Steam
All Discussions Artwork Videos News Guides

Steam

Steam Guides 🔥Emperor Pyromancer🔥's Guides
276 ratings
Cybersecurity: How to avoid virus, scams and more
By 🔥Emperor Pyromancer🔥 and 10 collaborators
In this guide, we will teach you how to spot scams, viruses, phising attempts, spyware and other online threats. We created this guide to help people who face security problems on the internet. This guide helps people to improve their online security.

Keep in mind that I'm not a security expert, rather just a student of cybersecurity, hardware and software. However, I'm very interested in helping other people and hopefully this guide can do exactly that.
2
2
   
Award
Favorite
Favorited
Unfavorite
Created by
D3M4N
Offline
Tito Shivan
Offline
🔥Emperor Pyromancer🔥
Offline
hawkpilot
Offline
Object 13
Offline
Bazinga4U
Offline
Dom
Offline
CrimZone
Offline
Wixmix ツ
Offline
NeXuS23
Online
Lord Sheldon
Offline
Category: Achievements, Characters, Classes, Co-op, Crafting, Game Modes, Gameplay Basics, Loot, Maps or Levels, Modding or Configuration, Multiplayer, Secrets, Story or Lore, Trading, Walkthroughs, Weapons, Workshop
Languages: English
Posted
Updated
Sep 19, 2016 @ 7:03pm
Mar 1 @ 5:39am
942 Unique Visitors
93 Current Favorites
Guide Index
Overview
Basic information 
Social Engineering 
Antivirus, internet security & important information 
Cleaning and updating your pc 
What's a hacker? Or cracker? ...etc 
How to avoid phisining 
Segure navigation 
IP, DNS, TCP, Firewall How to protect? 
Private Profile 
Adblock 
Other pic of person suspect hacked 
New virus steam 
Other possible scam virus 
Possible New Scam 
Updated 2020 - and a new tool 
Updated 2022 - Scams in Discord 
Updated 2024 - API Scammers 
End 
Comments
Basic information
Common scams and list of malware

First of all, I highly recommend you to read Steam's account security recommendations and make sure you maximize the security of your Steam account by following these steps.
Account Security Recommendations

Also one of most known common scams are: ''Hi can you please vote for my team SpaceX'' by exemple, and other one: ''i've reported you accidentally''

Other commun is the scammer imposting someone important of Steam/Valve staff such as valve admin or Steam moderator on which you should check URL anyway

Here is a good list of common scams and how to avoid them.
A list of common scams and more


  • Adware:
    • Adware is a type of software that displays unwanted advertisements using invasive methods. These methods may be harmful. Its name is a contraction of the words advertisement (advertising) and malware.

    • Not all adware is malicious and at best, adware only shows merely annoying advertisements that are easy to ignore. But what's worth noticing is that even if adware seems harmless, it may come with hidden data collection mechanisms and other tracking tools sending data to unknown sources, endangering the privacy of the end-user. Additionally, if there happens to be security holes in those trackers and mechanisms, this creates new security risks for the end-user. Also, even if the adware itself is safe, the advertisements displayed may not be. Not all advertisers are nice, and they may end up using the acquired ad space for malicious purposes (an action commonly known as malvertising).

    • So even if adware is just potentially harmful, it is highly recommended to remove any adware from your computer. And in nearly all cases, adware is using your computer resources and slowing down performance. A common source for adware are the software portals on the internet. These portals tend to offer ad-funded, sponsored downloads. Whenever you're downloading software, it is recommended to get it from the original source, rather than third-party, ad-funded software portals . By following this rule, you're able to avoid software installers with bundled adware.

    • Adware, or advertising-supported software, is any software package that automatically renders advertisements in order to generate revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process. The functions may be designed to analyze which Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there. The term is sometimes used to refer to software that displays unwanted advertisements known as malware.


  • Keylogger:
    • Keyloggers are pieces of software that capture the keyboard input of the user. The user is typically unaware of this activity. The information is then stored (logged). These logs hold potentially confidental and private information.

    • Some keyloggers out there are legal, intentional and safe: for instance, IT companies/organizations may use keylogging mechanisms to troubleshoot technical issues with their networks and computers. Likewise, sometimes families may use keyloggers to monitor their children's computer and internet activities (via parental control). Despite this, to this day, keyloggers are mostly used for stealing personal data and passwords.


  • Screenlogger:
    • Screenloggers capture and store information displayed by the screen, possibly including other inputs related to screen as well (for instance, finger swipes on smartphones). Similarly to keyloggers, screenloggers may also be used in safe ways (recording programs, different kinds of screen capturing features) or maliciously (spying and/or stealing information).

  • Trojan:
    • In computing, Trojan horse, or Trojan, is any malicious computer program which is used to hack into a computer by misleading users of its true intent. The term is derived from the Ancient Greek story of the wooden horse that was used to help Greek troops invade the city of Troy by stealth.

    • Trojans are generally spread by some form of social engineering, for example where a user is duped into executing an e-mail attachment disguised to be unsuspicious, (e.g., a routine form to be filled in), or by drive-by download. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. This infection allows an attacker to access users' personal information such as banking information, passwords, or personal identity (IP address).

    • Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves.

  • Spyware:
    • Spyware is a type of software that spies on the user without their knowledge and without authorized access. Typically spyware is used to gather information about people and organizations. The gathered information may be sent to another entity without the user's consent.

    • Spyware is often split into four different types: trojans, adware, system monitors and trackers. Spyware is mostly used for the purposes of tracking and storing Internet users' movements online and displaying personalized ads.


  • Ransomware:
    • Ransomware may be the scariest type of virus regular computer users may come across. It's a software completing unwanted actions on the computer and then, requiring a ransom payment to reverse these actions.

    • Typically, such actions include:
      - encrypting files on the computer & offering the decryption key for money
      - locking the computer, making it unusable & offering an unlock for money
      - collecting sensitive information about the user & threatening to publish the information.

    • Ransomware installs itself covertly on a victim's computer and executes its payload on the background. Simple ransomware locks the computer, which isn't difficult for a knowledgeable person to reverse, however, decrypting encrypted files may be impossible if the key is stored on a secure server and used encryption methods are unknown.

    • In the worst situation, ransomware may encrypt the computer's entire hard drive or its Master File Table (MFT). Thus, ransomware is a denial-of-access attack that prevents computer users' access. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.

  • Backdoor:
    • Backdoor is basically what the name says. Backdoors create vulnerabilities in the system that can be used in the future attacks, allowing unauthorized access on the device.

    • A backdoor is a method, often secret/unknown, of bypassing the normal authentication in a product, computer system, cryptosystem or algorithm etc. Backdoors are often used for securing unauthorized remote access to a computer, or obtaining access to plaintext in cryptographic systems.

      A backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice may subvert the system through a rootkit), or may be a hardware feature. Although normally surreptitiously installed, in some cases backdoors are deliberate and widely known. These kinds of backdoors might have "legitimate" uses such as providing the manufacturer with a way to restore user passwords.

    Sniffer
    • Sniffers are tools that intercept and analyze traffic on a network, with it you can find out which sites are being accessed on the network, what types of protocols are being used (HTTP, etc).
Social Engineering
Social engineering is a term used to describe an attack that abuses victim's credulity and trust. Typically, persuasion is used to accomplish this. This persuasion typically starts as soon as the scammer is met. However, sometimes these scammers may try long-term plans, such as trying to build friendships with people and gain trust slowly.

Then the trust is used for malicious purposes, such as stealing information, phising or scamming.

In order to avoid this from happening, be careful when dealing with other people online. Even if you're dealing with your Steam friends. Your friends may backstab you (this unfortunately happens) and also, you should remember that your friends may get their accounts stolen and these hijackers can talk to you from your friend's account, impersonating your friend.

Here's some additional details from the Steam Support page: https://support.steampowered.com/kb_article.php?ref=3415-WAFH-6433

https://support.steampowered.com/kb_article.php?ref=6057-YLBN-1660

An important forum: http://forums.steampowered.com/forums/showthread.php?t=2597358

Below is an example of an infected Steam account, sending a malicious link via chat.


It's advised to avoid clicking links.

Remember that links may be faked.
For example, the link text can be different from the actual link.

Be careful in all cases.
Antivirus, internet security & important information
Here are some of my personal recommendations that can help you stay protected against these attacks.

Kaspersky Internet Security:
A decent software against threats on the internet. It's quite advanced, I am still testing it and checking it out. So far it seems good. Additionally, it's pretty lightweight for those who want to save disk space and RAM.

Malwarebytes Anti-Malware:
Malwarebytes is extremely good when it comes to the detection rates and highly recommended protection, not just by me but in general as well. The free version comes with the scanner.
Real-time protection is limited to the premium (paid) version of the software.

And obviously, there are more than just these two out there.
Whatever you choose, make sure it's good an functional.
On top of that, I highly recommend using Steam Mobile Guard Authenticator.


Steam Support: How to set up a Steam Guard Mobile Authenticator
Cleaning and updating your pc
Always keep your PC clean. Update your Windows on a regular basis as well as your Steam and antivirus. These are small actions but can save you from massive harm. It's also important to clean your browser and avoid any suspicious extensions.

These actions won't just make your system more secure but it will likely perform much better as well. Also, I highly recommend keeping browser trackers in mind. Many options exist to deal with those but CCleaner is my personal recommendation.

Here's another great software, AdwCleaner. This handy tool removes browser hijackers, junk and adware very effectively from the system:



Download Here [toolslib.net]
What's a hacker? Or cracker? ...etc
Here I will show you a list that will explain hackers and crackers, what those are and what you need to know to not get confused.

White Hat: a friendly hacker who can help you out about security and provide some tips, typically security experts

Black Hat: these are evil hackers, called ''crackers'' due to the fact that they can invade your system and cause problems

Grey Hat: a hacker between white and black - for example, one that invades systems for fun, but avoids causing serious damage and does not copy sensitive data

Elite Hacker: probably the most professional hackers imaginable and masters of the internet, these won't typically target small individuals but large corporations and governments/agencies

Blue Hacker: hackers hired by companies, most of them are security experts who help out to protect the systems againt vulnerabilities and malicious invasions, etc.

Lammer: one who has no knowledge of hacking, but requests actions from people who can perform them

Script Kiddie: just a cracker without notion, who uses some widely distributed hacking tools; considered as the famous ''scammers'' who try scam anyone. They use their limited knowledge of hacking to invade everything ahead of them.

Defacer: a hacker who is skilled in web invasion.

Carder: a hacker who is skilled with credit cards, with cloning, authentication, theft and more.

Phreaker: a hacker who is skilled with phones

Hacktivist: a friendly hacker who uses his skills to help people out with social causes, political, ideological, religious factors

Nation States Professionals: Both expensive hackers and security experts, hired by governments and / or state intelligence agencies, as well as specific units of cyber warfare. With a great computing power at its disposal, such hackers virtually attack infrastructure, both military and civilian, financial, services, etc.

Here in steam we have our administrators and moderators that fix problems and important issues, feel free to contact them.
How to avoid phisining
Here we see some examples of fake steam pages and some of more













Anyways when your friend or whatever sent his link to any steam, check out the url and see if it's safe, all websites that are real have this symbol on url sometimes when you join to offical site like that you're seeing on picture, neither all has but anyways check out if has, if his url has weird names or different from offical, you can leave because this can be fake site who use your login for trying steal account





















The steam guard will never tell you to download anything, be careful
Segure navigation
if you want a segure navigation then if you have google brower go to your brower click in settings ---->

See on picture and then click in ''New incognito window''

NOTE: That segure navigation you won't have problem with cookies and passwords saved it will be automally removed, you can feel more segure doing that



Then you're done
IP, DNS, TCP, Firewall How to protect?
Talking about DNS, Here's a good software who verify and protect your DNS and you can check out who is joing in your wif-fi or internet local


This software is totally free and it has on steam: http://store.steampowered.com/app/355000/


Easy Hide IP, if you wanna change your ip for questions security then i recommend this software it's easy and fast, better than hotspot shield, i already had tested hotsport it's a crap ones

Easy Hide IP[easy-hide-ip.com]
CyberGhost[www.cyberghostvpn.com]
Surf Anonymous[www.surfanonymous-free.com]
TunnelBear[www.tunnelbear.com]

Proxy List: http://www.freeproxylists.net/


if you wanna know how TCP Works









Firewall: Anyways check out if your firewall is working







Also if you have a anti virus, check out if it's working and you can change some settings for having a good profection and more a bit security















By exemple you can block even private and public networks, it's a little recommendable and if you want more security











So as i mean you can change settings to put a bit more protection, i really recommend it, is like having a good security for pc and internet etc
Private Profile
Putting your profile private too can help you anonymously with your security's stuff, as if you put to friends only your friends can see, and if you put private to yourseulf only you can see ur own profile,

this can help a little to be secret anonymously
Adblock
This is just a expansion/app for google brower or whatever brower, it will help too protecet you againt annoying ads when it can be spyware spying your things ,
not all ads are spying you but for me i believe that some of them spys you and sent your information for advertising or even some virus

i anyways uses this app in my brower and it's really good, without annoying ads or virus whatever

You can found them and download on chrome web store if you uses google chrome
Other pic of person suspect hacked
Here's exemple of friend my that maybe got ''hacked'' i just suspect him don't stop sent me some stupid links and most funny still is he senting a link from workshop that then when i see got removed, probably hacked









So even if it's your friend or ''best friend'' please never click in werid or suspect links! that can be virus when your friend got hacked/infected

Be careful anyways!
New virus steam
So as had see, my friend had alert me about this, so would be nice you're all share to ur friends and etc, the link is her: https://www.reddit.com/r/Steam/comments/5skfg4/warning_regarding_a_steam_profile_related_exploit/

Be anyways careful!
Other possible scam virus
So well recent my friend make a post about it, the pictures are below




Also i anyways suspect playing strange servers, it's sure is well better play in valve servers because there are more safe and good,

some strange servers may download some virus file to try scam your account!
Possible New Scam
So as the name says, some of my friend have alert me and i see situations like that
some new reports is happending


so new problems we need to avoid and take care of it, the new scam is when you click in a false link named ''trade offer'', my friend explain to me that it can get informations of your account and try take hack your PC

Here is profile of scammer, he has two accounts:
http://steamcommunity.com/profiles/76561198083612037 (Main Acoount)

http://steamcommunity.com/profiles/76561198052866549 (Alt Account)

his main account you're all will note the link for trade offer, so please dont click it can get hack your account and sent virus to your friends etc,also there is another type of scam which is really close to this one. You know that button called ''View more info'' on other people's profiles? Don't click
them,because it may have virus or something that will hack your PC. The best way to not get ''scammed'' by this is to change your language by using the Steam settings and you will see if this is the real button or some fake link.
Updated 2020 - and a new tool
After a long time without have updated this great guide, i'm doing this to alert people about new scam and some tips given

Normally if some of your friends get hacked/infected in it, the hacked account/scammer/bot scam will ask you to click in a link to website mostly cs go stuff scam for vote team, on which it's pretty fake
So problaby you shouldn't click in it

There's great site tool where you can sent if the link or even file has any malware/any type of phishing link or trojan by acessing this https://www.virustotal.com/gui/ it's 100% trusted, you just put the link sented for note if it's any type of scam or dont

Other great advice that i give, it's please use a decent anti virus, i high recommend Kasperksy Security Cloud, there is free edition for it, Kasperksy is considered number one of best Anti-Virus of World Ever, they even got partnership with interpol (police international) and their software are really very good & alots of tools and funtions to keep you protected however and etc,

You can download from this one https://www.kaspersky.com.br/security-cloud
Other possible good options are Malwarebytes anti-malware and SUPERAntiSpyware
They acts a bit simliar to Anti-Virus but still both can be different, check out below
Malwarebytes Anti-Malware
https://br.malwarebytes.com/mwb-download/
https://www.superantispyware.com/

Please be anyways careful when you click or look any link, that's how scam works, the scammer/offender takes a bit in your Steam Account or even worse your Computer to do scam actions and try hack other steam accounts, sometimes it's not even a human and yes a scam bot, be aware of any link that isn't trusted, thanks

Also keep anyways your windows 10 updated for both security and performance of system
Updated 2022 - Scams in Discord
Recently those are new tactics used by scammers into Discord, they are imposting Steam Global Moderators and valve employes even steam support, one of most recent cases was the steam moderator Tito Shivan, who have been imposted for a scammer who alleged to be him for make new victim, some those scammers have good skills and act very smart, they're not bots, they're people in this time to scam and make new tactics with the time,

PLEASE DO NOT TRUST SOMEONE ELSE WHO CLAIMS TO BE STEAM MODERATOR OR VALVE ADMIN IN DISCORD OR STEAM, THEY'RE SCAMMER!

Be careful with those new scams as seems to operate mostly on Discord than Steam in most of times, Valve already said they do not work on Discord and keep in mind that none valve employe or steam moderator will contact you in Discord, Steam, or wherever place is, do not trust it and block + report possible, they are destroying people's lifes over scamming and believing because they are using social engineering and smart tactics, they are using Steam via browser to be able for use inspect element that is a extenison for edit and manipulate pages who only work in browsers - exemples: Google Chrome, Mozilla Firefox, Microsoft Edge etc

i believe they also use photoshop for manipulate both conversations(chatlogs & emails including as well), they do both editing, manipulating, copying and cloning steam moderators or valve employes profile for malicious and criminal purposes to do the scam scheme both in Discord and Steam, can also be possible other plataforms, so please be careful and not trust in those false moderators/admins and vice-versa, be careful and see if you friend wasn't ettected by this scam and be suspicious of everything even from your own good friends, acquaintances and even families who for a minute they can have been hacked or infected, so always keep in mind to be careful and use good sense.
Updated 2024 - API Scammers
With pass of time those are having new methods for scam the victim

The most recent scams are the ones who steal/infect API key of person who trade or go to any site skins with malware in it

Normally the person can have their steam account infected with any malware using the api key at which the scammer can have kinda totall acess to his steam account at which will be able to do what he want for exemple

This type scam is advanced and the scammer will have even acess in your friendlist and vice-versa
normally the scammer will have name as ''[VA] Beatrice Howard ⇄'' and a picture of a women in it, it will look something like this one:



The scammer will use a stolen photo of someone else + the name, and will say to the victim that he's Steam Support agent when it isn't.
End
So if you're liked guide rates up and after favorite, btw the guide is anyways free for more informations whatever, can feel free to post on comments about how to avoid scams, security stuff and etc, Thanks

Special big thanks for my great finnish friend Dom for improving grammar mistake and everything in this guide!


Updated note 28/11/2020
87 Comments
< >
🔥Emperor Pyromancer🔥  [author] Mar 1 @ 5:44am 
Updated 01/03/2024

Read about API Scammers
🔥Emperor Pyromancer🔥  [author] Nov 18, 2023 @ 7:15am 
thank you mate its a older guide but still very useful, please share and fav if you can since its super important for the community.
Mesut Yılmaz Nov 18, 2023 @ 4:06am 
This is awesome
🔥Emperor Pyromancer🔥  [author] Oct 25, 2022 @ 2:51am 
@BossGalaga i have added you, mind u accept me or you are not interested in friendships at moment? i just add to be friends, talking, sharing any ideia and maybe playing if you are up to.
ПуШиСтЫЙ^^ Sep 26, 2022 @ 8:38am 
:Heart_with_horns:
BossGalaga Apr 11, 2022 @ 4:27pm 
@kaza After 4 pages of comments, you were still trying to insist that an obviously fake account on Discord was a real Steam moderator. If this is the advice you're giving your "friend" then he would be better off without it.
kaza12345678 Apr 11, 2022 @ 2:22pm 
ok steam needs to fix is support page as one the things is asking is "Attach a screenshot of the account page or email in which you received the code. The code that was activated the account must be visible in the screenshot." but i can't as the email address is defunct and only suggestion steam makes is to change password which is not possible if email was changed
any ideas since i can't report or make a ticket
kaza12345678 Apr 11, 2022 @ 1:52pm 
@bossgalaga dude your honestly not helping as you just budy looking at the big details an dnot the small so please just shut up

@✠⚜️🔥Emperor Pyromancer777 ok thanks mate, I will see if dan has anything to help in prosses of reporting of account theft but i think tito should now do something with his account incase the scammer trys using tito again or any other mods as we don't want a repeat of someone like me actually mistaken an actual official

but i do thank you two very much for your helps the best we can

btw you guys have full permission to use the images incase you want to make new guides on phishers but do blur dans username if you do use them
🔥Emperor Pyromancer🔥  [author] Apr 11, 2022 @ 11:12am 
i remember that one of your comments you say that your friend's account got email and password changed, so try now give those enough informations to your friend about real tito and all about it, also ask to your friend if he have any activation key game and if used any credit card when he try get his account back, he need contact support steam, still if u need any help comment here then, that's all i believe.
🔥Emperor Pyromancer🔥  [author] Apr 11, 2022 @ 11:11am 
@kaza no problem your welcome, also i did contact Support Steam just to help out this investigation and support just answer me right now link to it https://i.imgur.com/91cWjtp.jpg

tito shivan also tell me this other important thing https://i.imgur.com/nQtkwHX.jpg on which the scammers are using banned steam accounts to scary someone, but i know that your friend's steam account was banned because the user reported him guessing it was him who scammed he but it wasn't and then the scammer use it as proof for get the guarantee to have the impression that he was the one who banned the account when in reality it was not.