it is a scam.

if you still have access to your account (or after getting your account back, or just to be safe)

make sure to do all of these


DO NOT TRADE
many scams try and scare you into trading your items and they get hijacked

1. Scan for malware https://www.malwarebytes.com/

2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

3. Change passwords from a trusted/clean computer.

4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

It's a scam, Steam doesn't use discord.

That person also sent me a steam profile but he highly suggested me to contact on discord https://steamcommunity.com/profiles/76561199113204258

Originally posted by Earth Spiriz:

That person also sent me a steam profile but he highly suggested me to contact on discord https://steamcommunity.com/profiles/76561199113204258

it is a scam!!!

steam will not contact you on discord for anything

Originally posted by KalCuey:

it is a scam.

if you still have access to your account (or after getting your account back, or just to be safe)

make sure to do all of these


DO NOT TRADE
many scams try and scare you into trading your items and they get hijacked

1. Scan for malware https://www.malwarebytes.com/

2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

3. Change passwords from a trusted/clean computer.

4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

:Spidey:

Thank you for the info. I'm still having my access of my profile. I am having no issue. I checked my gmail and i haven't seen anything like steam support warned me. Also, i'm using Linux so i'm not concern about Windows malware

Originally posted by steven1mac:

It's a scam, Steam doesn't use discord.

Thank you. Just what i thought. I also noticed that there's no official notification on steam that should show.
This is the profile that contacted me
https://steamcommunity.com/profiles/76561199220425994/

Delete the profile link. Most likely phished anyway.

So i reported both account. Hope they will be banned soon
p/s: Is there anyway i can export the chat log so I can send steam team about this phising campaign?

Originally posted by Earth Spiriz:

So i reported both account. Hope they will be banned soon
p/s: Is there anyway i can export the chat log so I can send steam team about this phising campaign?

since it is done of discord, there is nothing steam can do.
just report any profiles, like you did, and it will be handled

Originally posted by KalCuey:

Originally posted by Earth Spiriz:

So i reported both account. Hope they will be banned soon
p/s: Is there anyway i can export the chat log so I can send steam team about this phising campaign?

since it is done of discord, there is nothing steam can do.
just report any profiles, like you did, and it will be handled

Ah i meant the steam profiles only :D and now i'm curious about this phising campaign. I want to analysis it a bit. It would be fun if they send sort of malware.

Originally posted by Earth Spiriz:

Originally posted by KalCuey:

since it is done of discord, there is nothing steam can do.
just report any profiles, like you did, and it will be handled

Ah i meant the steam profiles only :D and now i'm curious about this phising campaign. I want to analysis it a bit. It would be fun if they send sort of malware.

there is a very good chance that the steam accounts have been hijacked themselves

it is one of the reasons why the name and shame is not allowed.

you can report those accounts you see to steam, and they will do what they can, but there are enough people that do fall for these that it is not going to stop

Originally posted by Earth Spiriz:

Thank you for the info. I'm still having my access of my profile. I am having no issue.

Issues or not you should still check the API link to make sure that nothing is listed there, because chances are high that this is the case. The problem: an API key gives others access to your account.

It's a common attack: scare the victim into trading items, and then intercepting these trades using the API key access.

Originally posted by ShelLuser:

Originally posted by Earth Spiriz:

Thank you for the info. I'm still having my access of my profile. I am having no issue.

Issues or not you should still check the API link to make sure that nothing is listed there, because chances are high that this is the case. The problem: an API key gives others access to your account.

It's a common attack: scare the victim into trading items, and then intercepting these trades using the API key access.

I haven't trade any items nor did anything but just got the messages. And i don't think i activated any API key.

Read here carefully https://help.steampowered.com/en/faqs/view/70E6-991B-233B-A37B

Originally posted by Earth Spiriz:

Originally posted by ShelLuser:

Issues or not you should still check the API link to make sure that nothing is listed there, because chances are high that this is the case. The problem: an API key gives others access to your account.

It's a common attack: scare the victim into trading items, and then intercepting these trades using the API key access.

I haven't trade any items nor did anything but just got the messages. And i don't think i activated any API key.

it is easy enough to check, just click the last link in my post. it should be empty

Originally posted by KalCuey:

Originally posted by Earth Spiriz:

I haven't trade any items nor did anything but just got the messages. And i don't think i activated any API key.

it is easy enough to check, just click the last link in my post. it should be empty

Well it's empty. I guess I'm safe?