All Discussions > Steam Forums > Steam Discussions > Topic Details
Get_Scwifty Apr 12 @ 11:03am
I got scammed?
Someone from my friendlist sent me a link saying steam spring marathon gift which will be giving out $50 steam card for the first 300,000 to log in. So I clicked on it and it transferred to steam page which required me to log in. Due to my ignorance and stupidity, I logged in. After that it said, will receive after 48 hrs.

My question is, is my account still safe given that I have a steamguard and I already changed my password.
< >
Showing 1-4 of 4 comments
Ɛ: ʎɥɔʇɐԀ Apr 12 @ 11:06am 
Is it hard to not click on any suspicious phishing links?
If steam would have some sort of free gift card marathon thing, then valve would announce it
#1
J4MESOX4D Apr 12 @ 11:20am 
Your account is likely compromised. Secure it with the following steps:-

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

Think about it logically - nobody is going to give away $15,000,000 worth of gift cards for free.
#2
pckirk Apr 12 @ 11:21am 
Accounts are phished not hacked.

You gave away all your account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or item sell sites, fake steam log-in websites, or by tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Your account was phished / hijacked. Follow steps 1- 7 to secure your account:

1. Scan for malware https://www.malwarebytes.com/

2. Check that the email and phone number on the Steam account are still yours.

3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

4. Change passwords from a trusted/clean device.

5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

7. Make sure your steam recovery email account is secure

Steam will NOT return lost funds or Items.
#3
Brutalness Apr 12 @ 1:42pm 
Your ♥♥♥♥♥♥
#4
< >
Showing 1-4 of 4 comments
Per page: 1530 50

All Discussions > Steam Forums > Steam Discussions > Topic Details
Date Posted: Apr 12 @ 11:03am
Posts: 4
Start a New Discussion

Discussions Rules and Guidelines