That's no "hacking".

Please refrain from using the wrong vocabulary. It was simply carelessness. The same applies to this bad habit of spreading a link which is to blame for the misery. Remove that link.

simply clicking that link will not do anything, you have be stupid in addition to login into a very obvious phishing website.

that being said:
as a stupidly high number of people are actually that stupid, please stop advertising phishing websites and remove the link entirely.

as for your friends account:

Steam account is compromised.
Please do the following steps in order:

1. Scan for malware (with whatever)
   
2. Deauthorize all other devices
   
   • https://store.steampowered.com/twofactor/manage
3. Generate new backup codes
   
   • https://store.steampowered.com/twofactor/manage
4. Change your Steam account password, preferably from a known safe device.
   
5. Revoke API key
   
   • https://steamcommunity.com/dev/apikey

same ♥♥♥♥ to me I accidently clicked it and now I did everything that recent comment said
Still getting nervous my precious account holy fk

Originally posted by 1GuG4yS.RepublicOfThailand:

Still getting nervous my precious account holy fk

And because you're so worried you're offering to sell it, as you wrote it down on your profile desc.?
Just fyi, sharing or even selling accounte an illegal action and can end up in the complete termination of all involved accounts. That's a biiiiiit worse than getting scammed.

I recommend you remove the address, it's not likely to help anyone (at least you put it in () so will break when someone try to enter it XD)

Its good you noticed it, let your friend know to follow wuddih steps
And for later never login on Links no matter who give you the like, always open your own window for Steam and login from there
The page should just ask you to approve not download and not to sign in, if it does something is wrong

Originally posted by 1GuG4yS.RepublicOfThailand:

I accidently clicked

You don't click on a link accidentally. You clicked on it.

Same thing happened to me (5 minutes ago).

Someone I have not talked to for ~2 years just contacted me, asking me to vote for "Team ShonK" with a link I have not clicked on.


1. Dont click on phishy links

2. 2FA is here for a reason, make sure to activate it.

Originally posted by Misagi:

1. Dont click on phishy links

2. 2FA is here for a reason, make sure to activate it.

2fa does not help here.

Originally posted by Misagi:

Same thing happened to me (5 minutes ago).

Someone I have not talked to for ~2 years just contacted me, asking me to vote for "Team ShonK" with a link I have not clicked on.


1. Dont click on phishy links

2. 2FA is here for a reason, make sure to activate it.

The link dose not have to look phishy, most cases it dose not just like for a fish a warm hides the hook that hides under it
It's better in this case at least to suggest to never login from links, but always open your own tab/window to login never from a link or anything a page opens for you

FYI it's not clicking on the link that compromises the account.

It's going to the "sign in through Steam" thing, becaue that website is part of a recent series of websites that create a FAKE "sign in through Steam" browser window -- which is actually just a frame inside an actual webpage.

But it's designed to look very real, and even has an address bar that looks legit.

FYI, this is a strange oddity, but if you're already signed in to Steam on your own browser, then you shouldn't get a "sign in through Steam" page that asks you for your login info again. "sign in through Steam" should be just a one-click process.

Unfortunately I think many people use Steam's built-in browser and thus miss this. (This is one of at least a couple reasons not to use Steam's built-in browser.)

Originally posted by Misagi:

Same thing happened to me (5 minutes ago).

Someone I have not talked to for ~2 years just contacted me, asking me to vote for "Team ShonK" with a link I have not clicked on.


1. Dont click on phishy links

2. 2FA is here for a reason, make sure to activate it.

Make sure to go to the persons profile and report it, it was probably taken from them and is being used to scam others. Better to have steam lock it down so the person who owns it can possibly reclaim it.