Yeah, going to http://screensave.eu/ drops you on a "403 - forbidden" running on "Apache Server at: s1048465-33677.pa.infobox.ru". 100% scam link. So Good Job!
Also, you can install NoScript for Firefox or HTTP Switchboard for Chrome (set it to block by default) and be able to check those suspicious links yourself.
P.S. But generally strangers asking you to click on links should never be trusted anyway. I just usually check these links so I can feel confident when reporting the user to Steam Support.
Comment has been collapsed.
Infobox is a hosting service and those crude links only tell you it's a VServer hosting provider. The only thing suspicious about that is that it's Russian, but I don't see any "100% scam link" potential there. What's hosted on that server is on a different table.
Comment has been collapsed.
Iirc it's a hotlink for a .scr file(windows executable typically used for for screensavers,but can be as dangerous as any .exe). Opening it will open up a basic empty gui window titled Form1 and run a most likely malicious script in the background that has no immediate visable effect(it might do something like upload your steamguard premission file to the attacker,letting him get full control over your account,but I couldn't confirm). An exceptional warning goes to those using a windows version below xp as .scr files would be automatically executed,meaning that if you don't have a download confirmation dialogue,merely clicking on that link would cause the malicious file to automatically execute without anything asking for your permission first.
Comment has been collapsed.
Don't quote me on this,and it's hard to find any information since those things weren't well documented back then; But I think it was fixed with one of the updates on XP's second or third service pack. Anyways,as long as your browser only tries to save the file and not to run it(and you don't decide to open it yourself),you should be safe.
As for Vista and up,I don't think this is an issue,but a similar exploit can be done with .theme files to allow remote code execution. Here's the fix patch,click on your OS to go to the relevant download page.
In general,security updates are important,as sometimes even a healthy brain can't save you(I mean,who would've thought a font file could be dangerous?). With that said,the latest version of xp with all patches applied is fairly safe and it's not critical to update it. (In general,it's always best to wait a year or so after a new OS's release to have all it's insides tested and have things that require fixing fixed,but I guess xp is a tad old now and 7 is pretty nice,so unless you're afraid of compatibility issues you probably should.).
Comment has been collapsed.
Some low levels has only one game on account (tf2/dota mostly),. but they have 2k+ hours in the game and a big inventory.
So I instablock only private guys, those are 99.999% phishers.
Comment has been collapsed.
I've been scammed by a level 64.
Profile level does not mean anything.
Comment has been collapsed.
I thought I was safe of those random adds, but since Thursday I'm getting 1/day. Hope it doesn't increase.
Just minutes after writting this noticed a random add from someone with +100 games, so thought, may be someone from SG wanting to troll, let's accept what a human can say, result:
18:19 - Elder: hello
18:19 - Elder: why you added me?
18:22 - Elder: I'm doing the laundry, you have until I return to answer. Else you will be blocked and deleted.
18:23 - hE: :D i have a problem, and you cannot helkp
18:24 - hE: have 35€ on g2a.com now but i cannot buy FIFA
18:24 - hE: dont use this bastard website
18:24 - hE: im scammed ;D
18:30 - hE: finaly... i have 35€ on G2A and i need to buy FIFA 15 35,36€ hidden reflink to g2a
18:30 - hE: that just can be a joke
18:30 - hE: xD
18:55 - Elder: cool, but that doesn't answer why you added me
19:00 - Elder: ok will delete and block you
19:00 - hE: fast pls
btw the price on g2a is 33,99€ but I was not interested on how the conversation could advance.
Comment has been collapsed.
OH, then you can pick any name as referral??? So he used a referral that didn't seem a referral, instead a sale, Fuc... bastard!!! Removed to don't help him GRRRRRR
I don't have an account, there's a way to get rid of his referral then? Deleting the cookies maybe? Anyway I don't have an account there and probably never buy there.
Many thanks for the info.
Comment has been collapsed.
Not necessarily an image. Probably a website that tries to attack certain browsers through some vulnerability that will allow them to steal your account or items or install a keylogger or something... Run steam in something like Sandboxie, don't use your browser to log into steam (if you have to log out asap), don't click on links in steam.. even if it's from a friend, copy the link then open a browser protected by something like Sandboxie and paste the link in. Don't add people you don't know to begin with...
Comment has been collapsed.
Friend of mine lost ~$75 of his favourite dota2 items thanks to the exact same link.
Tell this guy to go f**k himself.
Comment has been collapsed.
I always check their steam level and number of games before even considering accepting their friend request.
Comment has been collapsed.
Well, I'm never going to add random invites ever again.
Comment has been collapsed.
I accept these friend requests because I'm lonely and live in my mom's basement.
You never know what you're going to get out of a friend request.
Comment has been collapsed.
The only risk is when you open a suspicious link they send you. To be on the safe side just don't open any links from people you don't know.
Comment has been collapsed.
Lol, suddenly someone unknown appears and give me a link without reason, it's an instaBAN for me. Not blocking, though.
What i do always is, as soon as someone adds me, i put my own alias, so more or less i know who is he/she.
All my friends have my own alias. Examples: Random person, guy from Steamtrades, girl from pornotube, winner from Steamgifts, etc...
No problems so far ^ ^
Comment has been collapsed.
Honestly I'm suspicious of them not wanting to say what the link is to. They may as well say "it's going to give you a virus/steal your account infomation/do something else harmful to your computer or account" because that is the likely result there.
Comment has been collapsed.
the human say that it would add you with his/her first acc, that is obviously a scam attempt. legit traders don't have five thousands of accounts, or at least they don't tell you they have to switch accounts to make a trade.
oh and for the REPORT part, check his/her profile and select the little flag then fill up the form.
Comment has been collapsed.
It's been happening a lot lately. Just don'r open any link from strange people.
Comment has been collapsed.
I dealt with uninvited requests by adding a line to my profile. Anyone not taking the time to read my profile blurb (which is short) simply gets ignored. Problem solved.
Comment has been collapsed.
Its kind of weird for me. I never used to have any problem with unwanted invites but then a month or two ago I made a joke over here about how I get no invites and poof I'm being spammed with invites ..... FML ...(T_T)
Comment has been collapsed.
Lucky you .... I started getting at least 3 or 4 invites a day average and most of them with private profiles with me having no idea who they are (never played recently with them and no friends or groups in common) ... Finally had to change my profile description blurb to say that I'll ignore any invite from ppl I don't know ... gg scammers ...
Comment has been collapsed.
I suggest you check each one that tries to add you and if they are level 0 with private account, report and ignore them. Don't bother blocking them because as I discovered they were still able to send me messages somehow. (blocked them, went to sleep, next morning there was 5 messages waiting for me from that blocked bot)
Comment has been collapsed.
1,315 Comments - Last post 12 minutes ago by eeev
29 Comments - Last post 24 minutes ago by Chris76de
15,398 Comments - Last post 1 hour ago by CommissarCiaphasCain
1,081 Comments - Last post 1 hour ago by Gamy7
46,823 Comments - Last post 4 hours ago by FranckCastle
1,408 Comments - Last post 6 hours ago by Conti
38 Comments - Last post 8 hours ago by BattleChaing
56 Comments - Last post 4 seconds ago by Swordoffury
95 Comments - Last post 39 seconds ago by samwise84
6 Comments - Last post 4 minutes ago by IbetheTOP
319 Comments - Last post 5 minutes ago by Dante9K
124 Comments - Last post 7 minutes ago by 13ADxXxGAY
15,140 Comments - Last post 12 minutes ago by gonsi
523 Comments - Last post 14 minutes ago by EvaUnits
Hi there, I start this topic to ask you for advice. three days ago three different steamusers tried to add me and be my friends (and I was invited to a new steamgroup but I think there is no risk on that). I didin't accept them till now, and one of them has written me this:
HE/SHE: hi
ME: hi
HE/SHE: need this item? http://screensave.eu/jpg/(partially removed for your own security) - screen
ME: sorry, cant remember you
HE/SHE: check screen, if u need this item i add u from my first acc
ME: sorry, can't open it (I made up this lie for precaution)
ME: what is it?
ME: I cant tell you 'cos cant open it
ME: sorry but if you dont answer i'll have to block you
HE/SHE: (didn't answer)
What do you think? was he or she trying to scam, betray, hoax me (I don't know the exact word for it)
I haven't tried to open the link, don't know if it is risky, in fact, don't think so, but just in case...
I know how to BLOCK but how do I REPORT?
EDIT: I blocked this and the other two strange accounts that added me, as one of you said, they have very low profile levels. Apart from that I adviced their friends (they seem to be normal people who accepted their friendship invitation) about the possible risk of trading with them.
Thanks for your answers!
Comment has been collapsed.