u gave ur info away at some point without knowing, like by clicking a link that sent u to a fake steam site, there u entered ur info and now they gained access, probably best to change ur email password as well

im also in favor of some sort of live support

Accounts are PHISHED not hacked because the end user gave away all their account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code, or scanning the QR code or authorising via fingerprint giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link, signing in through a fake login window etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.


The weakest link is the end user, not the security offered.

Oprindeligt skrevet af Donald Trump:

u gave ur info away at some point without knowing, like by clicking a link that sent u to a fake steam site, there u entered ur info and now they gained access, probably best to change ur email password as well

im also in favor of some sort of live support

i dont use those sites and NEVER give my info. i'm waay paranoid...

Oprindeligt skrevet af Ryan Davanzo:

Account hacked even with QR code and steam guard, tons of items sold, in debt that isn't mine and no support!

It's the sort of statement that's so blatantly untrue you can almost hear the universe sigh. Followed swiftly by the sound of someone furiously sweeping their mistakes under the proverbial rug marked "Account Security" and "I did nothing wrong."

Do this: https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560

I have acess, i just dont have my items and non-existent money. i'm not asking you to belive me tho. im just looking for help

Oprindeligt skrevet af Ryan Davanzo:

I have acess, i just dont have my items and non-existent money. i'm not asking you to belive me tho. im just looking for help

Secure your account with the following steps:-

1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

No items or money lost this way are returned as per the longstanding policy. Stop giving away your credentials to scam sites or playing on insecure devices.

im didn't give jy credentials to anything bro. also, already scanning and reescaning my pc. the rest already did.

Obviously not. It seems the "Somebody hacked me" Club has a special rule: no one ever does that once they've lost access ... who, other than yourself, are you trying to convince with that?

im not asking you to belive me, ok?
im just teling what happend.
besides, steam support already answered and they cant do nothing...

Oprindeligt skrevet af Ryan Davanzo:

im didn't give jy credentials to anything bro. also, already scanning and reescaning my pc. the rest already did.

You did whether you realise it or not. It is technically impossible to enter a Steam account without two correct credentials and an independent login confirmation. Only phishing can achieve this and to initiate this, you have to leak your credentials.

Let it slide. Denial's a tough phase to get out of ...

Hi, I'm from Argentina. The exact same thing just happened to me at 3:37 PM and I just realized at 8:00 PM
They used almost 47,000 points (all) in prizes on their account. Their profile is emil-badokin . We are not the only ones because they have 155,000 prizes

Oprindeligt skrevet af Ryan Davanzo:

im not asking you to belive me, ok?

I believe that you believe yourself. However, we regular people of the Steam forums see threads like yours very often. Also usually in denial. But also always phished or having malware.

So, let's believe the people who deal with phishing/malware victims on a regular basis, trying to help them understand internet and account security a bit better.

Oprindeligt skrevet af Ryan Davanzo:

im just teling what happend.

No, you're telling what you think happened. Big difference.

Oprindeligt skrevet af Ryan Davanzo:

besides, steam support already answered and they cant do nothing...

Correct, they cannot do anything about people giving away their login credentials.

Oprindeligt skrevet af Vershyll:

Hi, I'm from Argentina. The exact same thing just happened to me

Fact: You made the same mistake. You gave away your login details willingly, knowing full well the consequences.

Oprindeligt skrevet af Nx Machina:

Accounts are PHISHED not hacked because the end user gave away all their account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code, or scanning the QR code or authorising via fingerprint giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link, signing in through a fake login window etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.


The weakest link is the end user, not the security offered.

You should have put a video of that British lady from the Weakest Link at the end of this with her famous saying ... because it would be true.