvious to me by now if I did lol.
Comment has been collapsed.
The problem is who does Steam support believe in a situation like this. For example, I could as a scammer login to my scammer Steam account from a new IP address, trade/sell a bunch of games game to people, then change the email address and password on the account. Email Steam support saying my account got hacked and please give me my games back. From Steam's perspective that's an equally likely scenario as what really happened to you, they can't tell the difference.
Personally I think they do a great job with account security, I'm sorry you got scammed but I don't think there is anything Steam can do about it, ultimately you have to be responsible for your own security, they just give you tools to help.
Comment has been collapsed.
That's true, the system of respawning stolen items was too easily scammable, and as usual Valve simply got rid of it instead of deciding on individual user cases.
The least they could do is to remove those items in question on the alleged scammer/hijacker account and make them vanish completely, but they couldn't care less about their rightful customers. They just don't give a damn. :(
@Bobisbadat, I feel sorry for you, that's a hard lesson you learnt, and I really hope your loss of items is somehow bearable.. ;)
Comment has been collapsed.
Dam I'm always not careful too, seriously need to be more careful now, sorry for your loses but at least it was given back (yr account)
Comment has been collapsed.
Dude, that bites.
Well, thank God it wasn't something really valuable. Some people have the title of their house stolen from them this way. P
Comment has been collapsed.
Yes, I agree 100%. So many people have greater losses, and even mine could have been much worse. #FirstWorldProblems
Comment has been collapsed.
I had similar experience one time. It was some phishing website related DOTA 2.
Their phishing Steam login page actually used an iframe to the actual Steam login page, so on the surface everything seems very legit.
Luckily I had Steam guard on, and was currently logged in to Steam.
The hacker managed to send the phishing links to all my friends, and all my friends replied to me (and so I got spammed with reply messages from my friends). That was the moment I knew my password got stolen.
I was fortunately enough that Steam guard protected my account.
If you turned on Steam guard, the hacker will not be able to trade your items away (Steam have a 7-days lock for new devices). Even if they managed to trade your items away, it should have a 1-day trade hold for newly added friends.
So I think this can be taken as a lesson learnt.
My EA Origin account once got compromised, and the thief stolen all my unredeemed gifts from Humble Bundle and Indie Royale (because I used the same password everywhere, stupid me).
Have been using a password manager since then, and turned on 2FA wherever possible.
It's a pain to authenticate 2FA every time, but. Better safe than sorry.
Comment has been collapsed.
This was exactly the situation for me, the iframe that made everything seem legit. The problem for me is that I authenticated my Steam Guard, as to my knowledge I hadn't logged in yet that day. So they traded first and then removed 2fa ><
Comment has been collapsed.
since they dont restore you items, how about those stolen item?
there should be a "log" for that and they should be able to forcefully remove it
i was scammed before and that scammer at least got market ban, what about this guy?
anyway i always use 2fa if possible, use master password and some "keyword" specific for each site so i wont forget it (or just use lastpass)
Comment has been collapsed.
The process involves various methods such as maintainng the first game cd-key you activated, history of e-mail addresses, last 4 digits of your credit card/s, possible receipts of last transaction, screencaps of inventory, gift history and a passport or birth certificate. :)
Comment has been collapsed.
Basically what Syfied said. I was lucky that I knew the exact card info and a couple of the most recent purchases.
Comment has been collapsed.
So it was my own fault and I'll own that, but my account got hacked. I finally got it back, which is great, and I really shouldn't complain. But for some reason this response really bums me out beyond the fact that all of my steam gifts were taken from my inventory. I just wanted to vent about it to people who can understand how much it sucks to lose all of their steam gifts. You'd think they could just invalidate the keys from the account that redeemed them (all the same account, all redeemed so it seems easy enough to track). Anyway, thanks for hearing my complaint.
Comment has been collapsed.