wrestling superhero memes also count, well done.
5 Likes
Yeah, I havenât had any funky messages in about a whole day now. Yay!
8 Likes
Should I send some? just to throw people off?
11 Likes
The element of surprise would be gone for pranking us, but youâd probably still get many others by doing it. 
10 Likes
So everyone, I hope, learned a valuable lesson. 
Watch out for links and COME IN HERE and ASK!!! If you have to wait a bit for an answer, so be it! Itâs not worth that âfree gameââŚ
13 Likes
I am still humbly ashamed I risked my computerâs life for a free copy of terraria.
I mean PUBG I can understand cause its not worth buyingâŚ
8 Likes
I think I got offers for GTA V, PUBG, and something else. Itâs funny because a friendly Chronie had gifted me GTA V in the past, and I had no interested in the othersâŚ
Now for Terraria, thatâs a different story⌠lol⌠(I havenât bought it yet b/c I think it will be a time draine on my already limited schedule)
8 Likes
I was thinking⌠I know, I knowâŚ
Might not be a bad idea for everyone here use the Chrono/Discourse PMs instead of Steam for MOST things. I know if you are playing games togetherâŚwhatever⌠But for the most part use Chrono instead of steam. It might be a bit saferâŚ
Just a thought!!!
8 Likes
At the end of the day, I think the lesson to be learned is to ALWAYS have some level of caution when talking online. Unless you can physically see someoneâs face or recognize their voice, you have no idea whether youâre dealing with the actual person or an imposter until theyâve sent enough messages that you can catch some weird/unusual behavior, and you definitely wonât find out 100% for sure until after the whole thing has boiled over.
If you see a link, read it first. If youâre not sure, donât click. If it sounds uncharacteristically good, back up-- missing out on an unexpected $20 gift is a lot better than losing out on $200+ of slowly amassed games and a friends-list of vulnerable phishing targets. If you see a message thatâs a bit odd, double-take a bit. As a last resort (as @delenn13 said), reach out over Community-Chrono and send a PM to see if thereâs something going on. The absolute worst part about this thread is that, by sharing each other as friends, each hijacked account kept passing on the message, so it spread like wildfire throughout this forum.
Securityâs a big deal these days, and as demonstrated here, the walls of âsafetyâ are constantly shifting as blackhats get smarter. Stay safe out there.
13 Likes
I donât want to make it like I was a prophet or something⌠but I addressed this issue in October. Of course not everyone will check it, but it seems to be the same thing with a bigger radios and strength this time aroundâŚ
https://206.81.1.216/t/steam-hackers-are-on-it-again-beware/13085?u=onloose
Always check if your browser shows the Valve corp [US] before proceeding to such kind of things in the future
I hope all of you got this thing resolved by now and got your accounts back.
9 Likes
There was an interesting r/Steam thread a few weeks ago about phishing accounts like what seems to have happened here by using a phony popup that appears to load the real Steam login page. It looks like mod purged the original post so it got delisted from the subbreddit but you can still view it using the threadâs permanent url. Donât put your Steam login info into any urls mentioned in that thread of course.
What happened in that post is that there isnât actually a browser popup window at all that loads the fake page. Itâs a page element that creates a popup object on top of the webpage that looks like the popup window that your browser would create. Since itâs all a simulated browser window that means the url will appear to be Steamâs and even have a nice security certificate because⌠the scammer that made the phishing page just used a plain old picture of the url bar in their popup page. You wonât notice anything out of the ordinary unless you try clicking and using the url bar. When you try logging in using the phishing form theyâll change your login info and lock you out of it by automating the sequence of changing your account information on Steam. Then they steal your items, spam your friends the same phishing page that got you, and may eventually sell your account though grey market sites if you canât recover it.
If youâre already logged into Steam in your browser, Steam will never ask you to login again when you reach the authorization page for 3rd-party access. The phishing pages always will. If youâre unsure of the legitimacy of the page youâre on you can open a new tab and go to the Steam website and login and then go back over to the tab with the suspect page. Reload the page or use the back button and click through to the authorization page again. If itâs still asking for you to login instead of asking for you to click the confirm with a button then itâs not a real Steam page.
Using Steam Guard makes phishing this way much more difficult because the confirmation codes have a short lifetime before expiring and a new one appearing. You can still have your account hijacked if you submit a confirmation code to a phishing page but you should still be using Steam Guard because that code only gives the scammer a limited time to hijack the account. They have unlimited time if you send them your Steam account name and password when Steam Guard isnât enabled.
You really only need to have a mobile device to use Steam Guard. It does require a phone number that gets sent a text message with a code to finalize setting up the app. Once. After that you can use Steam Guard on a device that doesnât have internet or cellphone service. This means you can have someone like your parentâs cellphone receive the text message. Since the phone number acts as an alternative recovery option you want to have someone you trust and thatâs going to keep the phone number in service when you do this. Be aware that VAC bans get applied to each account using the same phone number when the ban is applied so might want to ask your grandma instead of your 13 year old brother that downloads hacks to receive the text message used when enabling Steam Guard in the app on your device. 
11 Likes
Preach it, GiU! You have to be a curmudgeon on the internet or theyâll getcha getcha getcha.
The phone, too. I got a call the other day informing me Iâd been selected to receive a âbonus tax rebateâ, and how did that sound? I said it sounded like a scam and she just hung up right then and there.
5 Likes
This is how this stuff happens. All they need is to hard sell one sucker to use their link and gain access to said suckerâs account and then they can easily reel in all suckerâs friends.
If the link is not recognizable I would not enter any account/personal information. If it is too good to be true, then it probably is. Remember, steam keys are used by steam, not the other way around.
I would recommend verifying these kinds of situations by using another contact method of said friend and googling the website with scam.
6 Likes
Also, depending on your communications patterns, it can be very easy to recognize spam. If I get a message asking me to do something or go somewhere that doesnât address me directly by name, itâs not from a friend. Maybe a generational thing, though. But everyone trends towards a certain âvoice.â Just know how your friends communicate and recognize if a message doesnât follow their speech/typing pattern.
5 Likes
what if My friends donât communicate?
âŚ
11 Likes
Then clearly theyâre not going to be sending you any free games or shady links either.
9 Likes
Yes, I highly recommend keeping only a few good friends. Some people have friends lists so long they couldnât tell you who everyone is. But with a healthy dose of introversion and social anxiety, you too can be free from the risk of imposters. Prune those friends lists like the bonsai trees they were meant to be.
8 Likes
Youâre preachinâ to the choirâŚ
7 Likes
Also introvert here. Before adding you Chrono dudes and dudettes, I had like maybe 4 Steam friends, if so much.
8 Likes