My Steam account was stolen.

Hopefully we hear from them in a week or so tops.

I guess it’s time to boot up the ol’ PS3 in the meantime

You messaged me the same thing, luckily I didn’t sign in

Oh dear, guys. I wish you had come in here first…I even emailed @YQMaoski this morning before i went to church. His is the only address i have,…

I basically stole this from the gnome…I added the :cozywolfmedalion: icon because it’s RED so It will catch everyone’s attention!!!

Put this in your Status window in your friend activity!!! We need to get the word out!!

:cozywolfmedalion::cozywolfmedalion:IT’ S NOT THEM!!! THEY HAVE BEEN HIJACKED!!! :cozywolfmedalion::cozywolfmedalion:And possibly have a keylogger installed.:cozywolfmedalion::cozywolfmedalion:
Do NOT click ANY links! Even if they promise a chance of winning games or skins!:cozywolfmedalion::cozywolfmedalion::cozywolfmedalion::cozywolfmedalion::cozywolfmedalion::cozywolfmedalion::cozywolfmedalion::cozywolfmedalion:

@Gnuffi sent me this -

hey just so you are aware:
there is a phishing scam going on on steam atm, don’t click links sent to you in chat, comments, or on discussion/group pages, (potentially with mention of chance to win or trade free games), -it redirects with a fake steam sign in that hijacks your account
and since accounts get “infected”/compromised/hijacked, these links/messages can come even from trusted/longtime friendlist people
don’t click links :47_thumb_up:

At least I hope it was Gnuffi…else the world’s gone mad…

Also GanbaRanger’s account sent me two of the same messages

apologies for the spam people, but i just sent a copy pasted msg to everyone in my directory warning about this current scam even to folks that probably already knew from here

Yes, I know him…he’s my game mentor. I have known him from 2006. He is really lucky it happened to his secondary account… his main account has over 10 thousand games or more. I am the “delenn” he always refers to in his reviews at the end

I’ll be unfriending the people who have there accounts compromise ( getting multiple messages from the same accounts), once/if you get your accounts back just send a message here that you got your account back so we can refriend.
People i unfriended so far, @GanbaRANGER, @Danacscott

You can just simply block all communications with them, either by rightclicking them in your friends list look under manage>. Or there’s a button for it on their profile.

I got that same scam message from your account, too. The exact same, 3 times, to make it even more obvious.
Really sucks that your account was taken, I hope Steam support will be able to help you quickly!

Saw three messages from @GanbaRANGER and was like wut?, then saw master @Gnuffi warning and came here to see the news, oh boy, is like a zombie outbreak seeing all of you getting infected left and right.

I almost wanna click the link too, I kind of feel left out

NO!

Listen to @delenn13 please stay far away from that link!

I was just kidding but OK mom

Being a curmudgeonly recluse has invariably worked in my favor once again…

You’uns scram. Get off my goddamn lawn and stay away from my flowers!
The youth today… Why I oughta… When I was your age…ZZZzzz ZZZzzz

we gotta warn everyone we know so we can quarantine this outbreak before it’s to late and spread everywhere!

My suspicion is that your login wasn’t handled by an ACTUAL Steam authenticator. The last time I saw a breach like this happening through Steam’s own system, it turned out that-- sure enough-- it wasn’t actually Steam’s system. It was an incredibly well-designed and convincing page that was meant to LOOK like Steam’s authentication window. So, you handed over your password.

However, the ability to use your password to do this much damage is… worrying. It tells me that someone must have found a loophole in Steam Guard somehow, most likely having to do with the “forgot pw”/“I no longer have my phone”/“I no longer have my email” options. It took a while, but I think somebody’s finally getting past the fact that Valve’s been tightening user security by force. We had a grace period where phishers were trying to get past the added wall of Steam Guard, but it looks like we’ll have to be more careful once again from now on.

I am sorry to those that this happened to - bummer

I know it is past the point but here is a few tips to help catch a scam site:

My #1 is always doing a whois check on the actual domain name https://whois.domaintools.com In this case you would search for [edited out link] SCAM website [edited out link] which takes you to https://whois.domaintools.com/op2games.com

Looking at the results, it is immediately a red flag for several reasons:

1. “Registrant Org”: Private Person - this can be tricky for some sites but if it is a business then the result should show the business name. At times, though, when visiting some legit sites, you’ll see it as a private person, but in those cases it is because it’s personally owned and not a business-owned site.

   a) I.E.: ATT.com - shows registrant org as AT&T SERVICES, INC.
   b) I.E.: Personal blogs, personal gaming sites, etc - will more than likely show Private Person
   

2. “Registrant Country”: RU / Russia - I am not prejudice or anything but it is one of the few places where an abundance of scammers and hackers are based where they quickly set up shop and hard to have charges brought against them ‘should’ they actually be caught.

3. “Dates”: 1 days old - being 1 day old… self explanatory.

4. under “Website”: none given - there is no SEO Score, title, anything under this field. Being so new this makes sense, but this will help for some older scam sites and/or this section may help determining legitimacy.

5. “Whois Record”: If you are not registered for this website then you must click the captcha “I am not a robot” or whichever it says… I cannot remember. But this is VERY useful information especially in this case. What you will want to do is contact the “Registrar Abuse Contact Email” listed. Or alternatively call them. Lodge your complaint with them as they are a legit registrar of domains in Russia. They will be the ones to shut the site down and further investigate. All the other information provided, like the Admin Name, Address, Ph#, Email are surely to be incorrect information so it will be pointless to even try to contact this Miser Pendei fellow with your hate and disgust. Everyone should email the Abuse Contact Email, abuse@reg.ru, as I am sure the more complaints they receive the faster they’ll look into it… as it will be a “trend”.

Also, besides the Whois domain search, here is a list of several other ways to help determining illegitimate websites: https://www.wikihow.com/Find-if-a-Website-Is-Legitimate

Again, email the “Registrar Abuse Contact Email” abuse@reg.ru to help get this website taken down as soon as possible to prevent others from being taken advantage of. I am sorry for those who have already been a victim during this blessed time of the year but I hope the above information helps others in the future. And to those affected, I am also sure Steam/Valve will assist in all ways possible with your accounts. It will get fixed!!

In the mean time, take care, smile and kick ass/be safe!

oh and I was reading the wikihow link I posted as it’s been forEVER since I been there… I forgot allllllll about Google’s “Transparency Report” [method 2]:

https://transparencyreport.google.com/safe-browsing/search

This works very well, too!

I’ve been doing my part to, guys, by sending the following message to my Steam friends, but now i felt like sharing it with everyone cuz i’m so generous:

yo man, pls go to www.legitwebsitedefinitelynotascam.com and u will be given a villa in Spain, 3 sports cars, and all the games on Steam

just make sure to fill in all yr personal information, whatever it may be, and u will be the winner!