These attacks target the weakest point in Steam's security;

You.

At some point you, probably unwittingly, handed over the keys to the castle.

Follow this guide.
https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560

Originally posted by Slice:

Not a great system if you ask me, if someone has acces to your account you have no way of reaching Steam support since everything is now trough Steam.

Exactly, so dont enter your account credentials on shady websites.

A real life friend of mine who I also got on Steam messaged me asking if I could vote on some CS GO clan design, but this real life friend did not message me this, his account was being controlled by someone else. So yeah, I did go on a scam website, but I wouldn't expect that the account of a good friend of mine was being controlled by a hacker. So you are correct that the weakness is the people using Steam, but that's with literally everything you use though.

If I can not trust the 15+ year old Steam accounts of friends of mine, I don't feel Steam is as secure as people claim it to be.

So you got your account compromised because you trusted another compromised account?

Super.

So as we have established, Steam is secure:

Originally posted by 8bitbeard:

These attacks target the weakest point in Steam's security;

You.

No security in the world of internet is strong enough to protect a computer user since the use of common sense and the action of the user is still where the access point is.
They choose to install or open allow give away their security with no thought of consequences. Education is the key.
But that isnt enough either as they don't read the guides and stay informed.
The only mothod that works is hindsight and experience.
Dr Shadow has posted here some of the best guides and what to look out for
https://steamcommunity.com/discussions/forum/1/3165461775604999700/

Originally posted by Slice:

A real life friend of mine who I also got on Steam messaged me asking if I could vote on some CS GO clan design, but this real life friend did not message me this, his account was being controlled by someone else. So yeah, I did go on a scam website, but I wouldn't expect that the account of a good friend of mine was being controlled by a hacker. So you are correct that the weakness is the people using Steam, but that's with literally everything you use though.

If I can not trust the 15+ year old Steam accounts of friends of mine, I don't feel Steam is as secure as people claim it to be.

You literally fell for a phishing scam and are blaming Steam. That scam has been going on FOR YEARS.

Originally posted by Slice:

Steam Security not as good as people say... ... Hacker got on my Steam account.

Security is fine, user is the faulty part.
You did not get hacked, you gave away your account credentials.

So your friend got compromised, you didn't scrutinize a link blindly believing it and gave a 3rd party site your login. You say Steams security is the weak point.

You & your friend just demonstrated where the weak points of security almost always are.

Originally posted by 8bitbeard:

Follow this guide.
https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560

Originally posted by Slice:

A real life friend of mine who I also got on Steam messaged me asking if I could vote on some CS GO clan design, but this real life friend did not message me this, his account was being controlled by someone else. So yeah, I did go on a scam website, but I wouldn't expect that the account of a good friend of mine was being controlled by a hacker. So you are correct that the weakness is the people using Steam, but that's with literally everything you use though.

And that's why phishing is a way more popular technique than l33t h4x0ring frontline security...

Humans are weak, and who's in charge of of the individual's security, the user, a weak human. There's no security in the world that can stop a user from handing over their credentials if they're convinced that's what they need to do.

And Steam, or any website relies on those credentials to validate that the person has access. Who's fault is it that they handed over their credentials to a scammer? Did Gaben make you fill out that form and hit submit. Or was that 100% Slice?

Originally posted by Slice:

If I can not trust the 15+ year old Steam accounts of friends of mine, I don't feel Steam is as secure as people claim it to be.

People with old accounts get phished. Account age doesn't make users smarter, or more secure. Your friends are human beings, and human beings are often vulnerable to phishing and scams unless they have specific experience or expertise. Relying on bogus assumptions to vet users and then blaming Steam when it turns out your assumptions and expertise on the subject are as lacking as anyone's... after all your account age didn't save you, or make you an expert.

There's a flaw in your logic, a pretty obvious one.

At any rate you can believe what you want. Blaming others is just an excuse to remain ignorant and vulnerable to massage your ego. And that doesn't hurt anyone but yourself.

you do know those phishing links when you go to them it usually says blahblah is not associated with steam/valve but you went ahead and did it anymore but sure blame everyone else

I don't blame anyone but myself I'm just saying that Steam is not as secure as people make it out to be. It is possible for Steam accounts to be hijacked and used to impersonate friends etc. within Steam without the person knowing. To say it is completely outside of Steam is therefor not correct. This whole hack went completely under the radar of Steams protection while I got Steam authenticator, I'm on a 15 year old account that has been on the same IP adress, same goes for my friend.

And the fact that you can only get help trough Steam these days is also very bad. They don't even use their email anymore so when your account is taken you are screwed.

Originally posted by Slice:

I don't blame anyone but myself I'm just saying that Steam is not as secure as people make it out to be. It is possible for Steam accounts to be hijacked and used to impersonate friends etc. within Steam without the person knowing.

Still a user issue, not a Steam one. A chain is only as strong as its weakest link.

Originally posted by Slice:

I don't blame anyone but myself I'm just saying that Steam is not as secure as people make it out to be. It is possible for Steam accounts to be hijacked and used to impersonate friends etc. within Steam without the person knowing. To say it is completely outside of Steam is therefor not correct. This whole hack went completely under the radar of Steams protection while I got Steam authenticator, I'm on a 15 year old account that has been on the same IP adress, same goes for my friend.

And the fact that you can only get help trough Steam these days is also very bad. They don't even use their email anymore so when your account is taken you are screwed.

Yes it is incorrect because YOU circumvented the security measures by falling for a known phishing scam.

Originally posted by Slice:

A real life friend of mine who I also got on Steam messaged me asking if I could vote on some CS GO clan design, but this real life friend did not message me this, his account was being controlled by someone else. So yeah, I did go on a scam website, but I wouldn't expect that the account of a good friend of mine was being controlled by a hacker. So you are correct that the weakness is the people using Steam, but that's with literally everything you use though.

If I can not trust the 15+ year old Steam accounts of friends of mine, I don't feel Steam is as secure as people claim it to be.

Nothing is that safe.
Apart from this suggestion:
Never log into given links or buttons, especially if its not the site of the company an account is from.

Originally posted by Slice:

A real life friend of mine who I also got on Steam messaged me asking if I could vote on some CS GO clan design, but this real life friend did not message me this, his account was being controlled by someone else. So yeah, I did go on a scam website, but I wouldn't expect that the account of a good friend of mine was being controlled by a hacker. So you are correct that the weakness is the people using Steam, but that's with literally everything you use though.

If I can not trust the 15+ year old Steam accounts of friends of mine, I don't feel Steam is as secure as people claim it to be.

You need to think for yourself, and not lay your guard down just because other people are "trusted".

This applies not only in Steam, but in any real life situation.

If your parents told you to give 1k$ to someone overseas because someone called them by phone and convinced them this would be a good idea, would you do it for them?