Beware!

Talk about what you are playing now or join in with one of our forum games.
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Beware!

Postby goat » 31 Mar 2009, 13:53

I know you're all probably smarter than me and won't fall for this, but, considering the details, I figured I should throw something up here.

About an hour ago, I received a message from someone in the LRR Steam community group. The messager said something along the lines of "Hey, just found this great offer, steam is actually giving away games for free, go to this link X".

So, I thought, "Well, I might as well at least check it out. Valve has done some cool things before, I would be remiss if I didn't at least look".

Clicking the link (which looked pretty much legit, it appeared to be a Steam domain), brought me to a very official looking site where, again the offer was mentioned on the page. It required me to login to see more of the details, so I entered my information.

And then, nothing. The page refreshed. Thinking something weird had happened, I tried again. This time it did actually bring me to the steam community page, but there was no information about the offer anywhere. Unbeknownst to me, some clever little douche-nugget set up a proxy with an almost exact copy of the Steam login splash page, with legit links to other areas of the Steam website and everything. Unfortunately, somewhere in the works there is a command line that dumps out whatever you enter into the login fields.

Then I got a dialog that said my account had been logged into elsewhere. Before I could change my password, I had been locked out. The account of the person who sent me the link appears to no longer be in the LRR group, or even exist under the same name.

I've filed a Steam support ticket for a hijacked account. I'm still waiting for a reply. I've also tracked down the proxy website that hijacked my info and reported it under a violation of ToS to the hosting company. I'm still waiting for a reply there too.

Updates as they happen. More at 11.
User avatar
the amativeness
Posts: 3735
Joined: 31 Jul 2008, 19:53
Location: America, where everyone sues everyone, always, for everything.

Re: Beware!

Postby the amativeness » 31 Mar 2009, 13:57

goat wrote:More at 11.


Well really that's it. But there'll be other stuff. Here I'll turn the thermostat down. See Diane's nipples at 11.

Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.
zA: How do I relax?
Evil Jim: Jerk off.
Frozengale: You know you're on the internet when Masturbation is the first suggestion.
User avatar
Bob The Magic Camel
Posts: 386
Joined: 22 Oct 2007, 07:32
Location: Reading V0.7a
Contact:

Re: Beware!

Postby Bob The Magic Camel » 31 Mar 2009, 14:10

the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.


This.

Chrome highlights the domain part of a URL, there's a FF extension which does it too. It's very useful, and I advise using it.
This signature has been intentionally left blank.

No marks will be awarded for solutions written on this signature.
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Re: Beware!

Postby goat » 31 Mar 2009, 14:12

the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.


Actually, it matched it exactly. The difference ended up being in the tags. It was a .us.tf. Something I had noticed, but assumed it was part of looking at steam in firefox (something I typically don't do).
User avatar
Lyinginbedmon
Posts: 10808
Joined: 20 Dec 2007, 18:08
First Video: BioShocked
Location: Darlington, Co. Durham
Contact:

Postby Lyinginbedmon » 31 Mar 2009, 14:20

Yeah, I got that message. Fortunately I'm one of the more cynical people that gets this stuff I guess.

A girl? On the Internet? Yeah right!
Image
Image
Morgan wrote:Lyinginbedmon is short, but he makes up for it in awesomeness
User avatar
Cureless_Poison
Posts: 1233
Joined: 18 Jun 2008, 02:42
First Video: Fun with microwaves.
Location: BC, Canada
Contact:

Postby Cureless_Poison » 31 Mar 2009, 14:52

Lyinginbedmon wrote:Fortunately I'm one of the more cynical people that gets this stuff I guess.


As am I.
User avatar
whyarecarrots
Posts: 474
Joined: 09 Mar 2009, 15:35
Location: The jet propelled flying Naafi

Postby whyarecarrots » 31 Mar 2009, 15:50

One thing that should always be remembered that Valve post up all over the place on their site:

'Valve or Valve employees will never ask you for your Steam details'

I realise this is too late for you Goat, and I seriously hope you get your account back ASAP, but it's always a good thing for anyone to know for the future.

As I said: best of luck getting the account back: these account stealers are scumbags, and deserve anything they get.
Lyinginbedmon wrote:Real men don't sleep!

INSOMNIA IS MANLY! HAAAH!
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Postby goat » 31 Mar 2009, 17:30

whyarecarrots wrote:One thing that should always be remembered that Valve post up all over the place on their site:

'Valve or Valve employees will never ask you for your Steam details'


They never asked for my details. It was a normal looking login page.

https://steamcommunity.com/

The only differences being that the message about the steam community was changed and that the address was different. I would link to the phony page itself, but that defeats the purpose, no?

It was convincing enough to fool me, so I warn you.
User avatar
Bob The Magic Camel
Posts: 386
Joined: 22 Oct 2007, 07:32
Location: Reading V0.7a
Contact:

Re: Beware!

Postby Bob The Magic Camel » 01 Apr 2009, 06:26

goat wrote:
the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.


Actually, it matched it exactly. The difference ended up being in the tags. It was a .us.tf. Something I had noticed, but assumed it was part of looking at steam in firefox (something I typically don't do).


I don't mean to kick you while you're down or anything, but then it didn't match it exactly did it? Another thing to note is HTTPS certificates. All compaines worth their salt will get theirs signed by an outside agency to confirm it is them.

/Always/ type in the domains yourself rather than clicking on links. Check the address when you're there to make sure your browser hasn't been hijacked, finally check the HTTPS certifcate. This may seem a little extreme, but most people have a lot of money tied up in their steam accounts.
This signature has been intentionally left blank.

No marks will be awarded for solutions written on this signature.
User avatar
InsaneFool
Posts: 1443
Joined: 29 Sep 2008, 10:40
First Video: How to Talk like a Pirate
Location: Ajax, Ontario, Canada
Contact:

Postby InsaneFool » 01 Apr 2009, 06:26

I got the same request...I had heard about this happening earlier when Far Cry 2 first came out, so I immediately blocked the person and closed the chat window.
Personal Fail Count: 3ish? (So Far)
Image
Follow me on Twitter
User avatar
iEatNinjaZ
Posts: 970
Joined: 11 Aug 2008, 16:33
Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™

Postby iEatNinjaZ » 01 Apr 2009, 13:43

You mean this?
Image
I hate it when i get messages like this.
User avatar
Matt
LRR Crew
Posts: 9742
Joined: 14 Mar 2004, 00:19
Location: Victoria, BC
Contact:

Postby Matt » 01 Apr 2009, 13:45

iEatNinjaZ wrote:You mean this?
Image
I hate it when i get messages like this.


how can you possibly use that background image? it's SOOOOOO busy! Augh my wyws would be swimming constantly.

-m
Image

I am not angry at you.
User avatar
iEatNinjaZ
Posts: 970
Joined: 11 Aug 2008, 16:33
Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™

Postby iEatNinjaZ » 01 Apr 2009, 14:36

Matt wrote:
how can you possibly use that background image? it's SOOOOOO busy! Augh my wyws would be swimming constantly.

-m


I rarely see the desktop anyways. doesn't matter to me.
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Postby goat » 01 Apr 2009, 14:47

Yep, that'd be the one.

Now tell me that link doesn't look convincing for someone who doesn't typically browse steam in FF.
User avatar
InsaneFool
Posts: 1443
Joined: 29 Sep 2008, 10:40
First Video: How to Talk like a Pirate
Location: Ajax, Ontario, Canada
Contact:

Postby InsaneFool » 01 Apr 2009, 14:48

It is pretty convincing, but the key with using the internet is to remain skeptical of everything and everyone.
Personal Fail Count: 3ish? (So Far)
Image
Follow me on Twitter
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Postby goat » 02 Apr 2009, 04:47

So.... 36 hours later, still no reply from Steam.

Anyone have any experience with how long Steam help takes to get back to people?
Terin
Posts: 34
Joined: 08 Feb 2009, 20:09

Postby Terin » 02 Apr 2009, 07:05

I got my account back within 30 hours a little before the Pyro update back then. It was due to a similar website, but it was from someone on my friend's list, so I was caught unawares. I had a moderator from Steam hurry the request along, so you'll probably have to wait a little longer.
User avatar
Citin
Posts: 695
Joined: 05 Apr 2007, 21:56
Location: Saskatoon

Postby Citin » 02 Apr 2009, 09:52

Easy way to spot a lot of these things whether they happen in Steam or MSN or whatever.

1) Whenever someone sends you a message and then immediately logs out be suspicious

2) If it sounds to good to be true it is. If you really want to believe it's true try doing a quick google search first, you had better believe there'd be some serious blogging going on if Steam was offering free games.
"I'll be in Africa. If you need me just phone Africa, I told them to expect your call." - The Pointy Haired Boss
User avatar
goat
Posts: 3710
Joined: 02 Feb 2009, 20:59

Postby goat » 03 Apr 2009, 11:27

Aaaaand it's all better, thanks to the fine folks at Valve. I've got my games back, and I wasn't banned in any of them (near as I can tell), so all is well!
User avatar
iEatNinjaZ
Posts: 970
Joined: 11 Aug 2008, 16:33
Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™

Postby iEatNinjaZ » 03 Apr 2009, 11:57

Im glad you got your account back!
User avatar
the amativeness
Posts: 3735
Joined: 31 Jul 2008, 19:53
Location: America, where everyone sues everyone, always, for everything.

Postby the amativeness » 05 Apr 2009, 20:47

Side note:

Earlier, when I said "before the .com" I meant before as in top-level routing:

com
is before
loadingreadyrun
is before
www

So, if you're viewing this page in ANY browser, and it's saying www .loading readyrun.com.tk, then DON'T USE THE PAGE.

</stupid example>

Edited for URL removal
zA: How do I relax?
Evil Jim: Jerk off.
Frozengale: You know you're on the internet when Masturbation is the first suggestion.
User avatar
Sieg Reyu
Posts: 2925
Joined: 16 Oct 2006, 12:24
First Video: How to Talk Like a Pirate
Location: State of Confusion
Contact:

Postby Sieg Reyu » 05 Apr 2009, 22:00

Back in ye old days when I surfed the Gaia Onlines, I received a message from some random naked man. He sent me a link to "An online game he was working on and needed some people to try it out." It consisted of a mainly blank page, with a lot of links to creating accounts, but none to login, and a few flimsy urls that lead to sites that were clearly not in the same domain, or even related in the slightest. The create account page was barren with the exception of a field for e-mail, password, and username. Thats it. I put in straight gibberish into all fields, and it led to a blank page.

Worst. Scam. Ever
Image Image Image
User avatar
wedrinkritalin
Posts: 717
Joined: 07 Feb 2009, 02:09
Location: Northern Ireland

Postby wedrinkritalin » 05 Apr 2009, 23:24

goat wrote:So.... 36 hours later, still no reply from Steam.

Anyone have any experience with how long Steam help takes to get back to people?


I didn't fall for websites infact I basically invited the hacker in for coffee and a footrub as they fooled me into believing they were a steam admin. Got mine back after two weeks, I had to send valve a picture of me with my copy of half life 2
Fraszoid
Posts: 27
Joined: 22 Mar 2009, 20:20

Postby Fraszoid » 07 Apr 2009, 14:01

I haven't encountered that one yet, but the people that message me as Steam Admins are amusing. I just keep sending them completely different login details when they ask for them until they give up. Most get the hint after 15 minutes, 1 guy went on for 2 hours trying all the fake logins I could come up with. Glad you got you account back.
User avatar
InsaneFool
Posts: 1443
Joined: 29 Sep 2008, 10:40
First Video: How to Talk like a Pirate
Location: Ajax, Ontario, Canada
Contact:

Postby InsaneFool » 07 Apr 2009, 16:09

I just got one that seemed suspicious through MSN...I got a message from the "Windows LIVE Team" with an e-mail of "[email protected]" saying that I had to click a link and change my e-mail address, or else I'd be locked out of MSN.

I didn't think to grab a pic
Personal Fail Count: 3ish? (So Far)
Image
Follow me on Twitter

Return to “Video Games”



Who is online

Users browsing this forum: No registered users and 1 guest