I was dumb and I followed a link - I reacted and everything seems fine. Can I sleep peacefully?
Hey there,
I was brain afk today and voted for a friends team. I dont know why I followed this blatand fishing trick but well I did.
I was one of the link your account for verification or something like that. I didnt have to type in my password or something,
Long story short, 10min later friends made me aware of sending those links now...
I was still able to access my account and couldnt see any harm done so far, I dont even have a payment method connected and a steam guard on my phone. So I threw out all devices, resetted the password, looked if there was any API stuff (no), resetted the password of my e-mail account and got new backup codes, also I did a normal maleware scan with my ESET security programme (no result).
But as I said, seems like nothing was done, my details like phone and such are as they were.

What do you guys think? Am I safe or should I still look over my shoulder and deeply check into my system if everything is fine? Is it even possible for the computer to be corrupted by such a link you steam to the website?

And also yes, I will never follow any link again.

Something went wrong while displaying this content. Refresh

Error Reference: Community_9721151_
Loading CSS chunk 7561 failed.
(error: https://community.cloudflare.steamstatic.com/public/css/applications/community/communityawardsapp.css?contenthash=789dd1fbdb6c6b5c773d)
Showing 1-7 of 7 comments
Originally posted by Nimlod:
I was one of the link your account for verification or something like that. I didnt have to type in my password or something,
You opened the link and your account was hijacked? With a browser? (Are the addons safe?)
With steam browser?


And Secure your account:

Do a virus scan.

Check that the email and phone number on the steam account are still yours.

Deauthorize all devices https://store.steampowered.com/twofactor/manage

Change your password on a secure device.

Generate new back up codes. https://store.steampowered.com/twofactor/manage

Revoke the api key https://steamcommunity.com/dev/apikey
Nimlod Jan 21 @ 5:03am 
Yeah, opened it with firefox.
And thank you, I already did all the things you listed. Maybe I reinstall firefox, just to be safe.
I suggest you change your password as fast as you Can. My friend voted too and he was sending links to everyone.somebody logged into his account and was sending links.when he changed the password he stopped.
Nimlod Jan 21 @ 6:18am 
I did. But good to know that it's done for him. Then I hope I was just one panicy evening for me and I'm safe.
Nimlod Jan 21 @ 7:46am 
Now that I think of it, I did log in with QR code on the website. Oh my, how idiotic. But still everything seems fine now.
Armorip Jan 21 @ 8:36am 
No Password Entry: Since you didn’t enter your password or any sensitive information, that's a big positive. Phishing attacks typically rely on tricking you into providing your login credentials, so without that, the risk is significantly reduced.

Account Security: Resetting your Steam and email passwords, ensuring your Steam Guard is active, and generating new backup codes are all excellent steps. Having Steam Guard on your phone is also a good safety measure, as it adds an extra layer of protection.

Device Security: Running a malware scan is a good move, and it sounds like your antivirus (ESET) didn’t find anything suspicious. However, if you're still concerned about the possibility of malware or other system compromises, you might want to consider:

Running a deeper scan (e.g., with another program like Malwarebytes or AdwCleaner).
Checking your system for unusual behavior, such as unexpected processes or apps.
Reinstalling the browser or using a browser in "incognito" or "private" mode to ensure no malicious extensions are present.
Possible Impact of the Link: It's unlikely that just clicking a link would infect your system without you downloading something or entering personal details. However, if the website was a phishing site designed to install malware or capture info, there’s always a small risk that something could have slipped through. But since you didn’t download anything or enter sensitive info, the risk is lower.

Final Thoughts:
Based on what you've done so far, you seem to be in a safe position. While there’s always a very small chance that something could have slipped past, you’ve taken all the necessary precautions. If you continue to monitor your accounts and devices and remain cautious moving forward, you should be in the clear.

It’s always good to stay vigilant, but it sounds like you’re doing the right things!

If you found this helpful, please consider supporting me. Stay safe!:luv:
Nimlod Jan 26 @ 11:56am 
Originally posted by Armorip:
No Password Entry: Since you didn’t enter your password or any sensitive information, that's a big positive. Phishing attacks typically rely on tricking you into providing your login credentials, so without that, the risk is significantly reduced.

Account Security: Resetting your Steam and email passwords, ensuring your Steam Guard is active, and generating new backup codes are all excellent steps. Having Steam Guard on your phone is also a good safety measure, as it adds an extra layer of protection.

Device Security: Running a malware scan is a good move, and it sounds like your antivirus (ESET) didn’t find anything suspicious. However, if you're still concerned about the possibility of malware or other system compromises, you might want to consider:

Running a deeper scan (e.g., with another program like Malwarebytes or AdwCleaner).
Checking your system for unusual behavior, such as unexpected processes or apps.
Reinstalling the browser or using a browser in "incognito" or "private" mode to ensure no malicious extensions are present.
Possible Impact of the Link: It's unlikely that just clicking a link would infect your system without you downloading something or entering personal details. However, if the website was a phishing site designed to install malware or capture info, there’s always a small risk that something could have slipped through. But since you didn’t download anything or enter sensitive info, the risk is lower.

Final Thoughts:
Based on what you've done so far, you seem to be in a safe position. While there’s always a very small chance that something could have slipped past, you’ve taken all the necessary precautions. If you continue to monitor your accounts and devices and remain cautious moving forward, you should be in the clear.

It’s always good to stay vigilant, but it sounds like you’re doing the right things!

If you found this helpful, please consider supporting me. Stay safe!:luv:

Thank you very much for the feedback 😊
Showing 1-7 of 7 comments
Per page: 1530 50

Date Posted: Jan 20 @ 11:08pm
Posts: 7