I sent crypto in exchange for Steam codes!
oh shit, i knew this looked familiar, just got a similar msg from @legowarrior to vote for his logo @eliteesportsfury. msged him here and reported through steam.
Thank you for that. I believe a few people were messaged by my account recently (and then blocked).
It doesn’t look like anything was touched on my steam account, but the fact that they could message people, and then block them was a bit freaky.
I’ve updated my passwords, checked to make sure MFA and my email are the same.
I don’t keep any credit card information on steam… so I’m hoping that is enough.
Turin’s first language is Spanish? Smells fishy to me.
I didn’t figure - but I thought I’d better flag you all the same.
So… what to do ? I have MFA already enabled. Is there a way to make Steam logout from everything?
Changing the password would do it
Yeah, true.
I feel so protected! /s
I don’t think it’s your account. Someone just checks targets name and changes their name to that targets friend. Did the profile pic even match
Last time the wave of scam happened seemed to be last December. 'Tis the season I guess?
If I go to my friends list, I see Turin and if I open a Send Message to him, the conversation above where I’m asked to vote for a thing pops up - this tells me the actual account has been “borrowed” by someone else, not spoofed.
If I View Profile of the account that actually sent me the message, this is what I see.
That seems like his actual profile - I’m not sure how you spoof that without actually being signed in.
@TurinTur I would absolutely reset your password and report this to customer support.
So, what I found is that scammer had access to chat, but nothing else. He was able to spam messages, and than blocked the people he spammed messages to. @pyrhic and @Chappers had to send me messages outside of steam to get me to notice.
Anyway, it seems like MFA stops people from selling your stuff or changing anything, but I updated my password and changed my email address.
Thankfully, I don’t keep any credit card information on Steam, but I’m not sure if the scammer would have had access to that.
I hope I did enough, but I thought it was a a fair start @TurinTur
I’m sorry that it happened to you.
Oh, and check if you joined any odd game groups. I found 3 I didn’t recognize.
Could it be a vulnerability in cookies/tokens? I would log out of all non-Steam sites that relies on Steam to authenticate (Steam DB, ITAD, etc).
That’s how it got me.
I had to log into an account to vote for whatever.
I’m sorry it happened to you @TurinTur
Ok, procedure
Change backup codes, if you have, in the first link
revoke api key, if you have, in the second link
Deauthorize all devices, in the first link
Change password
I think what happened is, I received the spam from Legowarrior, and I took the bait, I went to the site the fake legowarrior indicated and used the steam oath page to login. except it wasn’t steam oath page!
This is the real page if I copy the url shown!
To my shame, I have to say I work in the IT field so yeah, shame on me. In my defense, I’m not specialized in web dev. :P
So once they took my session data, they could send other people the same spam, it works like a chain, if someone also falls for it, he will be the next guy.
The window popup is really a frame, and the REAL url is
https://victoryshowdowns.com/220a1
(DO NOT LOGIN THERE…)
You know, this is much more advanced that the anti-phishing training my company sends from time to time as tests.
edit: you know what bothers me from all this? that I could swear I used the qr code to login. I thought that was more secure…
@TurinTur There is no shame in it. It’s really clever. It could’ve worse. Thanks to you and @legowarrior and of course, QT3’s patron Saint of Scams Lord Kosc :)