All Discussions > Steam Forums > Steam Discussions > Topic Details
This topic has been locked
cyclon ★ May 9, 2020 @ 4:16am
Trade ban bypass?
Last month one of my mates has had his account stolen. I don't understand how exactly did they manage to get access to his phone and get the password to remove the steam guard and that's not all. The next day I am getting their account back and surprise: his skins were gone. How is this even possible? Anytime I do a change in my account, removing Steam Guard, changing email, changing phone number, I get a trade ban. How could he still trade those skins?

Apart from this, I have been scammed by a bot on cs.money. I have PCProtect for mobile and there is no sign of being hacked or having malware/spyware on my phone and that is the device I used for the trade. However, the reply from Steam support is that my device was hacked and the hacker managed to duplicate the trade and that's how I have been hacked. My question is how did he cancel the initial trade from cs.money? Did he do it from my phone, because in the trade history it appears that the bot cancelled the trade, not myself.

Steam support it is useless of course, even after providing all the proof they have said there is nothing they can do, the scammer's account is still active and they will not return me my £500 knife back. Why is steam protecting these scammers?

After the lockdown ends, I have decided to speak with my local MP about this issue as I am sure I am not the only person being scammed like this. I hope they will talk about the issue in the Parliament force Steam/Valve to take responsibility about this. I can simply not accept an answer from steam support that it is my fault that I have been scammed and they won't reverse the trades, especially if the items should have been on trade ban and they have still managed to move them! If this was happening with my debit card, the bank would have given me my money back in max 2 days, no questions asked. We are talking here about items that can have a total value of £7000!?!?!

If there are any other people in UK with the same issue, please add me and write on my wall so I can show your messages to my local MP. Thanks
Last edited by cyclon ★; May 9, 2020 @ 4:16am
< >
Showing 1-15 of 19 comments
Brujeira May 9, 2020 @ 4:23am 
The answer is in your name history. None of those sites listed there can be trusted and one of them phished you.
#1
Brujeira May 9, 2020 @ 4:26am 
Secure your PC and account by doing the following steps in order:

Scan for malware. https://www.malwarebytes.com/

Deauthorize all devices https://store.steampowered.com/twofactor/manage

Change your password again on a secure device.

Generate new back up codes. https://store.steampowered.com/twofactor/manage

Revoke the api key https://steamcommunity.com/dev/apikey

Stop clicking on random links, using trading/gambling sites, etc.
#2
Brujeira May 9, 2020 @ 4:30am 
And by the way, this scam method’s been around for two years already and you still fell for it. Show this to your MP - they could probably use a good laugh at the moment.
#3
Crazy Tiger May 9, 2020 @ 5:01am 
Steam isn't protecting scammers. Valve used to return items and guess what people did? They abused it. People got remorse from selling an item and claimed they got hijacked. So it's thanks to people that those items don't get returned.

The only way to get your account hijacked is by either downloading malware (keylogger) or entering your login credentials on a phishing site, like the ones in your name history. At any rate, it takes active input from the account holder to lose access to the account.

What happened is fairly simple, actually. Log in on a phishing site and they get the login credentials. They immediatly bot that so that they stay logged in. When you do a trade, that one gets cancelled and immediately they set up one to an account made to look like the one you were trading to. Sometimes they add that account to the friend list, sometimes they don't. Either way, when the trade gets confirmed, people don't actually pay attention because the trade window will show that the other account either is NOT a friend, or has been VERY SHORTLY.

So again, it needs active inputfrom the account holder. And contrary to what you believe, it's completely irrelevant whether you do this on your mobile or on the PC.

Do the steps that Brujeira told you too, secure the account. You can go to your local MP, but since you visit off-Steam, NOT supported trading sites, it's actually you who took the risk and were in the wrong here.

Ask yourself this very simple question: Why should Steam support do much for you, when you go out of your way to NOT use the safe environment of Steam for trading?
#4
Nx Machina May 9, 2020 @ 5:46am 
No one is to blame but yourself and no UK MP will take on your cause simply because you are the one who input your details on those phishing sites listed in your profile name.history.

None of those sites are associated with Steam and Steam cannot be held responsible for your choice to use those sites.
#5
< blank > May 9, 2020 @ 5:58am 
Originally posted by ★ cyclon:
Apart from this, I have been scammed by a bot on cs.money.
- cs.money
- loot.farm
- cs.deals
- cs.money loot.farm
- cs.money
- TRADEIT.GG
- loot.farm cs.money
- loot.farm

It's almost like you're being really stupid to get scammed.
#6
J4MESOX4D May 9, 2020 @ 6:10am 
Originally posted by ★ cyclon:
|I have been scammed by a bot on cs.money. I have PCProtect for mobile and there is no sign of being hacked or having malware/spyware on my phone and that is the device I used for the trade
You used a scam site and have been scammed. It's working as intended.

Anti-malware and spyware is useless when you've already given the phishing sites your credentials. That's like having a state of the art security system on your house and then giving your front door keys to the local burglar. Your account was compromised and the API key which is used to control trades was rigged. You even confirmed the resubmitted trade to the scammers impersonating the intended target yourself.

Originally posted by ★ cyclon:
After the lockdown ends, I have decided to speak with my local MP about this issue
:lunar2019laughingpig:
#7
cyclon ★ May 9, 2020 @ 6:31am 
Sorry for all of you but cs.money is actually an official partner in the competitions organised by Valve, so if they are a scam/phishing website and Valve still works with them, than they are at fault as well. The truth is they make a lot of money from this scamming business so as long as it suits their purpose, nothing will happen.

They didn't win ♥♥♥♥ from OPSkins so they shut down all their bots instantly, no ifs or buts there. And I didn't click on any links, whenever I use the trading sites I log in by writting the name of the site, not by clicking on links. My PC and my phone are both secured with anti-malware anti-spyware software so the problem wasn't on my device!!

Still nobody came to explain how the scammers were able to trade the items in less than 24 hours form the scam... Keep on blaming the victims!
#8
cyclon ★ May 9, 2020 @ 6:33am 
Originally posted by Crazy Tiger:
Steam isn't protecting scammers. Valve used to return items and guess what people did? They abused it. People got remorse from selling an item and claimed they got hijacked. So it's thanks to people that those items don't get returned.

Mate, if you simply reverse the trades nobody would be able to abuse the system. Why did they even set a 7 days trade ban if it isn't to protect against scammers?
#9
Brujeira May 9, 2020 @ 6:36am 
Originally posted by ★ cyclon:
Sorry for all of you but cs.money is actually an official partner in the competitions organised by Valve, so if they are a scam/phishing website and Valve still works with them, than they are at fault as well. The truth is they make a lot of money from this scamming business so as long as it suits their purpose, nothing will happen.

They didn't win ♥♥♥♥ from OPSkins so they shut down all their bots instantly, no ifs or buts there. And I didn't click on any links, whenever I use the trading sites I log in by writting the name of the site, not by clicking on links. My PC and my phone are both secured with anti-malware anti-spyware software so the problem wasn't on my device!!

Still nobody came to explain how the scammers were able to trade the items in less than 24 hours form the scam... Keep on blaming the victims!

What a load of tosh. Have you checked to see if your account has an API key set up? If it does and you didn’t set it up then that’s cast iron proof that we’re right and you’re wrong.
#10
cyclon ★ May 9, 2020 @ 6:37am 
Of course it is my fault, it was a phishing website bla bla bla... After the trade went through I receive a message from cs.money that "I might have been scammed". Their bot cancelled the initial trade!!! The bot cancelled, I didin't. How was that possible, if phone was the one hacked??
#11
Spawn of Totoro May 9, 2020 @ 6:40am 
Originally posted by ★ cyclon:
Sorry for all of you but cs.money is actually an official partner in the competitions organised by Valve, so if they are a scam/phishing website and Valve still works with them, than they are at fault as well. The truth is they make a lot of money from this scamming business so as long as it suits their purpose, nothing will happen.

They didn't win ♥♥♥♥ from OPSkins so they shut down all their bots instantly, no ifs or buts there. And I didn't click on any links, whenever I use the trading sites I log in by writting the name of the site, not by clicking on links. My PC and my phone are both secured with anti-malware anti-spyware software so the problem wasn't on my device!!

Still nobody came to explain how the scammers were able to trade the items in less than 24 hours form the scam... Keep on blaming the victims!

No.

cs.money is not an official partner. They are a 3rd party site, not owned, operated or supported by Valve. They are at your own risk.

OPSkins bots were shut down due to them using an exploit to bypass trade cooldowns.
Last edited by Spawn of Totoro; May 9, 2020 @ 6:41am
#12
Brujeira May 9, 2020 @ 6:43am 
Originally posted by ★ cyclon:
Of course it is my fault, it was a phishing website bla bla bla... After the trade went through I receive a message from cs.money that "I might have been scammed". Their bot cancelled the initial trade!!! The bot cancelled, I didin't. How was that possible, if phone was the one hacked??

We see these scams every day. That’s how it works. You give your login to one dodgy site ONCE and that’s all it takes. The scammer’s bot then just sits there using your API key, waiting for you to transfer a sizeable number of skins and then grabs them.

Nothing changes on your account so no cooldowns are triggered. All your responsibility.
#13
cyclon ★ May 9, 2020 @ 6:49am 
Originally posted by Spawn of Totoro:
Originally posted by ★ cyclon:
cs.money is not an official partner. They are a 3rd party site, not owned, operated or supported by Valve. They are at your own risk.

They are official partners in competitions sponsored by Valve, cut the bullsht!
#14
cyclon ★ May 9, 2020 @ 6:50am 
Originally posted by Brujeira:
Originally posted by ★ cyclon:
Of course it is my fault, it was a phishing website bla bla bla... After the trade went through I receive a message from cs.money that "I might have been scammed". Their bot cancelled the initial trade!!! The bot cancelled, I didin't. How was that possible, if phone was the one hacked??

We see these scams every day. That’s how it works. You give your login to one dodgy site ONCE and that’s all it takes. The scammer’s bot then just sits there using your API key, waiting for you to transfer a sizeable number of skins and then grabs them.

Nothing changes on your account so no cooldowns are triggered. All your responsibility.

For every skin traded there is a 7 day trade ban!! The ♥♥♥♥♥♥♥ bot moved the skins in less than 24 hours, what don't you understand?
#15
< >
Showing 1-15 of 19 comments
Per page: 1530 50

All Discussions > Steam Forums > Steam Discussions > Topic Details
Date Posted: May 9, 2020 @ 4:16am
Posts: 19
Start a New Discussion

Discussions Rules and Guidelines