this what happens whne you use your steam login on third party sites say cs skin site

Accounts are PHISHED because the end user gave away all their account details. The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Note:

1) Only you and Steam Support know your account name until you give it away.

2) Steam passwords are hashed, not stored therefore only you can give it away.

3) They physically need to have your mobile for the code, or you need to enter the code.


TRADE ONLY on Steam.


Do all the following NOW to secure your account.

1. Scan for malware https://www.malwarebytes.com/

2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

3. Change passwords from a clean computer

4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

5. Revoke the API key at https://steamcommunity.com/dev/apikey (there should be NOTHING in the APIKEY)

Originally posted by Nx Machina:

Accounts are PHISHED because the end user gave away all their account details. The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Note:

1) Only you and Steam Support know your account name until you give it away.

2) Steam passwords are hashed, not stored therefore only you can give it away.

3) They physically need to have your mobile for the code, or you need to enter the code.


Do all the following NOW to secure your account and stop using 3rd party skin sites. TRADE ONLY on Steam.

1. Scan for malware https://www.malwarebytes.com/

2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

3. Change passwords from a clean computer

4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

5. Revoke the API key at https://steamcommunity.com/dev/apikey (there should be NOTHING in the APIKEY)

Ok thanks for the reply i have done all the above to secure the account, i know i have not put my info anywhere i know you will not believe this because if the most common way but can you explain why there is no record of someone logging into my account other than me?

Originally posted by AFKin:

Ok thanks for the reply i have done all the above to secure the account, i know i have not put my info anywhere i know you will not believe this because if the most common way but can you explain why there is no record of someone logging into my account other than me?

Your account details were captured hence why they could access the account.

All Steam a program does check if all the boxes are ticked and allows access.

Account name:

Password:

Steam Guard Mobile code:

The scammer sits on your account and waits then strikes when they deem it worthwhile.

Originally posted by Nx Machina:

Originally posted by AFKin:

Ok thanks for the reply i have done all the above to secure the account, i know i have not put my info anywhere i know you will not believe this because if the most common way but can you explain why there is no record of someone logging into my account other than me?

Your account details were captured hence why they could access the account.

All Steam a program does check if all the boxes are ticked and allows access.

Account name:

Password:

Steam Guard Mobile code:

The scammer sits on your account and waits then strikes when they deem it worthwhile.

Oh well i hope they enjoy the £1.50 they made. as long as my account is now secure im happy