Is the name in the email your login name for your account?

only way someone can get a hold of your account info is if you signed into third party sites with your steam login
these sites include any website that asks you for your steam login other than valves official domains (steamcommunity . com etc)
such websites can be: those that sell games redeemable on steam, websites where you can trade various items for steam related games etc
also, there is option you were phished. (tried to log in a website that looks exactly like steam, but isnt)

引用自 Muppet among Puppets：

Is the name in the email your login name for your account?

This is the important question. Does the email properly address you by the name you use to log in with? If it doesn't then guess what; it's not from Steam at all.

One somewhat common pishing trick is to send a phony email exactly like you describe claiming someone is trying to log in. The expected reaction is for you to freak out and click the links to change your login info. Clicking the links in the email directs you to a fake login page where you give them your information.

So, that brings us back to Muppet's question. Followed up with "Did you click the links and enter your information?"

引用自 AndrewJago USMC：

So my question being, why does steam frequently have this problem?

Does it? Most of the time it's a user's forgotten account and leaked details.

引用自 AndrewJago USMC：

...61.84.63.209 (KR)... South American country.

Korea is not located in South America.

引用自 Muppet among Puppets：

Is the name in the email your login name for your account?

No, the name in my email is very different from my account username.

引用自 ん：

only way someone can get a hold of your account info is if you signed into third party sites with your steam login
these sites include any website that asks you for your steam login other than valves official domains (steamcommunity . com etc)
such websites can be: those that sell games redeemable on steam, websites where you can trade various items for steam related games etc
also, there is option you were phished. (tried to log in a website that looks exactly like steam, but isnt)

I never sign into third party sites with my Steam login. I only use Steam for purchasing and playing games on PC, also I never trade items, and have never typed my username and password anywhere but the Steam login page.

引用自 Teksura：

引用自 Muppet among Puppets：

Is the name in the email your login name for your account?

This is the important question. Does the email properly address you by the name you use to log in with? If it doesn't then guess what; it's not from Steam at all.

One somewhat common pishing trick is to send a phony email exactly like you describe claiming someone is trying to log in. The expected reaction is for you to freak out and click the links to change your login info. Clicking the links in the email directs you to a fake login page where you give them your information.

So, that brings us back to Muppet's question. Followed up with "Did you click the links and enter your information?"

After screenshotting the IP address and other info provided by the email I deleted it, then signed into my steam account using my mobile device (unrecognized) to make sure it still worked and that nothing had been accessed without my permission.

引用自 gwait：

引用自 AndrewJago USMC：

So my question being, why does steam frequently have this problem?

Does it? Most of the time it's a user's forgotten account and leaked details.

It does. I have never forgotten any account details relating to Steam, and the only “details” you can get out of my profile are what games I like to play, lol.

引用自 Hodman：

引用自 AndrewJago USMC：

...61.84.63.209 (KR)... South American country.

Korea is not located in South America.

Thank you, when typing in the IP, I mistakenly typed KN instead of KR, which resulted in me believing the attempted hacker was in “Saint Kitts and Nevis“ also known as KN. Again thank you for the correction.

引用自 AndrewJago USMC：

引用自 Muppet among Puppets：

Is the name in the email your login name for your account?

No, the name in my email is very different from my account username.

So the email is meant for another account?

引用自 Muppet among Puppets：

So the email is meant for another account?

Talking about the name on his email service in general rather than that specific email

引用自 AndrewJago USMC：

引用自 Muppet among Puppets：

Is the name in the email your login name for your account?

No, the name in my email is very different from my account username.

Delete and ignore. As I described above, that is not an email from Steam at all, it is a pishing email sent by a scammer. The scammer is simply lying to you in the hope that you'll click the links in his email and hand your information over to him. There isn't any problem with your account security unless you hand over your information in the way the scammer wants you to do.


Official emails from Valve/Steam will always open the same way. Right under a header with the Steam logi, it will say in big blue letters "Hello" or "Dear," followed by the exact account name you use to sign in with. Occasionally it will say "Dear Customer," for mass emails, such as the Steam Privacy Policy Update email we got a while back.

When you see that name appear as something "very different from your account username", that is a giant red flag that the email was not sent by valve. Someone got your email from somewhere- could be anywhere -and sent that email hoping they'd get something out of it. Costs them basically nothing to try.

引用自 Teksura：

When you see that name appear as something "very different from your account username", that is a giant red flag that the email was not sent by valve.

This.
It's a commonly seen attempt at phishing, as the way this works is off of fear, like with many scams.

It makes you afraid that there is something wrong with your account, or could eventually be, so you are tempted to click the link in the fake email and then it works as the helpful Teksura explained.

Delete and ignore.

EDIT..........

引用自 AndrewJago USMC：

The only logical reason I can find is that Steam’s account security is compromised and their only defense is the Steam Guard Code.

This is actually the most illogical reason. Steam's security is fine.

The assumptions above are incorrect. The email sent containing a remote IP address is definitely from Steam Support, much like the email sent sending me a Steam Guard Code when I requested it from a mobile device. You all jump so eagerly to the “phishing” excuse, while I find it too convenient.

Firstly, my email is secure. How secure is it, you ask? Secure enough that the ONLY emails I receive are from steam, any other possible interactions are immediately flagged and deleted by my forwarding bot. The email I use, along with my username and password, are not used anywhere else online. So how this “phishing” excuse is even suggested is beyond me because it is ludricous. How could this person find my email? Gee I dunno, STEAM maybe?!?

Secondly, please take the two minutes it takes to google search “Someone tried to access my Steam account”. Over 11,000 results, ranging from years ago to simply days ago. So yes, “thousands and thousands” ARE having this problem right now. STEAM is not as secure as you all believe it to be, clearly I’m the only one not feeding into the generic simple scapegoat answer. I haven’t played on Steam in over a month, as Xbox is a far superior gaming method for my current situation. What makes more sense; Steam is vulnerable for hackers to find users’ emails, usernames, and passwords and try to access the account through this but stopped through the Steam Gate email, or someone just magically pulls someone’s steam account out of a hat and sends them a fake Steam Gate email? Funny enough, every indication of this incident points directly to STEAM. This never happens on Xbox, as I said before, is far superior.

This has been a waste of my time. Unsubscribing to this post.

Why you see so many reports online is the same as why you see people being scammed out of items by trade bots and that is due to a lack of due diligence. People would rather blame Steam than admit they didn't follow best practice to keep their data safe.

Then it sounds like you're as stuck up to Xbox as users here are "stuck up" on Steam

If we used that logic by checking the amount of "I got VAC banned for no reason" threads on VAC discussion forum then perhaps the VAC system should be scrapped immediately. Perhaps they get the email address, usernames and passwords from a database leak. They are happening left and right recently. But clearly you're a security expert and have never re-used them - we already got that!

If you actually read into each thread "Someone tried to access my Steam account" instead of just judging by the number of threads (which can already be done with any other service) then most of the time the user will come to realization that they either entered their details somewhere, their old forgotten account was accessed rather than the new one, they shared their account with a friend, etc. The self-entitlement is through the roof in this thread.

引用自 AndrewJago USMC：

This has been a waste of my time. Unsubscribing to this post.

We will never know if the email contains the actual account name.

You truly wasted your time in this post.

While i liked the story:
Someone is able to gain your passwords and username from steam, but then he tries to log in with it, and ..... this security circumvent wizard didnt think his well crafted hack of the steam infrastructure all through, on his way to gain access to a 10 games account, he met a wall.
All this planning for this worthwhile goal, for nothing.
End of sad story.