Beware!
Beware!
I know you're all probably smarter than me and won't fall for this, but, considering the details, I figured I should throw something up here.
About an hour ago, I received a message from someone in the LRR Steam community group. The messager said something along the lines of "Hey, just found this great offer, steam is actually giving away games for free, go to this link X".
So, I thought, "Well, I might as well at least check it out. Valve has done some cool things before, I would be remiss if I didn't at least look".
Clicking the link (which looked pretty much legit, it appeared to be a Steam domain), brought me to a very official looking site where, again the offer was mentioned on the page. It required me to login to see more of the details, so I entered my information.
And then, nothing. The page refreshed. Thinking something weird had happened, I tried again. This time it did actually bring me to the steam community page, but there was no information about the offer anywhere. Unbeknownst to me, some clever little douche-nugget set up a proxy with an almost exact copy of the Steam login splash page, with legit links to other areas of the Steam website and everything. Unfortunately, somewhere in the works there is a command line that dumps out whatever you enter into the login fields.
Then I got a dialog that said my account had been logged into elsewhere. Before I could change my password, I had been locked out. The account of the person who sent me the link appears to no longer be in the LRR group, or even exist under the same name.
I've filed a Steam support ticket for a hijacked account. I'm still waiting for a reply. I've also tracked down the proxy website that hijacked my info and reported it under a violation of ToS to the hosting company. I'm still waiting for a reply there too.
Updates as they happen. More at 11.
About an hour ago, I received a message from someone in the LRR Steam community group. The messager said something along the lines of "Hey, just found this great offer, steam is actually giving away games for free, go to this link X".
So, I thought, "Well, I might as well at least check it out. Valve has done some cool things before, I would be remiss if I didn't at least look".
Clicking the link (which looked pretty much legit, it appeared to be a Steam domain), brought me to a very official looking site where, again the offer was mentioned on the page. It required me to login to see more of the details, so I entered my information.
And then, nothing. The page refreshed. Thinking something weird had happened, I tried again. This time it did actually bring me to the steam community page, but there was no information about the offer anywhere. Unbeknownst to me, some clever little douche-nugget set up a proxy with an almost exact copy of the Steam login splash page, with legit links to other areas of the Steam website and everything. Unfortunately, somewhere in the works there is a command line that dumps out whatever you enter into the login fields.
Then I got a dialog that said my account had been logged into elsewhere. Before I could change my password, I had been locked out. The account of the person who sent me the link appears to no longer be in the LRR group, or even exist under the same name.
I've filed a Steam support ticket for a hijacked account. I'm still waiting for a reply. I've also tracked down the proxy website that hijacked my info and reported it under a violation of ToS to the hosting company. I'm still waiting for a reply there too.
Updates as they happen. More at 11.
- the amativeness
- Posts: 3737
- Joined: 31 Jul 2008, 19:53
- Location: America, where everyone sues everyone, always, for everything.
Re: Beware!
goat wrote:More at 11.
Well really that's it. But there'll be other stuff. Here I'll turn the thermostat down. See Diane's nipples at 11.
Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.
zA: How do I relax?
Evil Jim: Jerk off.
Frozengale: You know you're on the internet when Masturbation is the first suggestion.
- Bob The Magic Camel
- Posts: 386
- Joined: 22 Oct 2007, 07:32
- Location: Reading V0.7a
- Contact:
Re: Beware!
the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.
This.
Chrome highlights the domain part of a URL, there's a FF extension which does it too. It's very useful, and I advise using it.
This signature has been intentionally left blank.
No marks will be awarded for solutions written on this signature.
No marks will be awarded for solutions written on this signature.
Re: Beware!
the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.
Actually, it matched it exactly. The difference ended up being in the tags. It was a .us.tf. Something I had noticed, but assumed it was part of looking at steam in firefox (something I typically don't do).
- Lyinginbedmon
- Posts: 10808
- Joined: 20 Dec 2007, 18:08
- First Video: BioShocked
- Location: Darlington, Co. Durham
- Contact:
- Cureless_Poison
- Posts: 1233
- Joined: 18 Jun 2008, 02:42
- First Video: Fun with microwaves.
- Location: BC, Canada
- Contact:
- whyarecarrots
- Posts: 474
- Joined: 09 Mar 2009, 15:35
- Location: The jet propelled flying Naafi
One thing that should always be remembered that Valve post up all over the place on their site:
'Valve or Valve employees will never ask you for your Steam details'
I realise this is too late for you Goat, and I seriously hope you get your account back ASAP, but it's always a good thing for anyone to know for the future.
As I said: best of luck getting the account back: these account stealers are scumbags, and deserve anything they get.
'Valve or Valve employees will never ask you for your Steam details'
I realise this is too late for you Goat, and I seriously hope you get your account back ASAP, but it's always a good thing for anyone to know for the future.
As I said: best of luck getting the account back: these account stealers are scumbags, and deserve anything they get.
Lyinginbedmon wrote:Real men don't sleep!
INSOMNIA IS MANLY! HAAAH!
whyarecarrots wrote:One thing that should always be remembered that Valve post up all over the place on their site:
'Valve or Valve employees will never ask you for your Steam details'
They never asked for my details. It was a normal looking login page.
https://steamcommunity.com/
The only differences being that the message about the steam community was changed and that the address was different. I would link to the phony page itself, but that defeats the purpose, no?
It was convincing enough to fool me, so I warn you.
- Bob The Magic Camel
- Posts: 386
- Joined: 22 Oct 2007, 07:32
- Location: Reading V0.7a
- Contact:
Re: Beware!
goat wrote:the amativeness wrote:Also: this has happened before. NEVER pass your information along to a website unless the URL matches the home page PERFECTLY. No extra bits before the .com.
Actually, it matched it exactly. The difference ended up being in the tags. It was a .us.tf. Something I had noticed, but assumed it was part of looking at steam in firefox (something I typically don't do).
I don't mean to kick you while you're down or anything, but then it didn't match it exactly did it? Another thing to note is HTTPS certificates. All compaines worth their salt will get theirs signed by an outside agency to confirm it is them.
/Always/ type in the domains yourself rather than clicking on links. Check the address when you're there to make sure your browser hasn't been hijacked, finally check the HTTPS certifcate. This may seem a little extreme, but most people have a lot of money tied up in their steam accounts.
This signature has been intentionally left blank.
No marks will be awarded for solutions written on this signature.
No marks will be awarded for solutions written on this signature.
- InsaneFool
- Posts: 1443
- Joined: 29 Sep 2008, 10:40
- First Video: How to Talk like a Pirate
- Location: Ajax, Ontario, Canada
- Contact:
- iEatNinjaZ
- Posts: 970
- Joined: 11 Aug 2008, 16:33
- Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™
- iEatNinjaZ
- Posts: 970
- Joined: 11 Aug 2008, 16:33
- Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™
- InsaneFool
- Posts: 1443
- Joined: 29 Sep 2008, 10:40
- First Video: How to Talk like a Pirate
- Location: Ajax, Ontario, Canada
- Contact:
Easy way to spot a lot of these things whether they happen in Steam or MSN or whatever.
1) Whenever someone sends you a message and then immediately logs out be suspicious
2) If it sounds to good to be true it is. If you really want to believe it's true try doing a quick google search first, you had better believe there'd be some serious blogging going on if Steam was offering free games.
1) Whenever someone sends you a message and then immediately logs out be suspicious
2) If it sounds to good to be true it is. If you really want to believe it's true try doing a quick google search first, you had better believe there'd be some serious blogging going on if Steam was offering free games.
"I'll be in Africa. If you need me just phone Africa, I told them to expect your call." - The Pointy Haired Boss
- iEatNinjaZ
- Posts: 970
- Joined: 11 Aug 2008, 16:33
- Location: My Amazing Underwater World of Underwater Wonder That Is Under The Water™
- the amativeness
- Posts: 3737
- Joined: 31 Jul 2008, 19:53
- Location: America, where everyone sues everyone, always, for everything.
Side note:
Earlier, when I said "before the .com" I meant before as in top-level routing:
com
is before
loadingreadyrun
is before
www
So, if you're viewing this page in ANY browser, and it's saying www .loading readyrun.com.tk, then DON'T USE THE PAGE.
</stupid example>
Edited for URL removal
Earlier, when I said "before the .com" I meant before as in top-level routing:
com
is before
loadingreadyrun
is before
www
So, if you're viewing this page in ANY browser, and it's saying www .loading readyrun.com.tk, then DON'T USE THE PAGE.
</stupid example>
Edited for URL removal
zA: How do I relax?
Evil Jim: Jerk off.
Frozengale: You know you're on the internet when Masturbation is the first suggestion.
- Sieg Reyu
- Posts: 2930
- Joined: 16 Oct 2006, 12:24
- First Video: How to Talk Like a Pirate
- Location: State of Confusion
- Contact:
Back in ye old days when I surfed the Gaia Onlines, I received a message from some random naked man. He sent me a link to "An online game he was working on and needed some people to try it out." It consisted of a mainly blank page, with a lot of links to creating accounts, but none to login, and a few flimsy urls that lead to sites that were clearly not in the same domain, or even related in the slightest. The create account page was barren with the exception of a field for e-mail, password, and username. Thats it. I put in straight gibberish into all fields, and it led to a blank page.
Worst. Scam. Ever
Worst. Scam. Ever
- wedrinkritalin
- Posts: 717
- Joined: 07 Feb 2009, 02:09
- Location: Northern Ireland
goat wrote:So.... 36 hours later, still no reply from Steam.
Anyone have any experience with how long Steam help takes to get back to people?
I didn't fall for websites infact I basically invited the hacker in for coffee and a footrub as they fooled me into believing they were a steam admin. Got mine back after two weeks, I had to send valve a picture of me with my copy of half life 2
I haven't encountered that one yet, but the people that message me as Steam Admins are amusing. I just keep sending them completely different login details when they ask for them until they give up. Most get the hint after 15 minutes, 1 guy went on for 2 hours trying all the fake logins I could come up with. Glad you got you account back.
- InsaneFool
- Posts: 1443
- Joined: 29 Sep 2008, 10:40
- First Video: How to Talk like a Pirate
- Location: Ajax, Ontario, Canada
- Contact:
I just got one that seemed suspicious through MSN...I got a message from the "Windows LIVE Team" with an e-mail of "[email protected]" saying that I had to click a link and change my e-mail address, or else I'd be locked out of MSN.
I didn't think to grab a pic
I didn't think to grab a pic
Who is online
Users browsing this forum: No registered users and 18 guests