steam guard email keeps getting generated and i dont know how to stop it

Alle Diskussionen > Steam-Foren > Help and Tips > Themendetails

lolzhunter 7. Mai 2023 um 18:47

so I'm putting this here because I don't really know whats going on, I'm using a password manager (bitwarden) and I've generated like a 30 character long randomised password of letters and all the rest for my steam password for a while now, I have 2FA with steam guard on my phone and last time this happened I logged out of all sessions just in case, now it's just happened again, I got a steam guard code request in my email today claiming someone in a completely different country has correctly used my username and password, this is like the 7th this has happened and every single time I change my password to something 30 chars long and completely randomised, they never actually get in because my email is secured with 2FA as well using google auth on my phone, essentially I want to know what's going on here, my best guess is they are using some kind of exploit to give them my password every single time but I don't know, and yes I've done multiple virus scans on my computer, comes back clean every time, would really appreciate some help on this. thanks

Der Ersteller dieses Themas hat einen Beitrag als Antwort auf seine Frage markiert.
Hier klicken, um zu diesem Beitrag zu springen.

Ursprünglich geschrieben von Joke:

Ursprünglich geschrieben von lolzhunter:
still though, why does steam send me an email if the account they are trying to get into isnt even associated with my email

The answer is that the account _does_ have your email address on it.
That also means that it's your account, since you at some time in the past verified that you could receive emails on that email address.

So use the normal "I forgot my password" function to let steam send you a new password.
Then login, and see what you have on the account.

< >

Beiträge 1–15 von 16

DarkCrystalMethod 7. Mai 2023 um 19:04

Keylogger, or someone you trust has remote access to your computer.(or is peering over your shoulder)

Callahan420 7. Mai 2023 um 20:26

secure the account

Scan for malware https://www.malwarebytes.com/
Deauthorize all other devices https://store.steampowered.com/twofactor/manage
Change passwords from a clean computer
Generate new backup codes https://store.steampowered.com/twofactor/manage
Revoke the API key https://steamcommunity.com/dev/apikey
Stop using shady third party trade sites or clicking suspicious links.

Muppet among Puppets 8. Mai 2023 um 8:11

If you use the steam guard app, your account is not supposed to get any code by email.
So they are fake or for another account.

Crazy Tiger 8. Mai 2023 um 8:21

Ursprünglich geschrieben von Muppet among Puppets:
If you use the steam guard app, your account is not supposed to get any code by email.
So they are fake or for another account.

^^ this. Check the account name in the email. It's likely another account registered to the same email or a phishing attempt.

lolzhunter 9. Mai 2023 um 6:48

this is where it comes from "noreply@steampowered.com" which is the same email i get my gift notifs from, so i know its not coming from a fake thing, they dont make me click any link or provide any info its literally just "This email was created because there was an attempt to log in on a web or mobile device from 125.78.219.174 (CN). The person who tried to log in has entered your account name and password correctly.

A Steam Guard code is required to successfully log in. No one can access your account. If not accessing this email first

If you are not trying to log in Please change the password you use with Steam and consider changing your email password. To ensure the security of your account." with the code, i believe even if you have steam guard set up you can request email verif instead incase your like locked out of the mobile app for some reason, as for "Stop using shady third party trade sites or clicking suspicious links." never used a trade site in my life and i don't click suspicious links, or try not to anyways, did those 4 steps already "Keylogger, or someone you trust has remote access to your computer.(or is peering over your shoulder)" possibly a keylogger by some small chance but no chance its the other reason, even then if it was a keylogger it wouldnt just be steam acting up but my bank and my other accounts too

Joke 9. Mai 2023 um 7:07

The emails you get contains the "Account name" that they are for.

Check that if it is _exactly_ the same as the account name you use when logging in for your current account.

From your description it's very likely that you have an account you've forgotten about, with the same email registered.
Someone is trying to login to that account, and since you change password on your current account that doesn't help.

If this is the case, you should simply recover the forgotten account. Use the account name from the emails, and use the "I forgot my password" option to get a new password.

Muppet among Puppets 9. Mai 2023 um 7:27

Ursprünglich geschrieben von lolzhunter:
i believe even if you have steam guard set up you can request email verif instead incase your like locked out of the mobile app for some reason

You dont get codes by email if you use app.

Ursprünglich geschrieben von lolzhunter:
this is where it comes from "noreply@steampowered.com" which is the same email i get my gift notifs from, so i know its not coming from a fake thing

If you just look at the sender address, it doesnt allways mean it comes from where it says.

lolzhunter 9. Mai 2023 um 7:38

definitely not an account ive forgotten, it is the same name as the one i use to login as well as ive used the same account all my life since about 2013, this is what i get when i click on show original message on gmail:
Message ID <E1pwK7X-008P9f-PT@smtp-01-tuk1.steampowered.com>
From: ฝ่ายสนับสนุน Steam <noreply@steampowered.com>
DKIM: 'PASS' with domain steampowered.com
DMARC: 'PASS'

i did leave some stuff out like how long it took to arrive and my email for obvious reasons

even if its not from the official steam, it literally just gives me the code it asks for nothing and doesnt make me click any links, if it is a phishing email its the worst phishing email ever designed.

keep in mind because it was requested in a different country it came to my email in that language, i have had ones that come in english before.

also theres an option you can click when 2FA'ing where it says "lost your authenticator app" i did try to click it just to see but for some reason the link didnt work, i imagine thats what would send a code to your email and its a usual tactic to try and bypass 2FA

Muppet among Puppets 9. Mai 2023 um 7:41

It is impossible that you get a login code with email if you use app.
So it is in no way an email for your account.

lolzhunter 9. Mai 2023 um 8:19

rechecked the email and it has a 5 at the end of the username since mine goes up to 1234 but i have used 12345 before didnt question it, you could be right actually, maybe there is an account with same username 12345 and they just used 12345@gmail.com whoevers trying to get in which is why i keep receiving the emails, they ARE real emails but i dont think for my account, sorry for my ignorance

#10

lolzhunter 9. Mai 2023 um 8:24

still though, why does steam send me an email if the account they are trying to get into isnt even associated with my email

#11

Der Ersteller des Themas hat angegeben, dass dieser Beitrag die ursprüngliche Frage beantwortet.

Joke 11. Mai 2023 um 14:03

Ursprünglich geschrieben von lolzhunter:
still though, why does steam send me an email if the account they are trying to get into isnt even associated with my email

Zuletzt bearbeitet von Joke; 11. Mai 2023 um 14:04

#12