全スレッド > Steam 掲示板 > Help and Tips > トピックの詳細
SnowTiger61 2016年12月4日 14時18分
Phishing Emails that appear to be from STEAM
Once last week and again today, I have received apparently ligitimate emails from STEAM implying that someone (different computer) has been trying to login to my Steam Account.
Both emails provide a CODE # and request that I login and change my login information (Password).
The Following is cut/pasted from said email (not including the Code that was shown).
******************************************************************************************************
Here is the Steam Guard code you need to login to account snowtiger61 ... CODE# bla bla

This email was generated because of a login attempt from a computer located at 94.72.183.70 (BG). The login attempt included your correct account name and password.

The Steam Guard code is required to complete the login. No one can access your account without also accessing this email.

If you are not attempting to login then please change your Steam password, and consider changing your email password as well to ensure your account security.
etc etc etc

The fact is, I got one of these last week and already Changed My Login information BUT I Did NOT respond to that email or the current one, nor did I use the associated CODES because I was immediately suspicious from the get-go.
But the fact that I am receiving these emails to my legitimage email address and it includes my Steam Nickname has me worried that Steam has been Hacked enough to go Phishing !!

What's Up With That ?

PS> I have not required ANY CODES to login or to change my password (using the appropriate password changing options and confirmation email).
Furthermore, IF I knew how to attach a copy or screenshot of said emails, I would do so.
Please Advise
< >
1-15 / 33 のコメントを表示
Brujeira 2016年12月4日 14時35分 
It is definitely a phishing email then? What I mean by that is that you've checked the email's message source to view the header code and that shows that it didn't come from a Valve email server.
#1
profile name 2016年12月4日 14時38分 
you'd have to be kinda slow to fall for that.
#2
Muppet among Puppets 2016年12月4日 14時42分 
If you change the email of your steam on a safe computer, you will see if the emails are from steam.
And if your computer is leaking details.
#3
cinedine 2016年12月4日 14時46分 
This is not a phishing attempt, it's the Steam Guard email. It's generated when attempt to login from a new device.

Someone has your account credentials! If you changed it recently, do so again from a different and trusted machine and then run a complete virus and malware (two different things!) check on your current machine, because you most likely have a keylogger on it.
#4
xaxazak 2016年12月4日 15時48分 
I get that email from Steam when I reinstall or use a different browser - the sender is "noreply@steampowered.com".

They are legitimate - at least the ones I get are - when I sign in for the first time on that browser/install I use that code. If I get it wrong it doesn't work.

If you're on a dynamic IP and it changes between logout and login, Steam doesn't know that you're still using the same computer. If you've unselected "stay signed in" or whatever it is when you sign in then a dynamic IP change can also log you out.

Just make sure they're from Steam, and just sign on to steam in the usual way, not via a link from the email. Use the code if requested - it can't do any harm as it either logs you in or it doesn't.
That way even if they somehow manage to send a fake email from steam (because your email server sucked) they still don't get anything out of it.

:note: Edit: If you (or someone you're sharing your account with) weren't actually using your account at all at that time, then yeah, changing your password is a good first step.
最近の変更はxaxazakが行いました; 2016年12月4日 15時50分
#5
Cr4zy3ye 2016年12月5日 2時23分 
profile name の投稿を引用:
you'd have to be kinda slow to fall for that.

^^^ It was so poinient, I felt it needed saying again.
#6
Smugass Braixen-Chan 2016年12月5日 2時29分 
How is that phishing? It's not trying to send you to a 3rd party website or anything. Change your password because it is probably from Valve.
#7
dkmaster 2017年3月16日 0時06分 
I got exactly the same mail today but in an email that is not associated with Steam and that is what made me curious. I have Steam Guard and I changed my password just to be safe but it is weird that I got that mail in an non associated mail if it is legit.
#8
lilcoffeebean 2017年3月16日 1時42分 
You're certainly right to be skeptical, however as xaxazak pointed out, if the email sender was "noreply@steampowered.com", then it is a legitimate email from Steam and you should act accordingly as cinedine pointed out.

If it's from someone else, it's honestly difficult to say how they aquired your email with your associated Steam username. If you've ever mentioned it online, then there's always a chance someone aquired that information or if the association is easy to guess. Steam has also had some security hiccups, i.e. Christmas 2015. Nothing to the extent of being hacked, but instances where emails could have been obtained in specific circumstances.
#9
Supafly 2017年3月16日 2時00分 
Regardless of whether it was a legitmate email or not a simple rule to follow is DON'T click the link.

Always open a browser and log into the site directly.

lilcoffeebean の投稿を引用:
You're certainly right to be skeptical, however as xaxazak pointed out, if the email sender was "noreply@steampowered.com", then it is a legitimate email from Steam

I don't agree. It looks like a legitmate email but it could be spoofed to look that way. There is also the unlikely fact Steam/part of Steam has been hacked. The hacker/s can't access users encrypted passwords and have used Steams email service to provide a link to a an official looking page to steal passwords.
最近の変更はSupaflyが行いました; 2017年3月16日 2時00分
#10
SnowTiger61 2017年4月8日 12時10分 
cinedine の投稿を引用:
This is not a phishing attempt, it's the Steam Guard email. It's generated when attempt to login from a new device.

Someone has your account credentials! "etc etc"

NO .. it's NOT from Steam Guard and YES it is Phishing. AVG even alerted me ... but I was and am suspicious of ALL emails that require me to reply and change login info. I NEVER fall for that. I ALWAYS login from my browser.
AND
I have NEVER EVER EVER tried to login to Steam (or anything else) from any computer (or device) other than the one I'm sitting in front of right now. So if "Anyone" was trying to login from a different IP # it's a scam.
And NO ONE has access to my computer except me. So no one has ANY of my login information to anything.

Don't be so presumptuous Broken Rubber.
It was a Phishing attempt ... like so many others.
#11
PsydeFX 2017年4月8日 14時36分 
SnowTiger61 の投稿を引用:
cinedine の投稿を引用:
This is not a phishing attempt, it's the Steam Guard email. It's generated when attempt to login from a new device.

Someone has your account credentials! "etc etc"

NO .. it's NOT from Steam Guard and YES it is Phishing. AVG even alerted me ... but I was and am suspicious of ALL emails that require me to reply and change login info. I NEVER fall for that. I ALWAYS login from my browser.
AND
I have NEVER EVER EVER tried to login to Steam (or anything else) from any computer (or device) other than the one I'm sitting in front of right now. So if "Anyone" was trying to login from a different IP # it's a scam.
And NO ONE has access to my computer except me. So no one has ANY of my login information to anything.

Don't be so presumptuous Broken Rubber.
It was a Phishing attempt ... like so many others.
But it didn't ask you to reply, it said to go to steam and change your credentials. Did you verify where it was sent from? You more than likely have a Key logger or some such on y PC.
#12
RM`27-FURY 2017年4月8日 14時41分 
.
#13
sIZarah 2017年5月8日 12時09分 
Hi I've gotten these too. I DO think they are phishing, for two reasons.

One: when I log into steam on a new computer myself, gmail puts those identical looking emails into a separate thread, so they obviously think they're different. Two: I did a "show original message" in gmail for the suspicious emails and for the legitimate emails, and the suspicious ones failed SPF and showed a yahoo ip address. I seriously doubt Steam uses yahoo for their email servers, so these are not authentic emails. I too am confused because they appear to link directly back to steampowered, maybe they are just phishing cookies or something? Either way I've changed my password on my phone which I'm sure is clean and I've still been getting these phishing emails once an hour. I've got almost 100 now, it's super annoying.
#14
 KARR™ 2017年5月9日 4時51分 
sIZarah の投稿を引用:
Hi I've gotten these too. I DO think they are phishing...

If the email quotes your true account name [not screen name] then regardless of being phishing or not, there's a security leak of your actual account name and the email is personalised to you and not a generic email.

If there is no link IN the email to go to steam and log in then it can't be a phishing email. The whole reason a phishing email works is because it tells users to click a link which is fake and they complete the form on a fake webpage.

#15
< >
1-15 / 33 のコメントを表示
ページ毎: 1530 50

全スレッド > Steam 掲示板 > Help and Tips > トピックの詳細
投稿日: 2016年12月4日 14時18分
投稿数: 33
新しいスレッドを作成

ルールとガイドライン