Toutes les discussions > Forums Steam > Help and Tips > Détails du sujet
Anarkiah 19 janv. 2024 à 7h19
New scam/theft going around?
Hello,

I wanna share a strange experience with you guys.
My friend got somehow robbed. He noticed today that all of his Stattrak skins in CS2 where gone.
He found that "he" traded all of them to some random guy in his trade history.

Now the strange thing: He has never entered his credentials anywhere but in the Steam Mobile App and Client, he has his Steam Guard enabled and he has not received any Email or Notification about the trade.
Now we looked at the Login history of this account, and see there! 2 days before the items were fully transfered there was a Login from Moskow, Russia. He lives in Spain.
By looking at the guys inventory we can see all of his skins. We have reported the issue to Steam and are waiting to see how it goes.

Take care guys!
< >
Affichage des commentaires 1 à 15 sur 27
Cathulhu 19 janv. 2024 à 7h21 
Nothing new. Your friend got phished.

Send this to your friend:
Hijacked, not hacked. You leaked your account credentials somehow.

Do not trade until your account is secured.

Take the following steps to secure your account:

1. Scan for malware. https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices. https://store.steampowered.com/twofactor/manage
4. Change passwords from a clean computer.
5. Generate new backup codes for your Mobile App. https://store.steampowered.com/twofactor/manage
6. Revoke the API key (there should be no key). https://steamcommunity.com/dev/apikey

Steam does not return inventory items or wallet funds: https://help.steampowered.com/faqs/view/3B6E-B322-2400-8D24

If you no longer have access to your account, read this:
https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560
#1
Anarkiah 19 janv. 2024 à 7h28 
How is he suposed to get phised? I mean, call me stupid if you want, but as a software developer myself, I am pretty sure there was no phising involved here.

Like I said, he has had his account for ages, and he did not install or download anything recently, nor went to any funny website... And despite all of that you have to confirm any Login or trade attempt with Steam Guard and normally you get notified via Email when you do a trade. None of this happened...
Dernière modification de Anarkiah; 19 janv. 2024 à 7h29
#2
Spawn of Totoro 19 janv. 2024 à 7h29 
Could also be his system is compromised. If they have his e-mail information as well as Steam, then it could be a key logger.
#3
N3tRunn3r 19 janv. 2024 à 7h35 
On some day your "friend" had got fooled/tricked by scammers so to given away his steam account credentials on some fake and/or phishing website/link, so even the QR got cloned ..

It is the greed and so stupidity which makes you blind, literally..
Days, weeks or even "months" later he was selected..

This only happens to CSGO/CS2, DOTA2 and TF2 players..
..multiple times a day!! Just check the steam forums..

Usually it begins on Discord.. dudes... open your eyes ..!!
Dernière modification de N3tRunn3r; 21 janv. 2024 à 10h30
#4
Lilim 19 janv. 2024 à 7h36 
Anarkiah a écrit :
How is he suposed to get phised?

Ask him these questions:

  • Have you been asked to vote for a team/tournament/pixel art?
  • Have you been asked to register for a tournament?
  • Have you used any third-party site for gambling or trading?
  • Have you logged in on a public device?
  • Have you entered any giveaways/giveaway groups?
  • Have you tried to claim any "free 50$ gift cards"?
  • Have you talked to an "admin" after being "accidentally reported"?
  • Does someond else use your PC or your account?


Anarkiah a écrit :
None of this happened...

How can you be so sure about that :hp_kyu:?
#5
ReBoot 19 janv. 2024 à 7h36 
Anarkiah a écrit :
nor went to any funny website
That's kinda the whole point of phishing: to not look funny! Phishing, like literally any other form of deception, relies on the victim not knowing they're being lied to.
#6
Anarkiah 19 janv. 2024 à 7h38 
N3tRunn3r a écrit :
Your "friend" had logged in into some fake phishing/scamming website.. just like every one else who play CS2/TF2 does. Just check the forums, it is filled "daily" with these complains by that greedy stupidity.

Read above. He has 100% not logged into any website. He himself says always those skin gambling sites are phishy and he doesnt trust them... I mean, believe what you want, I just wanted to share the experience so you all are aware of this problem :)
#7
N3tRunn3r 19 janv. 2024 à 7h40 
Anarkiah a écrit :
N3tRunn3r a écrit :
On some day your "friend" had got fooled/tricked by scammers so to given away his steam account credentials on some fake and/or phishing website/link, so even the QR got cloned ..

It is the greed and so stupidity which makes you blind, literally..
Days, weeks or even "months" later he was selected..

This only happens to CSGO/CS2 and TF2 players..
..multiple times a day!! Just check the steam forums..

Usually it begins on Discord.. dudes... open your eyes ..!!

Read above. He has 100% not logged into any website.
...
100% not true, everyone claims this whenever they got "harvested" like this..
#8
metamec 19 janv. 2024 à 7h41 
Anarkiah a écrit :
but as a software developer myself, I am pretty sure there was no phising involved here.

I don't see how being a software developer would help you reach this conclusion. If he was phished, then that it something only your friend knows. Unless you're a mindreader, it's not really possible to rule out that he was phished. It's not unusual for people to swear blind they weren't phished when they know they were, for various reasons.
#9
Anarkiah 19 janv. 2024 à 7h42 
Lilim a écrit :
Anarkiah a écrit :
How is he suposed to get phised?

Ask him these questions:

  • Have you been asked to vote for a team/tournament/pixel art?
  • Have you been asked to register for a tournament?
  • Have you used any third-party site for gambling or trading?
  • Have you logged in on a public device?
  • Have you entered any giveaways/giveaway groups?
  • Have you tried to claim any "free 50$ gift cards"?
  • Have you talked to an "admin" after being "accidentally reported"?
  • Does someond else use your PC or your account?


Anarkiah a écrit :
None of this happened...

How can you be so sure about that :hp_kyu:?

He has not done any of that. How I am so sure? Well, I know him for my whole life. He is the most distrustfull person I know with those things. He doesnt trust even online banking or Paypal xD
#10
Aluvard 19 janv. 2024 à 7h43 
He might got phished several years ago, but scammers decided to wait. Sometimes those guys show virtue of patience.
#11
ReBoot 19 janv. 2024 à 7h44 
Anarkiah a écrit :
Lilim a écrit :

Ask him these questions:

  • Have you been asked to vote for a team/tournament/pixel art?
  • Have you been asked to register for a tournament?
  • Have you used any third-party site for gambling or trading?
  • Have you logged in on a public device?
  • Have you entered any giveaways/giveaway groups?
  • Have you tried to claim any "free 50$ gift cards"?
  • Have you talked to an "admin" after being "accidentally reported"?
  • Does someond else use your PC or your account?




How can you be so sure about that :hp_kyu:?

He has not done any of that. How I am so sure? Well, I know him for my whole life. He is the most distrustfull person I know with those things. He doesnt trust even online banking or Paypal xD
There's a line between caution and paranoia. One of the differences between those two is one being driven by reason, the other isn't. You've just confirmed you can't trust this friend's judgement.
#12
N3tRunn3r 19 janv. 2024 à 7h44 
So why do you speak for your "friend".. he should come here and explain his "story" himself.

Alone your title "New scam/theft going around?" is already false..
#13
Lilim 19 janv. 2024 à 7h44 
Anarkiah a écrit :
Lilim a écrit :
How can you be so sure about that :hp_kyu:?

He has not done any of that. How I am so sure? Well, I know him for my whole life. He is the most distrustfull person I know with those things.

So you don't know it for sure.
#14
Anarkiah 19 janv. 2024 à 7h49 
metamec a écrit :
Anarkiah a écrit :
but as a software developer myself, I am pretty sure there was no phising involved here.

I don't see how being a software developer would help you reach this conclusion. If he was phished, then that it something only your friend knows. Unless you're a mindreader, it's not really possible to rule out that he was phished. It's not unusual for people to swear blind they weren't phished when they know they were, for various reasons.

Well, as a software developer I am pretty aware of safe software and hacking and physhing methods and I am able to evaluate a situation like this :/ And I know my friend better than myself (he is not "a friend", he is my brother from another mother and we know each other for more than 20 years). If he tells me he hasn't logged into any website, I 100% believe him.
#15
< >
Affichage des commentaires 1 à 15 sur 27
Par page : 1530 50

Toutes les discussions > Forums Steam > Help and Tips > Détails du sujet
Posté le 19 janv. 2024 à 7h19
Messages : 27
Nouvelle discussion

Procédures à suivre et règles des discussions