Όλες οι συζητήσεις > Φόρουμ Steam > Help and Tips > Λεπτομέρειες θέματος
Αυτό το θέμα έχει κλειδωθεί
Taberone 8 Μαρ 2014, 8:44
[ALREADY RESOLVED STOP BUMPING]SSFN File Phishing that hijacks steam accounts
ANOTHER EDIT:Wow, this is still alive. Yeah, its "dumb" to fall for this nowadays, but I fell for this when not many people knew what the SSFN File Phishing was, and my blind faith in Steam caused me to pass it off as "A even more reliable way to verify".





Trust is a weakness.

Yes, I should have been more careful. Im like that other guy who fell for the phishing too, we both legitimately thought it was a new steamguard thing.

(END EDIT. Original post below with quotes added..)

Logging into steam, I noticed it said to upload a SSFN file or something. Then I noticed Steam Community was mispelled. Theres stories of traders telling you to add a guy and upload a SSFN file to him or something, but no stories of telling you to do it to a website. Whats going to happen now that I fell for the phising link thanks to this one steam group named INFBLOG thats russian?

-
They posted "free DAYZ ADD DIS GUY"

Steamguard permissions changed, all computers cleared, password changed, but TF2 items lost according to Steam Inventory. Checking TF2 now to make sure. Am I safe? All tf2 items are still there ingame, but Steam Inventory is empty.

Αναρτήθηκε αρχικά από UberFiend:
Αναρτήθηκε αρχικά από Taberone(Probably Hijacked):
Already did. What about the email? The reddit post said that it gives them acess to email.

Hopefully you have different password for email, so they shouldn't be able to. If they have/had access to your account all they could get is the email address. They would then have to brute force 'crack' the password.

But they are very quick at getting in, fleecing you, & getting out again. If you have ANY doubts or suspiscions, change your email password ASAP too.

Create an Steam Support Ticket & see if you can have your items returned. And report that scumbag!
So am I safe now that I changed the password and erased all authorized steamguard computers?
Αναρτήθηκε αρχικά από I AM SHODAN!:
This right here is the REAL problem.

Αναρτήθηκε αρχικά από NGATaberone:
They posted "free DAYZ ADD DIS GUY"

NOT instantly recognizing this as being a potential scam/hijacking waiting to happen is the single biggest factor in hijacks. In all honesty, no measures Valve can take to keep people safe will work until people start READING and understanding the information they're given when they sign up to make an account.

Similarly, it's a basic internet safety rule that you never upload a file from your computer that someone requests of you, because unless you're the programmer you have no idea what sort of information could be contained in that file to be used against you. That is what is happening here with this SSFN stuff.

If you can't handle your own internet safety, you need to educate yourself, hopefully before more damage is done such as a compromised credit card or bank account. I know what the common excuse is - it's all about reading and I know people, in particular kids, hate reading but it's either you learn how to avoid common mistakes, or you stay ignorant and remain a target.

Knowledge is power! If you close off all of the holes scammers use to try to lure people, you cannot be scammed.

>Do not trust people on the internet, even if you THINK you know them well. People have been lied to by friends, neighbors, even family memebers, and also scammers frequently find out who your friends are an make duplicate accounts with the same picture and such to fool you into thinking you're dealing with someone you know.

> Always be wary of someone offering to give you something for free.

>Never trade outside of the Steam trading window. This means never use "middlemen" or trade for paypal, cash, or "Steam wallet credit", and do not reveal your personal information to anyone.

>Never let your friends, cousins, or even siblings use your account. They can get their own.

>Before accepting an offer, ask yourself if you really need that item or items, because more often than not it is simply greed/lust for items or free stuff combined with ignorance of safety protocol that is what ends up getting a person scammed.

Also, be careful of internet sites in general so you avoid picking up viruses and other malware, and always run an active scanning virus/malware scanner at all times while connected to the net.

If you have your account back, changed all the passwords and deauthorized all computers, you should be safe again. Learn as much as you can about how to remain safe.
Τελευταία επεξεργασία από Taberone; 4 Οκτ 2015, 18:28
< >
Εμφάνιση 61-75 από 79 σχόλια
Ignis Alter🔥 20 Απρ 2014, 10:06 
Most of my tf2 items went through these accounts:
http://steamcommunity.com/profiles/76561198063898797
and
http://steamcommunity.com/profiles/76561198045887192
The last one has my Doublecross-comm.
The first is probably the first account your items will pass through. You can report as account phishing or hijacking with this message:
Using a false link known as steamcommuniruty.com to trick other players into losing their accounts. Has been made beneficent from the stealing of many accounts. Also, steamcommuniruty.com leads to the IP: 91.223.89.88. This IP leads to the original store.steampowered.com website, the Valve website.
#61
็็ 20 Απρ 2014, 10:28 
Αναρτήθηκε αρχικά από Foxy is gone.:
In a more perfect world, someone on here would know how to write "anti-hacking" viruses. They write a virus and embed it into the SSFN file and upload that to the hacker's website, which doesn't know the difference. When the server opens it, or attempts to, it spreads itself throughout the entire hacking network and discloses their most intimate secrets. Sounds very interesting, even if it won't work.

Anyway, if someone actually takes down hackers using their own methods, he wins the Internet.

In this perfect world, File Reading would have a buffer overflow allowing code to be executed. However, this isn't true in THE REAL WORLD. If it did, EVERY SINGLE PROGRAM would be able to be infected or be used to infect your computer. Reading files as strings/binary which is what is done to the SSFN files, is entirely secure and doesn't have an exploit.

Reading more into your post. You seem to ASSUME all files are EXECUTED to be read. This is not true. FIles can be READ without being EXECUTED. You can even do it yourself. Right-Click ANY .exe file and open in notepad. All that mumbo-jumbo on your screen is code read by the computer. Can it infect your computer because you viewed it in notepad? No. You have to double-click the file, causing it to EXECUTE and run that code.
#62
I lick 9 volt batteries 20 Απρ 2014, 15:24 
In a better-than-perfect world, steam guard would write to the freaking registry instead of a file in the steam folder, like many games do when you register their product keys. Registry keys are typically very difficult to find, especially for the generation of Steam users who don't know what the registry is.

If Valve did that, scammers would have to resort to virusing someone to get the registry key (and hoping the virus retrieves the right one if it is randomly named) or showing someone how to find it manually, which itself would be an unmistakable indication of a scam.
#63
Satoru 20 Απρ 2014, 16:12 
@fox

That would work on Mac/Linux/browsers/mobile/etc that don't have registry files
#64
TirithRR 20 Απρ 2014, 16:22 
I do think that the SSFN file should probably be linked to something like the Serial Number of the Disk involved. Or possible NIC card, etc. Maybe let you select what piece of hardware you want to link it to. That way if it goes to a different computer, then it cannot be used unless they happen to also know the serial number or ID of the piece of hardware you chose.

I know of multiple pieces of software that use similar linking methods to tie activation keys to physical hardware.

Worse case scenario, you change the device you are linked to and trigger a Steam Guard email the next time you log into Steam.
Τελευταία επεξεργασία από TirithRR; 20 Απρ 2014, 16:23
#65
I lick 9 volt batteries 20 Απρ 2014, 17:48 
Αναρτήθηκε αρχικά από Satoru:
@fox

That would work on Mac/Linux/browsers/mobile/etc that don't have registry files

I'm sure Mac and Linux have their own way of keeping a record of everything on the computer. If not, then they can just as easily store the identifier file in some obscure directory and with a completely random name. Maybe have Steam write the file only when the user logs out, and delete the file immediately when they log in (because it is not needed when you are logged in.) So the file won't exist when the scammer asks the noobs to find it, you know.

Web browsers don't need anything like this, since browsers are identified by user agent, cookie, and IP address as well, and mobiles have permanent Unique Device Identifiers.

Steam should also not automatically log a user out when their account is accessed from another computer. Being kicked out when someone logs in somewhere else only helps the hackers, since the victim won't be given a chance to change his password.

Instead, the second client should wait for them to log out of the first one, and notify the first client that someone else is trying to access the account from a different computer.
#66
I lick 9 volt batteries 20 Απρ 2014, 17:51 
A friend of mine recently lost his account in this manner, and that's why I joined the conversation. What would really help is if Steam Support could step it up a little bit and accept other forms of proof of ownership besides a photo of a product receipt or a CD key that he lost ages ago. Like anybody would keep a receipt for more than a month.
#67
TirithRR 20 Απρ 2014, 17:53 
Αναρτήθηκε αρχικά από Foxy the Furry:
Like anybody would keep a receipt for more than a month.

I have receipts and other proof of purchases for every digital purchase I have ever made.
#68
I lick 9 volt batteries 20 Απρ 2014, 17:57 
Αναρτήθηκε αρχικά από TirithRR:
Αναρτήθηκε αρχικά από Foxy the Furry:
Like anybody would keep a receipt for more than a month.

I have receipts and other proof of purchases for every digital purchase I have ever made.

Well yeah, but they expect everybody to do that. I've never even had any receipts to show them in the first place. Never activated a CD game on Steam.
#69
Ineffable Anathema 20 Απρ 2014, 23:32 
Αναρτήθηκε αρχικά από Foxy the Furry:
A friend of mine recently lost his account in this manner, and that's why I joined the conversation. What would really help is if Steam Support could step it up a little bit and accept other forms of proof of ownership besides a photo of a product receipt or a CD key that he lost ages ago. Like anybody would keep a receipt for more than a month.

Then it might be prudent to purchase some low-cost game on disc from Amazon in order to activate it on Steam as a safeguard.

What other forms of proof of ownership do you think they should accept? It is very difficult to determine exactly who is at the keyboard using an account at any given time.
#70
how bout i do anyway 20 Απρ 2014, 23:34 
Steam also accepts Paypal and credit card information as proof of purchase, provided you paid for your games using those methods.
#71
Satoru 20 Απρ 2014, 23:49 
Αναρτήθηκε αρχικά από Foxy the Furry:
A friend of mine recently lost his account in this manner, and that's why I joined the conversation. What would really help is if Steam Support could step it up a little bit and accept other forms of proof of ownership besides a photo of a product receipt or a CD key that he lost ages ago. Like anybody would keep a receipt for more than a month.

Once an account is compromised then you have to assume that the hijacker has all infomratino available on the account. Thus only data that the legit owner would have is relevant information, but that wouldn't be contained in the Steam account.

If you can recover your accoutn without said information, that means I can STEAL the account the exact same way
#72
Ineffable Anathema 20 Απρ 2014, 23:54 
Αναρτήθηκε αρχικά από Satoru:
Αναρτήθηκε αρχικά από Foxy the Furry:
A friend of mine recently lost his account in this manner, and that's why I joined the conversation. What would really help is if Steam Support could step it up a little bit and accept other forms of proof of ownership besides a photo of a product receipt or a CD key that he lost ages ago. Like anybody would keep a receipt for more than a month.

Once an account is compromised then you have to assume that the hijacker has all infomratino available on the account. Thus only data that the legit owner would have is relevant information, but that wouldn't be contained in the Steam account.

If you can recover your accoutn without said information, that means I can STEAL the account the exact same way

Good point, so it would have to be something Valve can verify and you can produce, but the hijacker cannot. There aren't many things that fit the bill sadly.

Satoru, I'm glad to see I'm not the only person on here who messes up typing words that way, it's usually why you can see nearly every one of my posts has an edit on it. ;) I spell fine, but I type like a blind weasel in a bagful of flour, heh.
#73
I lick 9 volt batteries 21 Απρ 2014, 1:00 
Suppose they look through the account history to find out what the original verified contact email address was. If my friend can prove he owns the original contact email address for his account, that should be enough.
#74
SHOKK♥ 22 Απρ 2014, 8:57 
This just happened to a friend of mine, I don't understand why a file like that has to work that way just for the convenience of the "Change User" feature as I'm assuming it's for.
And it's in the open and doesn't appear to unknowledgable people to what it can do. It's really dumb
Τελευταία επεξεργασία από SHOKK♥; 22 Απρ 2014, 9:03
#75
< >
Εμφάνιση 61-75 από 79 σχόλια
Ανά σελίδα: 1530 50

Όλες οι συζητήσεις > Φόρουμ Steam > Help and Tips > Λεπτομέρειες θέματος
Ημ/νία ανάρτησης: 8 Μαρ 2014, 8:44
Αναρτήσεις: 79
Αρχή νέας συζήτησης

Κανόνες συζητήσεων και οδηγίες