Stalamuerte eredeti hozzászólása:

Mr. Smiles eredeti hozzászólása:

That's how API scams work, you need to actually read the information others have posted...

I read it mean but you dont understand what I am saying , if this scamm has over a year since it exists , why doesnt the steam guard app have a counter for it ?

Its my bad for not knowing the scamm , but i rarely play on steam online lately

Stalamuerte eredeti hozzászólása:

Mr. Smiles eredeti hozzászólása:

That's how API scams work, you need to actually read the information others have posted...

I read it mean but you dont understand what I am saying , if this scamm has over a year since it exists , why doesnt the steam guard app have a counter for it ?

Steam guard exists to help secure your account. It can't prevent users from compromising their account. And while you can argue that this change or that change would solve the problem, the thing you forget is scammers can adapt and change their behaviors and tactics as well.

After all the whole point of Steam Guard was to make it more difficult for scammers to scam, and it did, but people are willing to hand over Steam Guard codes just as easily as user names and passwords. The problem isn't Steam Guard. Steam Guard can't make users behave safely and expertly. But it can make an account nigh impenetrable when used with the rest of solid security practices.

Snakub Plissken eredeti hozzászólása:

Stalamuerte eredeti hozzászólása:

then explain this https://ibb.co/RNSHP5f

You compromised your account and the scammer has some access as a result of providing your credentials to them at some point. It's how phishing works.

You're not the first user to have been phished who's absolutely convinced they're ironclad in their security expertise and the fault is with Valve, and all the other users just don't understand. Ego is a helluva drug.

We've had this exact conversation a thousand times. Your situation isn't new. Your sudden opinions about how Steam should operate aren't new either. End of the day Valve can't stop users from sabotaging their account security if they're convinced what they're doing is fine.

Stalamuerte eredeti hozzászólása:

i dont care bout the items , it was just a knife that i won from a case anyways , but its about the principle if you look at the Screenshot then it still shouldnt be possible , its not the trade i confirmed , my trade was canceled

The principle is users are often not security experts and not willing to admit it. Nor are they willing to admit experienced users have already seen this sort of thing a thousand times. Right now the reality of the situation isn't what you want to hear so you're willing to argue about it.

its not ego man , you got it all wrong , that code changes every 5 seconds yet it cant perceive something wrong with the trade ? the account i traded to was my account 100% it had my comments all , i understand it mimicked it , but still cant a app that is so specialised in security with a code changing every 5 seconds realise that ? Im not arguing bout anything , im not trying to get my lost items , i understand those are already lost, but how is t he scammer going to be punished ?

Stalamuerte eredeti hozzászólása:

if you look at the Screenshot then it still shouldnt be possible

Unfortunately a computer is a lot faster at controlling settings and stuff on your account than you are. For one, they don't need to use a mouse.
They have pre-instructed commands that they simply run and they don't need any GUI either.
-> check list of trades
-> if there is a trade in wait, cancel trade.

they send commands like that to the server. the server sends information back (which is the results of these requests). it's literally as simple as that basically.

In other words, likely your trade is canceled before you even receive a message on your other account that there is a trade. (because for the sole reason that you don't read it before it got canceled.)

Elucidator eredeti hozzászólása:

Stalamuerte eredeti hozzászólása:

if you look at the Screenshot then it still shouldnt be possible

Unfortunately a computer is a lot faster at controlling settings and stuff on your account than you are. For one, they don't need to use a mouse.
They have pre-instructed commands that they simply run and they don't need any GUI either.
-> check list of trades
-> if there is a trade in wait, cancel trade.

they send commands like that to the server. the server sends information back (which is the results of these requests). it's literally as simple as that basically.

In other words, likely your trade is canceled before you even receive a message on your other account that there is a trade. (because for the sole reason that you don't read it before it got canceled.)

then what is steam guard actually guarding , my inabbility to remember a strong password ? and thats it ? In the confirmations was my account , and after i confirmed it , all from my phone not computer , it happened , i check trade history and i see the ss i sent and the other trade. All im saying is steam guard isnt that safe and it need an update ,

Snakub Plissken eredeti hozzászólása:

Stalamuerte eredeti hozzászólása:

I read it mean but you dont understand what I am saying , if this scamm has over a year since it exists , why doesnt the steam guard app have a counter for it ?

Steam guard exists to help secure your account. It can't prevent users from compromising their account. And while you can argue that this change or that change would solve the problem, the thing you forget is scammers can adapt and change their behaviors and tactics as well.

After all the whole point of Steam Guard was to make it more difficult for scammers to scam, and it did, but people are willing to hand over Steam Guard codes just as easily as user names and passwords. The problem isn't Steam Guard. Steam Guard can't make users behave safely and expertly. But it can make an account nigh impenetrable when used with the rest of solid security practices.

but i am human , and after 9 years of steam I got once scammed , today , since i am human how can i behave expertley and securely for over 9 years, and that guy from my friend list was from a game 3 years ago , jeez

Stalamuerte eredeti hozzászólása:

its not ego man , you got it all wrong , that code changes every 5 seconds yet it cant perceive something wrong with the trade ? the account i traded to was my account 100% it had my comments all , i understand it mimicked it , but still cant a app that is so specialised in security with a code changing every 5 seconds realise that ? Im not arguing bout anything , im not trying to get my lost items , i understand those are already lost, but how is t he scammer going to be punished ?

The steam guard code does change every five seconds. Do you know what's an eternity for a bot? Five seconds. It's not like you have to log in or enter your Steam Guard code every five seconds either. One Steam Guard code in conjunction with your other account credentials is enough to compromise your account.

Scamers run a sophisticated operation. Regardless of what you imagine, it's not some jerk running a scam off his treasured personal account. Part of their process involves insulating and anything that happens to occur to accounts they own is just a cost of business. And unfortunately a lot of scams are run off hijacked accounts, those accounts can accrue bans and consequences, but they're also usually returned to their legitimate owners.

So the short answer is, you're mad, and the scammer is smart enough to stay safe.

Steam Guard serves as a second factor authentication.
If someone knows your account name and password, Steam Guard will kick in and ask that person for a code, that you receive on your phone or in your email or whatever.
so that you have the final word on whether or not the account can be accessed from that place.

Edit: I really cannot keep up with how quick the replies are.
While I am typing other stuff has been replied.
...Oh well, I think I gave enough information anyway.

(note; read reply 30 and reply 22, two of my other posts, which are likely related to your question on "How did this happen" and "why")

Stalamuerte eredeti hozzászólása:

but i am human , and after 9 years of steam I got once scammed , today , since i am human how can i behave expertley and securely for over 9 years, and that guy from my friend list was from a game 3 years ago , jeez

Human beings are very fallible, the scammers profession is to exploit that. It's tough for an amateur to take on a professional and win. That's the reality. You were faced with a challenge the scammer operates every day and you found out what a disadvantage that can put you at having never been subjected to it.

Your friend's account was probably hijacked. It's a common tactic. They used his friends list to go fishing for people who nominally trust the user their friends with. Scammers know this works, it's why they do it. You weren't expecting trouble, you didn't expect your friend's account to be hijacked. They used that against you. And now you know that's a weak point to watch out for. Unfortunately you had to learn through direct experience, lots of people have to learn it that way.

Snakub Plissken eredeti hozzászólása:

Stalamuerte eredeti hozzászólása:

but i am human , and after 9 years of steam I got once scammed , today , since i am human how can i behave expertley and securely for over 9 years, and that guy from my friend list was from a game 3 years ago , jeez

Human beings are very fallible, the scammers profession is to exploit that. It's tough for an amateur to take on a professional and win.

Your friend's account was probably hijacked. It's a common tactic. They used his friends list to go fishing for people who nominally trust the users their friends with. You weren't expecting trouble, you didn't expect your friend's account to be hijacked. They used that against you. And now you know that's a weak point to watch out for. Unfortunately you had to learn through direct experience, lots of people have to learn it that way.

yea man , that experience didnt come in cheap , but at least i still got something in my inventory left , I didnt trade it all , i wasnt that greedy , bro i thought i got a virus or something

Elucidator eredeti hozzászólása:

Steam Guard serves as a second factor authentication.
If someone knows your account name and password, Steam Guard will kick in and ask that person for a code, that you receive on your phone or in your email or whatever.
so that you have the final word on whether or not the account can be accessed from that place.

Edit: I really cannot keep up with how quick the replies are.
While I am typing other stuff has been replied.
...Oh well, I think I gave enough information anyway.

(note; read reply 30 and reply 22, two of my other posts, which are likely related to your question on "How did this happen" and "why")

thats what im saying , i didnt have the final word , since my final word was to trade my things to myself , my account to the other account both linked on the same number , thats what I think that API thingy shouldnt be able to bypass

Stalamuerte eredeti hozzászólása:

bro i thought i got a virus or something

You just had given a program on some webserver permission to access your account (through a web api key), and then it logged in and started controlling it at an incredible speed.
They might have also tried to automate messaging to your friends through it, so you may want to contact those by the way.

(edit: see I am really too slow. xD)

Stalamuerte eredeti hozzászólása:

thats what I think that API thingy shouldnt be able to bypass

idk how webapi works, but I think you would have still put a steam guard code in on that site, since you were convinced it was legit what they said they were doing. idk if it would have mattered basically.

Yeah, lots of people expect it to be 5D chess. Some people are convinced hackers have breached Valve's security in your situation. All the complex sexy hollywood TV hacker stuff is really just too hard, labor intensive, time consuming and will be patched pretty quickly. People are the weakest part of security, so that's what scammers target almost exclusively. It's why phishing is so popular. It's simpler, easier, and more productive to manipulate people than do super complex IT stuff.

And since there's no human 1.1 patch on the horizon scamming people is the safe bet.

I still cant see messages from my other account to this account and vice versa , how do i fix that? i already changed passwords and turned off and on steam guard

they are both on the same phone number