This is happening to me for 2 days now. I just block them.
Comment has been collapsed.
Same here, I just block them and add their profiles to a list of profiles to ban on my group :P haha
Comment has been collapsed.
Rather than a Feature, its more like a Data Breach for Hackers/Scammers to use towards Small Minded Steam Users and we know how many of Steam Users are quite small minded clicking these Links and complain & Deny their Faults.
Comment has been collapsed.
That has always been a feature of the new chat, at least I only get messages from bots I trade with. I guess it's related to trade offers being chat messages these days, they can't figure out a system that allows offers but not random spam.
Comment has been collapsed.
Makes me wonder how are they even doing it as I can't seem to see any of these new options.
Unless I have to sign up to the Beta Client ?
Comment has been collapsed.
The chat came out of beta ages ago already. It's done via Steam API no doubt like everything else bots are doing. The only part that has changed is Steam allowing to send messages to users who are not your friends.
Comment has been collapsed.
Christ did noone at the BETA foresee this consequences thats Scammers/Hackers can exploit.
Comment has been collapsed.
Before you accepted their friend offer and they spammed you links. Now you accept their messages instead of blocking and they spam you with links. This on top of them spamming links to your profile comments if that's allowed. So if anything the new system gives quicker access to the block button, everything else is same old.
Comment has been collapsed.
They did, but this also means you can now contact any user without going through the friend process first. Since not everyone enables profile comments, it can be handy. That gigantic warning message in theory should be enough to not make people click on any link anyway. (And if they really do, honestly, that is just Darwinism working as intended.)
Comment has been collapsed.
This is alarming indeed and I have blocked several such scumbags which attempted to scam me with malicious links by this new Steam chat in the past couple of days. It is also preposterous that people who are not part of one's Steam friend list, can contact and drop links or messages. I have no idea what's Valve doing these days. They ban shovelware on a daily basis now, but allow thieves and scammers to contact whomever they please by the "brand new" chat system.
Comment has been collapsed.
Expect more in the future from other Hacked accounts from people who actually accept the message and click the link
Comment has been collapsed.
Had to block another one now. As always, updates of any kind have to eff things up initially. It's the patch of the fix of the bloody update that finally allows users to enjoy some degree of progress....
Comment has been collapsed.
Perhaps. But this Steam chat exploit has to be addressed since that's the cause of this whole debacle.
Comment has been collapsed.
I had to block 10 more scumbags since my last reply here. Even if it's related to the Steam groups, this exploit is the new chat system's fault. Why do most "updates" today have to be one step forward and two steps back? Isolating our Steam accounts is not a solution!
Comment has been collapsed.
2 today so far, 10 min apart from eachother. Several since September.
Comment has been collapsed.
Even the scammers don't send me messages.
Comment has been collapsed.
Haha, same for me.. But I intentionally keep it low profile and I'm not sad about it. :D
Comment has been collapsed.
Yeah, I was just kidding. I'm happy no one is bothering. Well, was happy. Received a message a few minutes ago. I'll just block it. Won't report cause maybe it was someone from here.
Comment has been collapsed.
Or you could do what I do. Allow the message, check that it's a scammer scumbag slimeball jerk who is trying to scam you, report them, and then block them.
It's a bit more work, but it includes the satisfaction of fighting back. )
Comment has been collapsed.
Proactive, non-confrontational, passive, I like it.
Comment has been collapsed.
I've almost got it down to a reflex, by now.
"Message from user that is not your friend."
(unauthorized message for the purpose of spamming)
<insert spammed message here>
(spamming of invites and messages for the purpose of marketing/scamming)
(Copy the Above) >
View Profile >
Report User >
For Spam/Harrassment >
File Report (Paste the Above) >
Block Communications >
(Close Windows)
Comment has been collapsed.
Lol, same. I wonder what it's like, to receive a message from someone.
(I'm exagerating here, but just a little :D )
Comment has been collapsed.
No don't be sad my dear friend! You get contacts all the time but you cant not see message since account is in major serious compromise, broadcasting an ip address and virus cookie!
I was trained by Nigerian Internet protection Force. I can could repair your account so to get messages of all the crazy scam attempts.. Fixing is a rare procedure and hard information only elite teams like me know. I root your settings and reboot your account matrix.
Just turn off STEAM authenticate as is secret virus cookie. Then do be sending steam user name and password..... :-)
Comment has been collapsed.
Be very careful when joking in this manner. People have been suspended for failed attempts at humor.
Comment has been collapsed.
well ... i got one 5 minutes ago a message with a link to a shady csskins sites
Comment has been collapsed.
Well, if it was my group, I'd be sure to take action right away since I would be alerted by the drop of a bat but so far, nothing has occurred, knock on wood.
And I wouldn't dare affiliate it with CS:GO or PUBG.
Comment has been collapsed.
At this level of trivialness, I'd rather call this a hidden feature...
Comment has been collapsed.
True.
It may be possible that Valve is going to fully implement this hidden feature.
Comment has been collapsed.
Still a feature. If it would be some kind of unwanted exploit, there wouldn't be any allow/block buttons to push, you would just get the message. Since trade offers are now chat messages, both must be allowed through unless blocked.
Comment has been collapsed.
I honestly wish I could revert to the old Steam chat system at this point. This "feature" is a breach of privacy and a blatant attempt of account hijacking.
Comment has been collapsed.
I just got one two of these. Steam gives us a big fat warning that the message comes from an account with whom you're not friends, so I really fail to see the issue here.
I have an e-mail (well, several actually) and anyone can write me there. I've used many phpBB and similar forums in the past, anyone could send me PMs there. I don't see how it is shocking that anyone could send me a PM on Steam too... The only remarkable thing about this is that writing to random people is a hidden feature and not a published one.
Comment has been collapsed.
I don't see how it is shocking that anyone could send me a PM on Steam too
It was not possible before and nobody really told the users that it is possible now.
Comment has been collapsed.
You don't see the issue? Perhaps not all of us want to be scammed by strangers who can't get filtered in any capacity beforehand. Perhaps I don't want malicious links in the chat window from someone I would have never even considered as more than a potential threat and liability. Sharing your email in public is a huge mistake, but it's your choice.
Comment has been collapsed.
I don't want those messages to be sent towards me at all. Is it so hard to understand?
Comment has been collapsed.
No that's quite easy to understand. But is it so hard to understand that it's the exact same thing as sending a friend request, trade offer or profile comment? You need to be able to block all of that unwanted crap to not get contacted by scambots, not just one new type of.
Comment has been collapsed.
You don't see the issue?
Well, I meant I don't see any danger here. I do get that this spam can get annoying and I understand how some people might prefer to be able to disable this. And at least Valve could work on some anti-spam solution just like e-mail providers do (but I'm pretty sure they already do, after all we only receive a few of these, not thousands)
Sharing your email in public is a huge mistake, but it's your choice.
I don't really share it in public as in "in a bot-friendly form", but e-mail addresses always end up in the wild eventually, unless you just never use them.
Comment has been collapsed.
Even when you dont use them... tested a view free mail-hoster with several fresh created accounts wich i never touched for a week...
All had spam and advertising mails in the boxes...^^ all accounts on same hoster had same mails... they resell them or share data with their partners wich use or resell them theirself...
Comment has been collapsed.
I'm not sure if it was suspicious or not in content, but yes, I got messages from an account not on my FL.
Comment has been collapsed.
Wow, interesting. I just got one a hour ago. Very interesting.
Comment has been collapsed.
huh well now i know to be on the look out but i havent gotten anything myself yet
Comment has been collapsed.
havent gotten anything yet, but ty for the warning!
Comment has been collapsed.
Just received 7 more in a span of 3 minutes between each....
Comment has been collapsed.
im getting spam messages from random accounts these last days
Comment has been collapsed.
From what I have understood most of the time these people find victims in large open steam groups, so anyone that joins groups they aren't active in should probably leave them to protect themselves - and avoid joining open and popular steam groups in the first place. I'm extremely restrictive with what groups I join and who I add to my friends, and as far as I can remember I have not received a single spam message on steam in the past 14 years.
I know some people love having those groups listed on their profile, so everyone will have to decide for themselves if that sacrifice is worth it to completely stop messages like this.
Comment has been collapsed.
i already got 2, one from a GIRL <3333333 and another from an anime little girl ^^
it seems valve is so useless they thought leeting people message you without being friends was ok, totally not a security risk, no way...
Comment has been collapsed.
How is it a bigger security risk than letting them send friend requests? Both require you to click accept/allow to see any messages and unlike friend requests, this has a giant red warning about it being a scam. Altho Steam loves to constantly warn about everything so maybe people ignore those by default.
Comment has been collapsed.
it's easier to tempt people with a direct message rather than friends request to scam, which are also overused and it's an old way to get people to click on links. they just gave scammers a new tool to play with people. ^^
i also expect some sg peasants to spam "WHERE IS KEY I WON THANK" after 5 minutes of winning. 🤷
Comment has been collapsed.
I am glad I have yet received any convo. I have not started Steam for a few days though but I used web browser to visit the site almost daily. Today though I receive a forum comment but once I clicked it disappears. It happened too quickly which I had no idea what happened.
What I did noticed happened recently is the reviews of the Steam store keeps missing. I wonder what kind of revamp they are doing in the background. . .
Comment has been collapsed.
Block is your friend. Use it like its going out of fashion :)
Comment has been collapsed.
My block list is already larger than the friends counterpart. Not sure how I should feel about this.
Comment has been collapsed.
In the Imgur Provided https://imgur.com/a/PwWLtNl
Has anyone encountered these type of random private messages recently?
I am not friends with these people and somehow they are able to send these Messages which baffles me that I've contacted Steam Support Yesterday awaiting their response.
I've blocked around 10 people by now and wonder how are they sending these private messages and why now of all times.
Was there a Steam breach? A Steam Update or something that allows you to Message people who aren't your friends?
Incase of a Duplicated Thread if someone made one, please direct me there so I can learn more.
Edit: This is now quite alarming.
Edit 2: Thx to a Developer who posted here, this is how the Scammers/Hackers are able to exploit sending messages
https://github.com/poespas/steam-force-chat
Update by Steam Support on these Intrusive Message of Scammers/Hackers using the Github exploit.
Hey there,
Thanks for reaching out to Steam Support.
To answer your question, there's a couple of different ways for a user to send you a chat message if they are not your friend. The most likely method, would be if you are in a group chat, any user that is also apart of the chat will have the ability to send you a private message. You'll be presented with the message you saw in your screenshot and have the ability to block them before actually seeing their message. I can really only encourage you to use your best judgement when receiving these messages from non-friends. If you'd like some information how to avoid scammers moving forward, check out our Trade Scams article.
To address the github script you mentioned, unfortunately Valve / Steam is not affiliated with the website in question. As such we have no way of removing content from their website.
Finally, I want you to know we absolutely value feedback from the Steam community, and I'm forwarding your comments on to the appropriate department.
Additionally, I would encourage you to share any opinions, suggestions, or ideas with the community as well, by posting on the Suggestions/Ideas section of the Steam Discussion forums.
This forum is regularly read by Valve's development team.
Please let me know if you have any other questions and I'll be happy to assist you.
Steam Support
Everyone, we must voice our concerns at the Steam Forums.
https://steamcommunity.com/discussions/forum/10/
The Valve Team must acknowledge this problem.
You can also go through Customer Support and Reddit.
Edit: 3 Seems many Groups have made Announcement of these Suspicious Messages going through around and their Admins has been kicking members and reported them to Valve and Steam Community.
Comment has been collapsed.