Normally you should login with the gurad app code.

What does the sms say its about?
Its unusual.

Publicado originalmente por Muppet among Puppets:

Normally you should login with the gurad app code.

What does the sms say its about?
Its unusual.

I've gotten the code to disable or move my authenticator delivered by sms. It's not unusual.

Hey Massi

No its not, actually its the first option of security for the steam guard, the second option is email. The steam guard is there to keep your account safe.

Publicado originalmente por Massi:

Hello i tried to log in steam i put m'y steam guard code and it sends me another code in phone , i dont have my phone rn and why it sends SMS message IS it second type of security ? ♥♥♥♥ steam

Are you sure you're trying to log in Steam. You shouldn't receive any SMS through a normal login in Steam. Just use your username/pass/Steamguard code.

Sounda like you've logged into a fake site and someone used your credentials to try move your authenticator away from your phone.

SMS is only used to setup mobile auth and for account recovery.
it is not used to deliver any guard codes, that would be insecure as SMS are basically unencrypted.

Steam uses timebased one-time passwords, totp. after being set up, your phone/app "knows" at all times which code will be valid as long as your clock is not altered.
the notifications are just triggered by a push mechanic, not actually transmitted.

Publicado originalmente por shiel:

Publicado originalmente por Muppet among Puppets:

Normally you should login with the gurad app code.

What does the sms say its about?
Its unusual.

I've gotten the code to disable or move my authenticator delivered by sms. It's not unusual.

Unusual it is when you get it for trying to login

I tried to login in csmoney for csgo skins , I put my steam guard code and also it asked me for sms code for more security . Maybe it's because of new pc ip adress ...

You dont need to use the steam guard for csmoney if you already logged into steam
You are not going to the right csmoney.........

Publicado originalmente por Massi:

I tried to login in csmoney for csgo skins , I put my steam guard code and also it asked me for sms code for more security . Maybe it's because of new pc ip adress ...

No... It's a phishing scam site. Follow these steps right now ASAP, don't skip any, you may have already compromise your account trying to log into a scam site.

1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey - This field should be blank

Also here some tips to educate you to become more aware of phishing site.

Publicado originalmente por Dr.Shadowds 🐉:

Here are the most common reason people get accounts hijack for any service really are as followed.
- Sharing account infomation with others. <--- Very common with impersonators, pretending to be Steam admin / support.
- Logging in on phishing sites. <--- Very common with skin gambling sites.
- Downloading / Installing Virus / Keylogger on your system.
- Using public devices that has keyloggers, such as cyber cafe, school computers, and etc...
- Storing your login credentials on a unsecured service that others has access to view.
- Using same login credentials for all your things, or using same login credentials on another service that had a data leak. Yes it does matter because even if it not related to Steam, if using same login credentials, hijackers will try to use those credentials to see what services you use with those credentials. https://haveibeenpwned.com/

https://youtu.be/9TRR6lHviQc

The type of story scammers say to you.

- "Hey vote for my team", and they link you a phishing site link, and try get you to login.

- "Hey I can't add you, please add me", and they try to start their scam with you.

- If you're friend with someone that got their account hijacked, you get scam message like, "I report you", "you been banned", and whatever to try scare you, and they tell you to trade your items to them, or if you have a login to phishing site may have a API key on account that redirect trades, they ask you to give them money, or etc...

- If you already got your account compromise by them, they change your display name to banned, or whatever, your display picture as well, they may delete your friends, and try to spend your wallet funds if you have any, also trade all your items, but if they see if you have mobile authenticator attached, they play their scam to get you to confirm the trade to get your items off your account to their account quicker if they're able to trick you into confirming the trade.


I show you few examples.
https://steamcommunity.com/sharedfiles/filedetails/?id=2329645315
https://steamcommunity.com/sharedfiles/filedetails/?id=2570975058

https://youtu.be/JuWHCBeZrqI
https://www.youtube.com/watch?v=kook1DlxDAw
https://www.youtube.com/watch?v=0DDnV-MHSaY
https://www.youtube.com/watch?v=WfTXxLraokE

https://steamcommunity.com/discussions/forum/1/4956744526904317093/#c4956744526904653890

Publicado originalmente por Muppet among Puppets:

Publicado originalmente por shiel:

I've gotten the code to disable or move my authenticator delivered by sms. It's not unusual.

Unusual it is when you get it for trying to login

True. I misunderstood what OP was trying to say.

Publicado originalmente por Massi:

I tried to login in csmoney for csgo skins , I put my steam guard code and also it asked me for sms code for more security . Maybe it's because of new pc ip adress ...

That is why its unusual.
They phished your login, then tried to make you handover the steam guard completely.

Publicado originalmente por Muppet among Puppets:

Publicado originalmente por Massi:

I tried to login in csmoney for csgo skins , I put my steam guard code and also it asked me for sms code for more security . Maybe it's because of new pc ip adress ...

That is why its unusual.
They phished your login, then tried to make you handover the steam guard completely.

I log in Wirth Steam browser in game maybe thats why??
Can you try it out by yourself?
Btw what should I do rn?

Publicado originalmente por Massi:

Publicado originalmente por Muppet among Puppets:

That is why its unusual.
They phished your login, then tried to make you handover the steam guard completely.

I log in Wirth Steam browser in game maybe thats why??
Can you try it out by yourself?
Btw what should I do rn?

What you not understanding?


Do the 5 steps I posted above, or feel free to come back later on the forum whining about losing your account, and items to a hijacker...

Publicado originalmente por Massi:

Publicado originalmente por Muppet among Puppets:

That is why its unusual.
They phished your login, then tried to make you handover the steam guard completely.

I log in Wirth Steam browser in game maybe thats why??
Can you try it out by yourself?
Btw what should I do rn?

I never log into links or buttons,
maybe thats why i do not use phishing sites.

And i wont start today to try it by myself.