wow.. sorry to hear about that.
do you still have access to your account? if so, check gift / trade history to see where your inventory went.
Comment has been collapsed.
ok. report the thief, and try to provide as much proof as possible
Comment has been collapsed.
What was the nature of the phishing link? Obviously don't share the exact link, but what did it purport to be? I ask because I had a similar thing happen where someone got onto my Steam account and traded off some of my TF2 items (and oddly bought 2 keys on the marketplace, which I could resell now for a profit, but whatever). Only, I can't recall clicking any phishing links or signing in with my steam information anywhere recently.
Comment has been collapsed.
He used my steam wallet funds to buy 2 keys for $1.80 a piece on the marketplace. Now they are selling for $2.18, which would give me $1.90 back after Valve takes their cut. They are still in my inventory, though, as I am waiting for a response from support.
Comment has been collapsed.
Go to your email and there should be an unsuspected activity thing or something from Steam and their Ip address should be provided within the email
Comment has been collapsed.
Aw Idk :( It's quite weird how he didn't have to access your email for Steamguard o.O maybe he knew where you were from and changed his IP xD? Try restoring deleted emails and see if he deleted the Steamguard email
Comment has been collapsed.
Do you use hotmail :3? I never really use the other messengers, but I think both yahoo and google has them. To restore for hotmail you only need to go to Deleted and somewhere inside or near the Deleted window, a highlighted restore your deleted emails SHOULD be there :3.
Edit: For Outlook/Hotmail
Comment has been collapsed.
This is all the Steam email will say:
Dear [your email],
We've received a request to access your Steam account from a new computer
or web browser.
To complete this process, enter the following special access code into the
authorization dialog before trying to log in again:
[Authorization code]
If you did not attempt this action, please change your password immediately.
Thanks for helping us maintain the security of your account.
The Steam Support Team
http://www.steampowered.com
Comment has been collapsed.
I'd advise you to deauthorize all other computers.
Comment has been collapsed.
oh.. maybe when he told you to add his other account he provided a link to it, then you had to provide your username and password to login again. that was probably it.
edit: yeah, again. really sorry to hear that, especially with your birthday coming and stuff :/
Comment has been collapsed.
Tell steam support. Maybe they can do something. Hopefully they could restore your inventory.
Comment has been collapsed.
I've usually found them to offer unhelpful solutions and be inappropriately snarky.
Comment has been collapsed.
I'm not sure if its fixed but it says that you have 96 items in your inventory before actually seeing it. Which then goes to 0 items (probably because inventory is set to private)
Comment has been collapsed.
That is interesting that with Steamguard enabled he was able to enter your account. Raises a question if there's a way to circumvent Steamguard's authentication out in the wild.
Also, keep your inventory hidden to everyone. Nobody needs to know just exactly what you have on you.
Comment has been collapsed.
There must be some trick, because a similar thing happened to me a few days ago, and the Steamguard email was found sitting in my deleted items folder. Wasn't deleted by me and even if they had my Steam password somehow, my email password was different.
Comment has been collapsed.
I don't think is that difficult to circumvent SteamGuard, complicated yes but not impossible.
One way is to grab the cookies used to mark "safe" browser/computer, spoof the target IP, some other technical details, but not much more than this.
Another way is to grab the SteamGuard through the pishing page, but that would require that the attacker to log in at steam to trigger a email on the target.
Is possible, probably more complicated than that's the essence.
I never understood some of SteamGuard's behavior, some times I got 2 different codes after I tried to log in 2 times in 3 minutes on the other hand one day I tried to log in 3 times with 5 min between each other and receive the same code!
I think his computer was compromised and he was unaware of that!
Comment has been collapsed.
Now imagine if the lawsuit against Steam is passed and all games in the library can now be resold/traded. Not only your inventory would've disappeared, but your library too. o.o
My worst fear, realized.
Comment has been collapsed.
Yeah, okay... I'm afraid to have Steam now. I mean, literally all of the games I actually play are on Steam.
Someone hold me ;_;.
Comment has been collapsed.
Well I hope that they would beef up their customer support if that happened.
Comment has been collapsed.
Steam Support isn't really that great, to be honest. I have yet to actually encounter the emotionless monster, but there's too many complaints about it.
Comment has been collapsed.
I've gotten a few replys like this:
Hello Jason,
We apologize for the delay.
Thank you for taking the time to report this issue.
We are aware of the problem and are investigating the issue further.
This just means that they don't know what happened and it's out of their hands.
Comment has been collapsed.
They could at least say that, although the ones getting the message already know it.
Comment has been collapsed.
While a portion of customers are just fine being told the truth that X company has no recourse or solution due to any number of external factors, a lot more fly off the handle if you even hint that you cant fix their problem.
This is why you often get 12 different canned responses, all giving you no actual information.
Comment has been collapsed.
Yeah, but the ones that fly off the handle probably hate the company anyways.
Comment has been collapsed.
Probably also the part where he disabled steamguard.
Comment has been collapsed.
..
"..that was actually a phishing link to a fake Steam page.. so I entered the link and logged in"
If you're not retarded, why did you do this? He got your username and password like this, and probably a copy of your local cookie made by Steam to get past Steamguard (as in, never be asked for a code, at all).
Comment has been collapsed.
Yes, it was unwise of him to visit a phishing site. However,
"The other premise is that people who are fooled are gullible. We've heard from lots of people. That's not true. Anybody can be fooled. No matter how smart you are, no matter how much you know, there is always sombody out there who could know more than you and can exploit that knowledge to fool you in some way. I wouldn't blame the victim. That's the allure, the trap, to blame the victim."
―Steven Novella
That's something I very much agree with.
Comment has been collapsed.
Man, that hurts, thats why I don't add randoms, not worth the risk.
Comment has been collapsed.
Your inventory has a trade history. You can see what account took your items. Are you sure you didn't click a link, wich looked just like steam login page? They do that often. I always double check, that it has https in the adress. If not, I know it's a scam and type somethig inappropriate to name and password and then it asks for the steam guard! xD The hacker must be dendi...
Comment has been collapsed.
If you don't already...
use different passwords for your e-mail account vs. other things (i.e. Steam).
have Steam send the notification e-mails to a separate e-mail, not the one you login to Steam with.
Comment has been collapsed.
Looks like that when he passed you that "link", it was a false steam link where you entered your password or maybe some torjan that stole both your steam + email info when you changed it while in panic(they record your typing), if you would only changed your steam password maybe he would not get his hands in both so soon.
Im sorry what happened,also try to clean your PC as fast as you can with updated antiviruses/spyware detection software(even with trials it works).
Comment has been collapsed.
Yep, you clicked a phishing link. Gotta be careful with those yo.
Comment has been collapsed.
23 Comments - Last post 2 hours ago by Adamdoodles
46 Comments - Last post 3 hours ago by lostsoul67
202 Comments - Last post 5 hours ago by duville
28 Comments - Last post 7 hours ago by DeliberateTaco
47,383 Comments - Last post 7 hours ago by Axelflox
4 Comments - Last post 7 hours ago by Sachys
16,952 Comments - Last post 12 hours ago by Csiki
382 Comments - Last post 1 minute ago by NymCast
30,194 Comments - Last post 5 minutes ago by CTPAX001RUS
144 Comments - Last post 9 minutes ago by ithamore
2 Comments - Last post 14 minutes ago by Rosayde
17,707 Comments - Last post 1 hour ago by GeekDoesStuff
159 Comments - Last post 1 hour ago by Alpha2749
11,268 Comments - Last post 4 hours ago by vlbastos
I have no idea what happened...
First some guy added me to trade a "card" (ignored him) and told me to add his other account (he has at least 4 accounts) next thing I know I'm logged out of Steam and it says I was logged in from Ukraine and that the person entered Steamguard correctly. But my eMail account associated with Steam says the last logged in countries are only Israel (I'm from Israel, so nothing suspicious about that)
Of course I changed passwords for both my Steam and my eMail, but what the fuck just happened? and maybe this could've turned out much worse if I haven't been awake at 4:45 AM!?
Is my account vulnerable to further "damage" now!?
P.S. MY WHOLE INVENTORY IS FUCKING GONE.
I realized this might be due to phishing.
P.S.S. Luckily I have all information about said guy including his Phishing link, the profile to which he sent all my stuff... I just need to know how I can find out his IP? (Also, this is just in time for my birthday and he stole the stuff I meant to giveaway on it -__-)
Some people say this is obviously missing information.
Well, at first I wrote this post before I discovered I really was hacked and my inventory was gone, and I got more and more information after this post was opened.
I will now gladly tell you what happened, as copied from my much more informed S.Trades warning.
@#% added me and told me to add his main account. That was actually a phishing link to a fake Steam page. His supposed real account's name is $$$!$$% and if you search on Steam you will only find 2 accounts sharing that link. Well, it's pretty late at night (5 AM and I was about to go to sleep just the moment he asked me to trade) so I entered the link and logged in, some how he got through Steamguard (He did not enter my eMail, because my eMail account says it was only acessed from Israel , and as some guy suggested he did not keylog me or something because I only changed passwords about 10-20 minutes when I finally realized what happened, and I did not turn off Steamguard because that's a stupid thing to do) and a second later I have no inventory items except for 3 emoticons and all my unvaluable TF2 items.
I currently have all information about him including his profile link, his fake phishing link, a list of all my items stolen + a picture of the list to make sure. All of this wouldn't have been possible if he hadn't forgotten to freaking block me (I think he's still in my friends list).
Comment has been collapsed.