Since yesterday new wave of phishing attack spreads through Steam chat.

Works similar to previous attacks:

  • friend sends you message with link and information about free game
  • link leads to fake Steam log in page
  • logging in compromises your account, so that you're unable to log into it again
  • now-zombie account sends the same message you get to all your Steam friends, fishing for more unwary users

Do not click on any links, that are sent with this message:

1 free game for new users!
take the game you want!
....://spindatgamex(dot)com / rolldatgamexx(dot)com / spindatgamexx(dot)com / takedatgamex(dot)com / christmasskin(dot)fun

Or this:

Hi, can you spin this roulette <LINKREMOVED-JUSTINCASE> ? If GTA V, PUBG or CSGO falls out, I can buy the key from you. Try it, it will take no more than 30 seconds. You go -> press the ROLL button, a free game falls out -> you take the key and write to me) Well, or you activate the game on your account)

1. Can SteamGifts support staff can help me to recover my Steam account?

First of all we're unable to help you, as we're not connected with Steam Support.

All we can do is suspend your SteamGifts account on your request, so it won't be possible to do any harm here - see keys from ended giveaways, change e-mail, spam discussions, make fake giveaways etc.
You can request to be suspended under 1st post of this PSA. We will suspend you for number of days listed in your request, or give permanent suspension, if you prefer. You can write unsuspend request when you recover ownership of your account, to use SG again before suspension runs out.

If you don't want to suspend your account and have active / not claimed giveaways:
It is not possible to see keys from active giveaways. But when giveaway ends keys are available on /created page. That's why you should click on Modify link next to the key, copy it to secure place (such as txt file) and exchange it with gibberish, or already used key. That way no one, except for you, will be able to see them.

2. What to do when I was phished?

  1. Write to Steam Support, explaining situation
  2. Attach proof of purchase(s) that are connected to your account:
    • keys activated on account from bundles
    • keys activated on account from retail shops
    • receipt of buying game on Steam with credit card
    • steam wallet codes
    • photograph of boxed game code activated on Steam
    • more information here
  3. Wait for reply, it should take 2 - 3 days to recover account, if you manage to provide all necessary information

3. How to avoid being phished in the future?

When link redirects you to "Log in with Steam" page (same is true for log in with Facebook, Twitter etc) never write your credentials there.

  1. Open log in site on your own, by writing known address or using google. In case of preventing Steam phishing:
    • steamcommunity.com
    • store.steampowered.com
  2. Log in using your credentials
  3. Go back to site which required you to log in and refresh
    • if you're logged in your Steam account, and see green button "Log in" you're free to access website.
    • if refreshing did not remove request to provide your credentials - it's phishing attempt.

4. Anything I can do to help my phished friend?

To avoid further spam of phishing messages you can block communication with friend. And unlock it, when friends regain access to account. That way you don't need to remove user from friends to stop seeing messages, and don't cut ties with them.

As pointed here it is possible to report compromised Steam accounts.

You can also report sites, which are used in phishing attempt here:
https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
https://app.webinspector.com/
https://submit.symantec.com/antifraud/phish.cgi
https://phishing.eset.com/report

Thanks for notice, Nask


1. Do not create new threads about this issue

We don't need to spread information and updates about this attack in multiple threads. It makes it hard to follow current state of situation.

That's why I will close all other threads about this matter. You can inform other users that you were attacked in this thread. No reason to create separate thread for every case.

Also please, don't create new threads in case of future attacks. Stick to posting all relevant information in thread created already by other user.

2. Do not accuse others of being "scammers", as they sent you link to phishing site.

They are victims of this situation, not attackers.
Do not write user reports on them

3. Do not create spam / mocking threads about this issue.


You can post any relevant information here, such as changes in phishing message, change of phishing site address, tips how to recover account, and discuss it in general. I will update this post in my free time. I do not like to cut ongoing discussions in other topics, but it is necessary to keep all information in one place.

Previous PSA posts about this attack:
https://www.steamgifts.com/discussion/HWhcX/psa-accounts-being-hackedphished-in-steam
https://www.steamgifts.com/discussion/TioOP/danger-careful-with-1-free-game-for-new-userstake-the-game-you-want-https-spindatgamexc-no
https://www.steamgifts.com/discussion/GCxxD/a-wave-of-steam-scams-beware-to-not-lose-your-account
https://www.steamgifts.com/discussion/xc8jE/i-fell-into-the-hack
https://www.steamgifts.com/discussion/cnNgf/definitely-not-clickbait-easy-steps-to-avoid-the-next-phishing-attempt-on-your-pc#oRnNU7W

1 week ago*

Comment has been collapsed.

3 Friends already got hacked, keep your accounts safe ppls

1 week ago
Permalink

Comment has been collapsed.

4 now

1 week ago
Permalink

Comment has been collapsed.

What i don't undestand is how people with that much games are getting pished so easily.
I mean, we all know all those stuff, right?

1 week ago
Permalink

Comment has been collapsed.

it's +1 mate

1 week ago
Permalink

Comment has been collapsed.

I mean, doing it for the sake of being able to follow the event with the statement of "This really phishes me off" is legitimately tempting. Probably not worth the stress involved, though. Probably.

1 week ago
Permalink

Comment has been collapsed.

Underrated comment. So, did you?

1 week ago
Permalink

Comment has been collapsed.

Underrated

so very true!

1 week ago
Permalink

Comment has been collapsed.

Just a note, it is not a new phishing method, taking over accounts using fake login site and then turning those accounts into bots for further attacks was pretty standard method of attack few years ago.

Good to know you are trying to contain it as much as SG can.

1 week ago
Permalink

Comment has been collapsed.

Pretty sure it meant "wave" rather than "type". But the keyword new just meaning the most recent one in this case.

1 week ago
Permalink

Comment has been collapsed.

Yes :P

I changed type into wave, so it's phrased more clearly.

1 week ago
Permalink

Comment has been collapsed.

Just got another message from a friend, but the link was blocked by Steam, with a message saying that it was suspected spam. So it appears that Valve is aware of the issue.

1 free game for new users!
take the game you want!
WARNING: SUSPICIOUS URL

1 week ago
Permalink

Comment has been collapsed.

Sure took them long enough. 🙄

1 week ago
Permalink

Comment has been collapsed.

Well, most of them were asleep after the weekend until like 5 hours ago :D

1 week ago
Permalink

Comment has been collapsed.

Yeah, I've got a few compromised friends who I don't want to kick and I'm hoping they get their accounts back. I'm getting the same warning now but I am wondering what it would actually take for Steam to just go ahead and block these "suspicious" links completely...

1 week ago
Permalink

Comment has been collapsed.

steam start warning about fishing link, but unfortunatle, autor of this site is changing link around every 12 hours. so new links maybe not have warnings.

View attached image.
1 week ago
Permalink

Comment has been collapsed.

a pin for this thread?

1 week ago
Permalink

Comment has been collapsed.

Good idea. Until then we can use the poor man's pin - the beump.

1 week ago
Permalink

Comment has been collapsed.

Sure

View attached image.
1 week ago
Permalink

Comment has been collapsed.

i usually don't trust men with tiny, tiny wishlists.

Sorry

1 week ago
Permalink

Comment has been collapsed.

That's not the only thing I have that's tiny ;)

Wait, that came out wrong........

1 week ago
Permalink

Comment has been collapsed.

funny thing is i was thinking just about that, writing "tiny"

like, tiny and pretty tight

1 week ago
Permalink

Comment has been collapsed.

Watches, eating popcorn in that tiny dark room

Hey, cinema, perverts

1 week ago
Permalink

Comment has been collapsed.

Check the steam family sharing on hacked accounts: Darkness😈
Sharing games to your hacker?😆

1 week ago
Permalink

Comment has been collapsed.

new url arrived (without steam warning):
takedatgamex(dot)com

1 week ago
Permalink

Comment has been collapsed.

that the only link I got a warning for , strange.

1 week ago
Permalink

Comment has been collapsed.

Edited:
I think Valve must know about this as soon as possible. Of course I wrote in the message that SITE send these messages and NOT THE USER.

1 week ago*
Permalink

Comment has been collapsed.

  1. Do not accuse others of being "scammers", as they sent you link to phishing site.

They are victims of this situation, not attackers.
Do not write user reports on them

1 week ago
Permalink

Comment has been collapsed.

And I warn the user too....

1 week ago*
Permalink

Comment has been collapsed.

Next time people on SG want to harass me about keeping my Steam account on fairly tight private lockdown...I'm reminding them about this incident.

1 week ago
Permalink

Comment has been collapsed.

How dare y...

Oh, hey dude! xD

1 week ago
Permalink

Comment has been collapsed.

Lol...hey there. :P

1 week ago
Permalink

Comment has been collapsed.

I've been public since the start and barely get any spam.

1 week ago
Permalink

Comment has been collapsed.

Meh. I'd rather protect my friend's list and mostly have people leave me the hell alone. It works out. :D

1 week ago
Permalink

Comment has been collapsed.

Having your profile private, won't protect you from getting phished.

1 week ago
Permalink

Comment has been collapsed.

Obviously, it's not clicking links that does that. But it is my opinion that having it private has cut down on the spam friend requests....which I'll take as a win.

1 week ago
Permalink

Comment has been collapsed.

Just got this message when I logged in from another friend:

So there is more than one phishing scam going around I guess?

View attached image.
1 week ago
Permalink

Comment has been collapsed.

People were listing a couple websites in the 50 threads that popped up yesterday. So I assume there were variations, yeah.

This one specifically though, I'm pretty sure I saw someone mention one that looked exactly like this (same list of games they wanted to buy even I think) a couple months ago.

1 week ago
Permalink

Comment has been collapsed.

Isn't that like the previous attempt? It's sounds oddly familiar and old to me.

1 week ago
Permalink

Comment has been collapsed.

This is from the latest phishing wave, it is several weeks old. Apparently someone fell for it pretty damn late down the line…

1 week ago
Permalink

Comment has been collapsed.

lots of fun this week!

View attached image.
1 week ago
Permalink

Comment has been collapsed.

1 week ago
Permalink

Comment has been collapsed.

...

please, Mully...
(how to say this...)

whatever might happen, try hard, very hard, to never delete your account

obviously not talking about phishing.
+<3 (tons of it)

1 week ago
Permalink

Comment has been collapsed.

Just answere here for my friend Valex "i'm not sure if it's just based in you having a poor grasp of English" well valex never make joke of someone who type/talk english bad cause he know another language what about you guys from USA?

1 week ago
Permalink

Comment has been collapsed.

steam has flagged the url(takedatgame) as suspicious, kinda late but good enough.

1 week ago
Permalink

Comment has been collapsed.

Hade one on my friendlist spam this, I blocked his coms for now until I see he's back

1 week ago
Permalink

Comment has been collapsed.

one of my friends got hacked

1 week ago
Permalink

Comment has been collapsed.

Gotten 7 phishing messages so far on Steam. I'm unfriending anyone who does since who knows if they will ever get their account back :(

1 week ago
Permalink

Comment has been collapsed.

It's really sad that we still have to warn users about such things...

1 week ago
Permalink

Comment has been collapsed.

Thank you, pal for warning us.

I almost fell on this yesterday...because I received from a reliable SG friend...

and the messages continues...

View attached image.
View attached image.
1 week ago
Permalink

Comment has been collapsed.

I hope this gets resolved soon for the sake of everyone who's been hacked. =( To anyone who was hacked and was on my friend's list, I've unfriended/blocked communications until this is resolved. Please tell me if you recover your accounts when this is over if you want to be friended again!

1 week ago
Permalink

Comment has been collapsed.

It could happen to anyone... Even the best of us. So sad that some people have the need to act superior. I am glad to be a member of Steamgifts and be well informed about such things.

1 week ago
Permalink

Comment has been collapsed.

It could happen to anyone... Even the best of us. So sad that some people have the need to act superior. I am glad to be a member of Steamgifts and be well informed about such things.

1 week ago
Permalink

Comment has been collapsed.

No, it can't "happen" to everyone. This is not a disease or accident, one has to click on a very scammy-looking url, then log in. A super old trick in the book.

1 week ago
Permalink

Comment has been collapsed.

Fair enough... I have never experienced such a thing before and wonder if I would have fallen for it in a weak moment. But I did say "anyone", not "everyone"

1 week ago
Permalink

Comment has been collapsed.

In this context they mean the same - if it can happen to X, Y or even Z then it can happen to all of them (Not at the same time. But similarly - pick any person on the earth - they will die eventually. And if you can pick any single of the 7B people and they will die, you can say that everyone will die.)

And after the nitpicking, sorry for the nitpicking. It's just such a shitshow again, and again a super simple scam - even the "steamcomnunity" old one was a lot better, at least they tried to look legit, and not promising free games with such a ridiculous url they are using.
Phishing is the classic scam that needs one not to pay attention, and the users prevent it completely, simply by reading the message before clicking, or asking back (this is even a mass bot-spamming phishing wave for crying out loud, not Hackerboi69 writing from your best friend's account and doing actual discussion).

Sorry for you getting the rant, it's just making me kind of upset when people say "it can happen to anyone" while it only happens to the "anyone" who doesn't pay attention. That is not anyone then, but the careless. And as we are not inherently careless forever, one can learn from it, and then next time people won't fall for this (one can dream that people will learn critical thinking and thinking for a sec before acting). I just really deeply believe that one can get better, move forward, learn, more emphasis should be on the fact that people fell for this because of their own behaviour, but they will not for the next time - instead of being stuck at the poor victim narrative that usually happens. It really sucks and I absolutely hope the best for everyone affected, but we should learn from it instead of pity-pampering, that happens way too often with-around scams.

1 week ago
Permalink

Comment has been collapsed.

I wasn't pity-pampering, I was being sympathetic. I think people can learn from their own mistakes without being hounded by the community. If I had fallen for this scam, I would have felt like a fool and I would have no need to be told that I deserved it because of my ignorance. We are all smart for that which we know and we are all stupid for that which we don't know and in this way we are all equal. Steamgifts is a kind and helpful community and I would like to keep it that way. And, I still believe that anyone can be fooled, duped or scammed at any point is our lives... nobody is above that, no matter how smart we are.

1 week ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 1 week ago.

1 week ago
Permalink

Comment has been collapsed.

Now they are using different links simultaneously.

1 week ago
Permalink

Comment has been collapsed.

Hey can you message me on steam? I have a favor to ask

1 week ago
Permalink

Comment has been collapsed.

did you get your account back? how long did you have to wait? I'm still waiting for a reply from support. The guy in control of my account changed my email and everything so it only let my file my support request under "forgot password"

1 week ago
Permalink

Comment has been collapsed.

Took me less than a day. Support responded to me this morning.

1 week ago
Permalink

Comment has been collapsed.

Aww thats not fair. I sent my ticket at 3:20pm yesterday and its going on 8pm now. Still no reply for me. What was your help request labeled as? I'm hoping mine isn't one of those categories they take forever to respond to. Congrats 2 u tho.

1 week ago
Permalink

Comment has been collapsed.

Gotten so far 40-50ish messages from you script/bot for three? different sites. Golly i'm starting to want try those, 50 free games is quite swell already!

First time remember this happen to a person from my friendlist. account was returned just in few hours. o.- Second time it happened to a person working on IT security. Seriously i was bit baffled back then so if you feel bad for tumbling on it you can always say that some person working at IT security did too. o.o'

But all in all remember all account returned so far and they could continue their jolly paths on Steamlands so would expect you have control of your account today.

1 week ago
Permalink

Comment has been collapsed.

Looks like Revved got his account back as well. Go steam support!

1 week ago
Permalink

Comment has been collapsed.

Grats on getting your account back. Steam seems to be on the ball with this. Love them or hate them, they didn't take all that long.

1 week ago
Permalink

Comment has been collapsed.

Is there anything I can do to help those whose account got hacked? I'm pretty sure one of my friends are a victim to this.

View attached image.
1 week ago*
Permalink

Comment has been collapsed.

Go to the person's steam profile and click on the More down arrow tab and report account as being compromised stating why. Steam are getting lots of messages from people currently undergoing this problem so they will be well aware of this issue.

1 week ago
Permalink

Comment has been collapsed.

That's helpful, Thanks, I went and did that for my friend that's been hacked.

1 week ago
Permalink

Comment has been collapsed.

Thank you! I was unaware I could do that!

1 week ago
Permalink

Comment has been collapsed.

bump!

1 week ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.