your account is compromised
DO NOT TRADE
If you have access to the account

Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)


Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.

Ursprünglich geschrieben von Wolf Knight:

your account is compromised
DO NOT TRADE
If you have access to the account

Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)


Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.

Thanks for your message. But I'm already implementing all of what you said. I was very surprised when I realized that my account had been hacked. This is the first time I've experienced something like this.

Ursprünglich geschrieben von Furkan.n38:

Ursprünglich geschrieben von Wolf Knight:

your account is compromised
DO NOT TRADE
If you have access to the account

Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)


Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.

Thanks for your message. But I'm already implementing all of what you said. I was very surprised when I realized that my account had been hacked. This is the first time I've experienced something like this.

it wasnt hacked, it was hijacked. you need to figure out how they got the log in information from you. the end user is the weakest link in any security chain.

Ursprünglich geschrieben von Furkan.n38:

How could my account have been hacked?

• Have you been asked to vote for a team/tournament/pixel art?
  
• Have you been asked to register for a tournament?
  
• Have you used any third-party site for gambling or trading?
  
• Have you logged in on a public device?
  
• Have you entered any giveaways/giveaway groups?
  
• Have you tried to claim any "free 50$ gift cards"?
  
• Have you talked to an "admin" after being "accidentally reported"?
  
• Does someone else use your PC or your account?

Be aware of phishing scams.
- Scammers will try impersonate others, such as friends, support, or etc...

Scammers will use scare tactic like "you have pending ban", "I accidentally reported you", "please vote for my team", "you won a prize", " you received a gift", and so on.

As they give you a link, for you to login on their scam site.

- Scammers makes lots of scam sites from trading, gambling, try to alter search results, and so on to trick users into thinking they're legit. Even if the scam doesn't happen right away it can happen months later.

- Scammer will use hyperlink spoofing via emails, and Discord, if you didn't know on discord there a command to display text you want, but link to somewhere else when you post.

- Scammers will send virus to victims by tricking them to download things from them, such as "try my demo", "this is the file you need", "check this game out", and so on.

- Scammers will affect public devices so never wise to login on devices you don't own.


If you ever get your email compromise, put that as top priority to protect, and work your way down incase use same login information. It's always recommended to use 2FA/MFA whenever possible on the account, but these do not work if login via phishing sites, point of them it to prevent brute force attack, so they have to rely on tricking the victim to approve them in, or giving them the code.


You can visit your login history to figure out when the scammer got in your account, and work your way from there to figure out how you fell for the scam. Steam help page > my account > data related to my account > login history.

Ursprünglich geschrieben von Lilim:

Ursprünglich geschrieben von Furkan.n38:

How could my account have been hacked?

• Have you been asked to vote for a team/tournament/pixel art?
  
• Have you been asked to register for a tournament?
  
• Have you used any third-party site for gambling or trading?
  
• Have you logged in on a public device?
  
• Have you entered any giveaways/giveaway groups?
  
• Have you tried to claim any "free 50$ gift cards"?
  
• Have you talked to an "admin" after being "accidentally reported"?
  
• Does someone else use your PC or your account?

didn't do any of the things you said no to, and I'm the only one using the account.

Ursprünglich geschrieben von Dr.Shadowds 🐉:

Be aware of phishing scams.

You can visit your login history to figure out when the scammer got in your account, and work your way from there to figure out how you fell for the scam. Steam help page > my account > data related to my account > login history.

when I view the login history, it seems that an entry was made from Russia. But the main problem is that steam guard is open and does not send me a notification for login permission.

Ursprünglich geschrieben von Furkan.n38:

Ursprünglich geschrieben von Dr.Shadowds 🐉:

Be aware of phishing scams.

You can visit your login history to figure out when the scammer got in your account, and work your way from there to figure out how you fell for the scam. Steam help page > my account > data related to my account > login history.

when I view the login history, it seems that an entry was made from Russia. But the main problem is that steam guard is open and does not send me a notification for login permission.

You don't get ANOTHER notification AFTER approving / giving them code to login. That how it works.

1. Victim visit scam site, and logins.
2. You get Notification once, unless app unable to be proc for some reason such as discounnected from internet, or poor connection to your wifi, or network.
3. Victim apporves that login, or handed the 2FA code.
That basically it, there no 2nd notification when you login via their server.

Here an example of scam site.
https://www.youtube.com/watch?v=WfTXxLraokE

Ursprünglich geschrieben von Furkan.n38:

when I view the login history, it seems that an entry was made from Russia. But the main problem is that steam guard is open and does not send me a notification for login permission.

When your details get phished, you do not get an extra notification, as they login together or instead of you.