Warning!!! PLEASE READ!!

All things you want to say
Post Reply
User avatar
FuzzyBear9
E=mc² Member, Site Admin
Posts: 325
Joined: Mon Mar 12, 2007 11:05 pm
Location: UK

Warning!!! PLEASE READ!!

Post by FuzzyBear9 »

This a conversation that took place just five minutes ago. [EYE]Erikose was kind enough to inform us of the following:

[EYE]Erikose: one of our guys has been hacked
[E=mc²] FuzzyBear9: ??
[E=mc²] FuzzyBear9: steam ID?
[EYE]Erikose: yeah sort of but it comes as a message from a steam friend inviting you to click on a link
[E=mc²] FuzzyBear9: ah ok
[E=mc²] FuzzyBear9: he was the only one to receive that message?
[EYE]Erikose: no
[EYE]Erikose: tournaments.c.la is the link
[EYE]Erikose: and then it asks for steam password or something
[EYE]Erikose: he has had all his steam games deleted
[E=mc²] FuzzyBear9: oh dear :(
[EYE]Erikose: and people on his friends list have been sent the link apparently from him
[EYE]Erikose: yeah not good
[EYE]Erikose: just wanted to warn you and your lot

Please be on the alert all.
Fuzzy
First BE - Then DO - Only then TELL
User avatar
DARKIUSMAXIMUS
E=mc² member
Posts: 1133
Joined: Wed Apr 25, 2007 10:22 am
Location: SCOTLAND

Re: Warning!!! PLEASE READ!!

Post by DARKIUSMAXIMUS »

it was me but i dident log in thank fuc* thanks for the info Eri yes [EYE] Air sent me the link was it him who lost all? :(
BETTER CLAN MATES YOU COULDENT WISH FOR
User avatar
Cynyx
E=mc² Member, Site Admin
Posts: 3945
Joined: Fri Oct 06, 2006 5:11 pm
Location: France, Paris

Re: Warning!!! PLEASE READ!!

Post by Cynyx »

It's not the first time, i can't understand how people could be hacked by this way.

Fast search :
viewtopic.php?f=5&t=404
viewtopic.php?f=5&t=723
viewtopic.php?f=5&t=626

As allways, i can just say :
NEVER NEVER NEVER write your steam id + password on a website, don't be abused by website who propose to u shit or by website who claim to be steampowered or by people who contact you via STEAM chat....
The only things where u can login is https://store.steampowered.com/login/ and the STEAM executable you have download only on same website. (Notice the 's' in https protocol)...
Steam website wrote: Question

Protecting your password and account:

* Steam Friends
* Things to watch out for
* General security recommendations

Answer
Important:

Steam Support does not contact users over the Friends network - decline Friends requests from users you do not know.

Steam Support will never need your password for any reason. Ignore any password request you receive.


Steam Friends

*
Anyone can attempt to add you

Users can add you to their Friends list by observing your in-game nickname, or if they know your account's contact e-mail address - for this reason we recommend that you keep in mind that the users who have added you may not be people you have spoken with before.

Users can change their Friends nicknames at any time.
*
Account Phishing

Attempting to trick other users into providing password information is commonly called "phishing" - unfortunately, some individuals are using deliberately-deceptive Friends nicknames to request password information from other users. Steam Support does not use the Friends network to contact users, nor will we request CD Key information or credit card purchase information unless you have contacted us for assistance by using the Steam Support System.

Things to Watch Out For

Account hijackers have several common methods of attack, most of which rely upon misinformation or deception. Your account cannot be stolen if you follow these recommendations and refrain from sharing your account.

Watch out for these activities:

*
Requests for login and password information

Deny requests for login and password information from other users. Do not share your account login information with anyone. No reputable gaming clan will ask for your login information to join. Game server administrators do not need your Steam account information.
*
Unsolicited messages from "Steam Support" (Phishing Scams)

Ignore unsolicited messages from "Steam Support" unless the message originates from the support.steampowered.com domain.
*
Malicious programs in downloads

It is common for executable (.EXE) files, dynamic link libraries (.DLL files), and batch (.BAT) files being offered as parts of "mods" to contain malicious software designed to steal Steam account login information. Hacks are another very common source of malicious programs.
*
Examples of hijacking attempts

A list of recent scams is maintained on the Steampowered.com forums in the Hijacking Alerts thread.

General Security Recommendations

In addition to selecting a strong password, it is a good idea to maintain the security of your system in the following ways:

*
Select a Strong Password

A strong password is a necessary first step toward ensuring the security of your account. Your password should meet all of the minimum requirements listed below:
o Use at least 6 characters
o Use a combination of uppercase and lowercase letters.
o Include at least one number within the password
o Do not use a name, a word that could be found in the dictionary, or a series of letters as it appears on the keyboard ("qwerty" and "12345" are not secure passwords)
*
Use unique passwords

Make sure you are using a different password for your Steam account, your Steam Support account, and your contact e-mail address.

If you participate in any gaming forums, make sure that your username and password on the forum site is different from your Steam username and password.
*
Scan your computer

Regularly scan your computer for viruses, key loggers, spyware, and other malicious code with a virus scan utility that has the most recent virus definitions.
*
Avoid insecure computers

Avoid accessing your Steam Account from internet cafes or shared computers - if you must use an internet cafe or shared computer, make sure it has been scanned for viruses, trojans, and keyloggers.
*
Always log out of your account on shared machines

If the machine you use to access Steam has multiple users, be sure to exit and log out of Steam when you are done using the machine (if the "Remember Password" option is checked or if Steam is minimized to the System Tray but not fully closed another user may be able to access your account).

Important:
Report Hijackings and Suspicious Activities

If your account has been compromised, please see the Retrieving a Lost or Stolen Steam Account topic for instructions to retrieve your account.


If another user requests your account information, please see the Contacting VALVe Billing and Support topic for instructions to submit an incident report.
Source :
https://support.steampowered.com/kb_art ... -OAFV-8478



Concerning people who have been hacked, they can contact STEAM via mail and send all his invoices ...
Steam website wrote: Question

Help! I think someone has gained unauthorized access to my Steam account. What should I do?
Answer

Your Steam account may have been “hijacked” if you are unable to log in, your personal settings have changed, or it appears that someone else was using your account to play games.

If you believe someone has gained unauthorized access to your account, take immediate action. Follow these steps to prevent further access to your account by unauthorized users and to ensure that your account stays secure in the future:

1. Determine the cause of the security breach
2. Submit an incident report to Steam Support
3. Take action to keep your login information secure



1. Determine the cause of the security breach

In order to take effective action to retrieve and secure your account, try to determine how your account was compromised. By doing so, Steam Support can more effectively secure your account, take action against the person who hijacked your account, and help you ensure that you have the tools and knowledge to keep your account safe in the future.

Ask yourself the following questions:

*
Have I enabled another person to access my account?


Important:

Valve Software, Steam Support or any other affiliates of Steam will *never* ask you for your account password. Do not provide your password to anyone.




If you have given your login information to someone else or someone with access to your computer may have logged in to your account, that person might have performed an action that is preventing you from accessing the account.

Providing your account information to another person is the most common way that accounts are hijacked. NEVER give out your account password.

If someone in the Steam Community asked for your account name and password in a chat or during a game, or if you responded to an offer for a free game advertised on a website other than http://www.steampowered.com, you have most likely compromised your account information. If your Steam account password is the same as your e-mail account or any other accounts a hijacker could gain access to, please change your password immediately. Once you are certain that your e-mail account is secure, please submit a case to Steam Support to help you reclaim your account.
*
Have I downloaded and installed any programs from a gaming forum site, a peer to peer file trading program or over a chat program such as mIRC, AIM, Yahoo Messenger or MSN Messenger?

If so, the software you downloaded may contain a malicious key-logger program. Key-loggers can be used to record and retrieve your Steam account information as well as passwords for other programs and services, credit card details and personal information. Download the latest virus and spyware definitions for your virus and spyware scanners and run a full virus scan before taking any further action. If another user is monitoring your activities through a key-logger it is very important that they do not receive any further information.

Once you have removed any key-loggers or other malicious software from your computer, follow the steps below to submit a case to Steam Support.
*
Could someone have guessed my password?

Steam safeguards against this vulnerability, however it is still possible for someone to guess your password if you use a simple, predictable word or set of characters. Learn more about how to select a strong password and then submit a case to Steam Support to help reclaim your account.
*
Have I accessed my account in a public setting, such as a Cyber Café, tournament, or LAN party?

Two scenarios might be possible: a hijacker may have observed you entering your account name and password at a Cyber Café, tournament, or LAN game; or the account was not properly logged out when another user began using a public or shared computer. Public computers may also be compromised by key-loggers.

Be very cautious when accessing your account in public places. Submit an incident report to Steam Support to help you reclaim your account, and then follow the steps listed here to help protect your account when accessing it from public or shared computers.



2. Submit a case to Steam Support

Immediately inform Steam Support about the account security breach by submitting a request for assistance, also known as an incident report, using the Steam Support system.


If you have not previously done so, please create a Steam Support account with a unique user ID. This is a separate account from your Steam account and it does not exist by default. Please do not attempt to enter your Steam account information for the Steam Support system, as it will not work.

Remember to write down your User ID and password for your Steam Support account as you will be required to use this information to submit any future support requests.

Once you’ve created a Steam Support account, or if you already have one, click here to create an incident report.

When filing an incident report about an account security breach, please provide the following concise pieces of information:

1. Your User ID. This is the User ID for the Steam Support system. If you have not yet created an account, please enter your contact e-mail address.
2. The subject of your claim, such as “Steam account security breach.”
3. Your request for assistance. Your question should include the last email address you associated your Steam account with. Please also indicate the approximate timeframe (date and time) of the account hijacking, if possible. If you believe you know how your account was compromised, please indicate the method the hijacker may have used.
4. Select “Account Questions” as the Category of your request and finally “Hijacked or Stolen Account” as the subcategory. This information will help Steam Support address your issue as quickly as possible.
5. Include the Steam account name in the appropriate field. If you do not include the account name, it may result in a delay in recovering your Steam account.
6. Verification of ownership of your Steam account. To prove yourself the rightful owner of your Steam account, you must provide one of the following:
* If you registered software purchased at a retail location, please attach a digital photo or scan of a CD Key registered to your account. Please write your Steam account username on the quick reference card or CD Key sticker below the code in permanent ink.

* Below is a typical example of a picture of a CD-key submitted with an incident report. Please write your account name or your support incident number on the reference card or sticker of your CD-key. If you do not know your account name, you must submit your incident, write your incident number on the CD Key, and then update your case with the scan.


EA CD Key Scan

Sierra CD Key Scan


* If you purchased software through Steam with a credit card, please provide the following:
o The Card Type (Visa, MasterCard, Discover, American Express)
o The Cardholder’s Full Name
o The Credit Card Expiration Date
o The last four digits of the credit card number - Do not provide the full credit card number
* If you purchased software through Steam using a PayPal account, please provide:
o The Billing Name on the PayPal Account
o The full Billing Address on the PayPal Account
o The PayPal PayerID
o The Invoice ID and the Transaction ID


We will reassign ownership of the account to you upon verifying that you are the rightful owner.

If we are unable to verify ownership given the information you provide to us online, you may be asked to mail in your physical CD Key as evidence of ownership.
Note:

In the event that a hijacked Steam account is banned by the Valve Anti-Cheat System, Steam Support will not be able to reverse the ban.



3. Take action to keep your login information secure

To make sure no one regains access to your account, take preventative measures that will help keep your account secure and protect your privacy.

Remember: Never share your password with anyone and periodically change your password and security question to keep your private account information secure.
Source : https://support.steampowered.com/kb_art ... -QDFN-4366
User avatar
DARKIUSMAXIMUS
E=mc² member
Posts: 1133
Joined: Wed Apr 25, 2007 10:22 am
Location: SCOTLAND

Re: Warning!!! PLEASE READ!!

Post by DARKIUSMAXIMUS »

it will take me to read this :-P
BETTER CLAN MATES YOU COULDENT WISH FOR
User avatar
[EYE] Erikose
Posts: 8
Joined: Tue Feb 03, 2009 4:55 pm

Re: Warning!!! PLEASE READ!!

Post by [EYE] Erikose »

Thanks for the info Cynyx.... yeah it surprised me he got caught out too. I just think sometimes we get so used to having to log in to so many different things we let our guard down, also whoever is doing this actually starts a chat message with you logged in as one of your friends so unless you realise before through something they say, that all is not quite right you just automatically trust. :upset: Anyway we live and learn......
User avatar
Cynyx
E=mc² Member, Site Admin
Posts: 3945
Joined: Fri Oct 06, 2006 5:11 pm
Location: France, Paris

Re: Warning!!! PLEASE READ!!

Post by Cynyx »

[EYE] Erikose wrote:Anyway we live and learn......
If someone else want to learn, i can help him, just ask that kind of people u can find to send to me credit card information... I accept Paypal account information too, and even STEAM account ... Who want learn ? LMAO. :zombie:
User avatar
[EYE] Erikose
Posts: 8
Joined: Tue Feb 03, 2009 4:55 pm

Re: Warning!!! PLEASE READ!!

Post by [EYE] Erikose »

Looool....no takers then??? :spy:
Post Reply