Sure thing. It was actually pretty stupid on my end. Got an iffy message from an account that did not seem as a bot... I guess I was too sleepy atm but I went online typed the site name (did not click the link so that whole site is a fake) and thought I was logging through steam. But, it was a replica of the login page and my pwd got stolen... the weird thing is that they were able to bypass steam mobile guard authenticator. After that, they changed phone, pwd, and removed my steam guard. Since the market closes on any changes, they were unable to transfer anything and Steam helped me get my account back on a couple hours. So, everything seems fine now.
Comment has been collapsed.
That's pretty nasty! So much for the Authenticator being of any use to you!
Comment has been collapsed.
Mobile guard authentication works by generating a token which is only valid for a short time frame (around 30 seconds? or 1 minute at most). Since you logged into the fake Steam page, you probably provided the token to the page, which it uses to log into your actual Steam account and make all those changes to your account within seconds with automation
Comment has been collapsed.
Wouldn't the email be sent stating that access was gained from another IP Address to prevent that from happening? I mean, obviously it didn't, since his account got compromised, but shouldn't it work?
Comment has been collapsed.
You don't get such mail like that, you can login from any ip address you want as long as you provide your otp
Comment has been collapsed.
I meant I get emails from Valve stating that access was attempted on my Steam account from a different IP Address (Russia, usually), using my proper Steamname and password. I get them from time to time, but not too often.
Comment has been collapsed.
everytime i run VPN... seems only to apear when IP says you changed country or something like this...
my IP changes every 24hrs or when i want to... i would get spamed with these mails... :P
Comment has been collapsed.
They don't send them. That's the evilness of "2FA": if weird shit happens, you're not even notified because providing the OTP gives Steam something they consider as an ultimate proof of confidence that everything is fine. Even if you've always connected from USA and suddenly pop up with a Chinese IP.
Comment has been collapsed.
I don't know the details, since I have never run into such cases, but here's probably the sequence: https://www.steamgifts.com/go/comment/98tn9Rx
Comment has been collapsed.
Thanks for a nice laugh :D
As nhahtdh already said it's definitely not done by humans ;)
Comment has been collapsed.
which is only valid for a short time frame (around 30 seconds? or 1 minute at most)
Code is valid for only 30 seconds, that's correct, but Steam actually accepts any code generated within 30 before (and probably after but I didn't check that) from current time, which in reality makes it up to 15 minutes from now. I verified that while doing some ArchiBoT tests.
Don't ask me how stupid it is, I'd get suspended for excessive usage of swear words. It's enough to say that Steam's 2FA is a big fat joke and it's actually much less secure than SteamGuard code sent on 2FA-protected e-mail.
Comment has been collapsed.
I've read a day or two ago about this new scam where they code the "log in through steam" popup directly into the website, it's not a real popup at all... so you think "oh it's safe steam will just push oauth to them" but in reality you're giving them directly user/pass/otp and are not even on steam!
Comment has been collapsed.
Not sure if I got what you meant, but it's definitely not possible to send the credentials with one click of the button.
What most likely happens is that the site has a "log in through steam" button, which once clicked redirects to a phishing site that looks like Steam. Instead of the usual, "confirm and go" button you'll get the prompt to reauthenticate (which does happen at the actual Steam site too). If at that moment you actually provide them with their password the bot/hacker behind it logs in, then you get the prompt for the code from Steam, which you think you need to log in, but actually is used by the hacked to log in.
If you actually meant this though, then you're right :D
Comment has been collapsed.
That's what I meant basically but INSTEAD of sending you to another site, they create an illusion of steam popup embedded into their existing website. It's a new thing. So you don't have a warning "no locket, not a good address" because everything shows up as it should, as if you were on steam for real... but it's just a picture :(
Comment has been collapsed.
Yup, I got the link from 2 affected people and checked out what it was. If I didn't know better, I could easily have been fooled by that popup.
Comment has been collapsed.
Classic bait. Why people even click at a link from people they don't know is beyond me. Just got a chat message from a random person that didn't look like a bot, also with a link. I still have my account.
Comment has been collapsed.
there's a difference between posting "to all my friends" (and that still would be slighty out of place) and making a PSA like you're jesus
but hey wHaT aBroNY thiNg tO sAY sorRy I cAn'T UnDERstAnd HerP dHerp. you forgot to make a dozen of "brony" or "mlp" mentions in your bullshit
Comment has been collapsed.
some page asks for steam login...?
well, go to official steam page, login there and reload the page that asks for your data... if it still asks for login it's fake...
this is a rule you should use for every system that allows 3rd party logins...!
Comment has been collapsed.
yes, that's the safe part...
when you are loged into official steamsite any other 3rd party site only asks to "confirm" and never for "login details"...
Comment has been collapsed.
Please be aware that SG member Nabu has been hijacked..
If you are friends with him and receive a link to anything do not click on it..
https://www.steamgifts.com/user/nabu
https://steamcommunity.com/id/kelma85/
Comment has been collapsed.
Yep. I just made a thread about it as well. This sucks! :(
Comment has been collapsed.
This is one of those areas where I'm glad I have no friends! 👨🏻ζ༼Ɵ͆ل͜Ɵ͆༽ᶘ ( ͝° ͜ʖ͡°)
Comment has been collapsed.
I am not sure whether I am affected or not . I have Steam Guard Mobile Authenticator(SGMA) on for ages.
But now I am concerned about one issue. I always had to access SGMA for confirmation for any trades or transactions.
Just now when I tried to sell an item in market, as usual I went for confirmation on my SGMA but I didn't see item in the confirmation list. Checked the sell listing and the item was already listed there. Tested 3 times... item gets directly listed on market without SGMA confirmations
I don't remember changing any settings at all. Has Steam changed any setting.. or settings got reset after updates? Or is my account compromised?
Is anybody having similar problem?
Comment has been collapsed.
Steam has recently changed its policy for trade items that are worth < 1$.
You don't need to confirm these trades any longer.
https://www.steamgifts.com/discussion/viEkp/items-under-1-no-longer-require-confirmation-on-steam-market
Comment has been collapsed.
wow, didn't notice that
I was thinking I had already accepted it, but had forgotten that I did it
but this is a good change, as accepting them all the time was really annoying
Comment has been collapsed.
I rarely get messages just a few weeks ago was the first time I ever got spam PMs but the fact Steam's website will frequently log me out or give me a false flag logged out (In which it says I'm logged out but if I refresh It was an error) worries me.
I always double check the url even open the sites elements to make sure I haven't been redirected to some phishing site.
But when it comes to clicking links or connecting to steam I avoid that nonsense.
Comment has been collapsed.
11 Comments - Last post 2 hours ago by Acojonancio
4 Comments - Last post 2 hours ago by pb1
551 Comments - Last post 2 hours ago by Warriot
104 Comments - Last post 3 hours ago by hbouma
3,110 Comments - Last post 4 hours ago by Peiperissimus
2,037 Comments - Last post 5 hours ago by Wok
51 Comments - Last post 5 hours ago by LordBork
5,691 Comments - Last post 3 minutes ago by natz777
52 Comments - Last post 17 minutes ago by CultofPersonalitea
7,918 Comments - Last post 33 minutes ago by Peiperissimus
84 Comments - Last post 34 minutes ago by Lydoman
33 Comments - Last post 41 minutes ago by Lydoman
26,406 Comments - Last post 45 minutes ago by kodonokami
47 Comments - Last post 1 hour ago by SquishedPotatoe
Hi all... as some of you may have noticed... my account was compromised last night and it sent spam messages through the steam chat. Please ignore those messages. I already got back control of my account. I am truly sorry for every inconvenience caused!
:/
Comment has been collapsed.