引用自 Neziakk/TUNECASE.GIFT：

Someone Hacked into my account

I have a problem guys and this is the place i belive i can get some help. i had 12~ PLN on my steam ballance. Yesterday i got online to play some games after not playing for a little bit. I look at my balance and its all gone. I checked my transaction history, and it looks like i bought some itmes for a game DOTA 2 that i didnt play once in my lifetime. It says that i bought 4 items for very overpriced price. Like i said i didnt buy anything cuz i dont play this game and i wasnt on, on this day. Is there anyway i can get my money back??? or check who i bought it from? please someone help me cuz im freaking out that someone broke into my account. i didnt tell anyone my password and ♥♥♥♥ so i dont really know. please someon help me.

Profile name is a clear indicator that you did give away your account info.

All steps...

Scan for malware. https://www.malwarebytes.com/ or with whatever.

Deauthorize all devices https://store.steampowered.com/twofactor/manage

Change your password on a secure device.

Generate new back up codes. https://store.steampowered.com/twofactor/manage

Revoke the api key (this should be empty) https://steamcommunity.com/dev/apikey

Read the Steam Item Restoration Policy.

Stop using scam sites and then you wont get scammed and that includes the one you are proudly advertising in your display name.

Accounts on Steam are PHISHED not hacked because the end user gave away all their account details, giving them access to their account.

The account name, the password and the KEY to the door, the Steam Guard Mobile code, or scanning the QR code or authorising via fingerprint giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link, signing in through a fake login window, the fake Valve employee scam, free $50 Steam gift Card etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

The weakest link is the end user, not the security offered.

Your name shows you clearly went to fake trading sites and gave away your info. If you do that, your basically giving away your account to the scammers. Good job. Now learn to only trade on steam or lose your account.

Also, if they say they are trusted, does your mom trust them? Ask her. Who trusts them? Most likely the scammers.