Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
1 
Report this post
Steam support will only ever contact you via, guess what? The built-in steam support messaging system (Help - Steam Support). Moreso, that messaging system will never get blocked, even if you are banned or if your account is restricted. Which means, if you are ever in doubt, send them a message, and wait for the OFFICIAL answer.
This 100 % on the user, not steam, not valve.
-----------------------------------------------------------------------------------------------------------
Things to avoid
-----------------------------------------------------------------------------------------------------------
1. Steam Agent -- no such thing exists. Valve will not contact you outside of a yellow/red notification bar in your Steam client. The only exception is when they are emailing multiple people about a very specific issue. Valve will never contact you through Discord, Twitter, Facebook, Steam Chat, etc.
2. Steam needs to verify that I am the owner of my account. -- When Steam support needs to do that, it will be in direct response to a question you have sent them or as asked for via a red notification in your Steam client, and they will tell you specifically what they need to prove ownership.
3. I asked for a legit proof so I received e-mail with some issue number. -- Steam support will not email you when asking for proof of ownership. This is done entirely via the ticket system.
4. I was told that I need to accept all my cs2 items trade to a temporary account. -- Valve will never ask you to do this. This is a classic trading bot scam. These items are lost forever. Steam support will not return them.
5. I was told my items would return by Thursday, 05.06 -- Again, classic scam. You were given a date so they had more time to get away with it.
6. Yesterday I wrote to Steam support and I see now, that my Question was closed with no answer. -- This is an indicator that the person who scammed has direct access to your account.
7. Any offsite skin / item trade sites.. they are scammers. any non steam website that you use and login with your steam credentials is a bad place...
------------------------------------------------------------------------------------------------------------
Steam's scam FAQ with some help on what to look out for:
https://help.steampowered.com/en/faqs/view/70E6-991B-233B-A37B
All scam methods explained!
https://gtm.steamproxy.vip/sharedfiles/filedetails/?id=784477482
How to recover:
Accounts are phished not hacked.
You gave away all your account details.
The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.
How? by either logging into a known scam site or any off steam item sell sites, fake steam log-in websites, or by tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.
How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.
The alternative is not plausible:
1) Someone would have to "GUESS" your account name from "millions of possible combinations".
2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".
3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.
--------------------------------------------------------------------------------------------------------------------
Your account was phished / hijacked. Follow steps 1- 8 to secure your account:
1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://gtm.steamproxy.vip/dev/apikey (there should be nothing in the APIKEY)
7. Make sure your steam recovery email account is secure and still accessible.
8. Do a PW reset to recover any steam points spent in last 14 days.
Steam will NOT return lost funds or Items.
If any lost items are from a Trade Protected game, you might be able to recover them. See:
https://help.steampowered.com/en/faqs/view/365F-4BEE-2AE2-7BDD
------------------------------------------------------------------------------------------------------------------------
Because you were phished on your computer. They grabbed the session token from that 30 second 2fa code, along with your login info. that is the only way. with all 3 parts of the key, they could use that at any time to log in as you, since they had the 2fa session token code, steam thinks it is you.
The only way to get all 3 parts of the key is from your computer, you were phished.
To begin a account recovery (Lost / Stolen) Follow these steps:
https://gtm.steamproxy.vip/discussions/forum/7/601905007519865294/?tscn=1747857836
------
Thank you for your concern Alex. I get that.I hope this will never happen to you. I already did message them, a couple of times. I figured how compromised the account was. It has been closed twice almost after I have submitted them. So, this is more of a warning, sharing of experience.
I was just thinking that if I have exhausted everything on my end, security from the platform should be equally the same. First time encountering, an API attack if this is what it is.
I don't know how challenging it is for Steam to add a simple detail as preventing users to add Valve or Steam Support on their usernames or create a badge that cannot be duplicated for an easier check. This is something that has been floating around, I have checked. I am imagining there is some space for their Continuous Improvement team to look at.
It's always an arms race between scammers and security measures. Since ancient times, I would guess. Have you heard the tale of Ea-Nasir, the Babylonian copper merchant?
This part is actually very simple. Disregard ALL such claims. Every single one. On principle. Don't even think twice about it, just block&report those bastards right away. No actual moderator will sport such "markings", and they won't contact you through anything but the official messaging system.
Hi PCKirk,
This is a fantastic and very thorough breakdown of the scams. I completely agree with your points about how these attacks work and the steps users should take to recover. I did take the necessary steps prior to posting.
It's also worth considering that security isn't just a matter of user vigilance. My items were taken but my account was not locked. While it was happening, the profile was locked not the account. I understand that this can a layered social engineering that includes a zero-day malware or a fileless malware that could have exploited a vulnerability within the Steam platform. We wouldn't know for sure, we aren't the Security Team for Steam.I am not sure how they did the Profile locking from within the actual platform.
Your post intrigued me, aside from the fileless malware, would you know if there's another way to bypass the security without a Steam Guard Code or downloading from a link? I needed to confirm the trade from my phone. That actually sparked my curiosity, if confirmation is just what they need, why have a malware? No link was shared until the transaction was done. The link was to a random game's EULA on Steam, legit link. To be fair, when I confirmed, it gave me an error. All of these were done within the platform, not the website. If you are interested, I can share the same screenshots, I shared with the support team.
In the last 12 years, this is the first time this happened. Painful lesson to learn but totally avoidable not just on the user's end but also Steam's. If there's a safe place where people can share what happened to them without judgement, that will help them move forward. Stages of grief will still come to play.
"This wasn't a phishing link. I never clicked anything. The scam started with a fake Steam Support account (Alisa [VALVE Support]) messaging me last Saturday night, claiming my account was frozen due to a fraud report. "
NEVER follow instructions to speak with someone claiming to represent Steam Support through Discord or any other chat system, even if they come from a friend's account or claim to be able to resolve a false report.
https://help.steampowered.com/en/faqs/view/6639-EB3C-EC79-FF60
Scam: I Have Been Reported and Will Be Banned
Any claim that you've been accidentally or falsely reported for fraud or any other infraction is a scam. Do not follow any instructions provided by anyone claiming to have accidentally reported your account.
https://help.steampowered.com/en/faqs/view/3195-9FFB-BA06-F25B
STEAM SUPPORT DOES NOT CONTACT USERS THIS WAY. EVER.
Hi Alex,
Thank you for that. It is a hard lesson to learn. I do understand, it is a layered attack. I was suppose to block the person if I didn't check on my actual profile. The account wasn't lock, the profile was. My avatar literally was a question mark when they messaged. I can't even click on my friends's list. No, I wasn't given a link, it was just an inkling to check my profile and that person's profile. The only link on my profile was a legit Steam Community Guideline link. The only link that was shared was already after the transaction which was a EULA for a different game. It is also within Steam.
To be honest, I don't know how they locked the profile. I wasn't given a link, a steam guard code was not asked. After seeing my profile locked, that's when panic set in. I wish it was that straight forward. I would say, that was a pretty strong show, they had a visual.
Thank you for that. We'll keep this here for other users. If you are interested in what exactly happen, please let me know.
It is on Steam Chat not on Discord.
Old scam. Really old.
Ever.
Valve employees will never communicate with you about your account using any chat system including Steam Chat and Discord. The only way you can speak with a Steam Support agent about your account is through the Steam Support Help Site. There's no situation in which you'd need to reach out to a Valve or Steam employee directly to resolve an issue.
https://help.steampowered.com/en/faqs/view/3195-9FFB-BA06-F25B
https://help.steampowered.com/en/
Steam Support
Did you do all of the steps?
Your account is compromised.
DO NOT TRADE ANY ITEMS OR YOU WILL LOSE THEM.
Steps to take NOW:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a trusted/clean computer.
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://gtm.steamproxy.vip/dev/apikey (there should be nothing in the APIKEY)
Please review how you are logging into Steam, you somehow gave away your log-in information. This could of been due to the computer being compromised and redirecting to a fake log-in, or you using a third party site to log in to Steam.
Once you are sure you have regained control, you can start trading again. Please triple check any trades you make to be sure they are going to the correct account.
After you have secured the account, please edit your profile back to normal, if it was altered by the hijacker/scammer.
You want Valve to "beef up their security" when you, by your OWN words "paniced" and gave a random user your account login info AND Steam Guard codes?
Valve explains it concisely in the Steam Subscriber Agreement:
You are responsible for the confidentiality of your login and password and for the security of your computer system. Valve is not responsible for the use of your password and Account or for all of the communication and activity on Steam that results from use of your login name and password by you, or by any person to whom you may have intentionally or by negligence disclosed your login and/or password in violation of this confidentiality provision.
https://store.steampowered.com/subscriber_agreement/
EDIT:
Valve will no longer return items lost in Steam trade scams.
"We sympathise with people who fall victim to scams, but we provide enough information on our website and within our trading system to help users make good trading decisions," Valve's updated Steam Trading Q&A states.
"All trade scams can be avoided."
Eurogamer 2015
The negligence was on your part. Not Valves'
There is TONS of info on what to do and not do BUT Valve CANNOT protect users from themselves.
Hi,
Thank you for your concern. Just to clarify:
-I never gave out any Steam Codes,
-nor I clicked on any links. Do you want the screenshot?
-My account was not locked just the profile while the whole thing was going on.
-My avatar was a question mark the moment they message me. I cannot click on my friends' list.
-I said, I PANICKED when I saw my profile locked. There was a visual. I do not know how they did that. Did they trigger a Community Ban? I don't know.
I am not sure when my account was compromised. I went back to check if there were any unusual login requests through the email, there was none for the last 6 months.
As I said in the beginning, this is a post as a warning. If it inspires anything for security, it is a win for all of us.
I checked, the moderators in the Forum have a VALVE logo beside their names, not just on their profile. I think, that can be a good deterrent if it can be done.