Ray Proudfoot

Warning emails about my Steam account being compromised

Recommended Posts

A couple of months ago when I was using GPS-Z to monitor graphics card performance in P3D I decided to register with GPS-Z so I could supply the data collected and compare my data to others. I completed a registration form and submitted it.

I've now received for the fourth time an advisory email from Steam saying someone using my correct username and password but from another country (KR) is trying to access my account. I have to click a link and supply a Steam Guard code to confirm my authenticity.

This is becoming a pain and quite worrying. How do these low lifes get hold of login info? Is this common-place? I now feel I want to close this account. Is this an easy process?

Share this post


Link to post
Help AVSIM continue to serve you!
Please donate today!

Wow, Ray, real tale of caution. KR sounds like Korea. I may be wrong. Seems like somebody at GPS-Z or elsewhere,compromised your account. Hope you get it sorted.

Share this post


Link to post

Are they just trying to access your account, or succeeding in accessing your account? If they're just trying, then they're probably not getting past your password, but you might be happier about things if you change to a more secure password. If they are succeeding, again, change your Steam password to a more secure one and if you have been changing your password, and they are succeeding in gaining access, then change your e-mail account password for a more secure one (it may have been compromised) and also run a full anti-malware scan on your PC. Someone may have slipped a keylogger in under your radar.

Share this post


Link to post

I'm getting these too. I'm just deleting them. Perhaps a password change would be a good idea.

Share this post


Link to post

I never click on ANY link from an e-mail. It could be a phishing trap to get your information. I delete these kinds of e-mails

Bill Davis

  • Upvote 1

Share this post


Link to post
9 minutes ago, wwdavis said:

I never click on ANY link from an e-mail. It could be a phishing trap to get your information. I delete these kinds of e-mails

Bill Davis

Same here.  I don't click the link provided in any email.  I delete the email, then go directly to the website where the alleged problem occurred and reset my password.

  • Upvote 1

Share this post


Link to post

Thank you all for your replies. Doesn't sound like any of you have a Steam account. If I'd known this was mandatory when supplying and receiving GPU-Z data I wouldn't have bothered.

These are genuine emails as they include data which allows me to gain access to my account. I have changed my password but should this happen again I will post on the Steam forums and complain very loudly.

Yes, I also came to the conclusion that KR is Korea. I've also had emails saying the source was Ukraine. All very dodgy.

@Holdit, no they didn't access my account because presumably Steam checks the IP address and a different country to mine would not permit access.

I've chosen a totally random set of letters and numbers now for the password. If I receive any more emails from Steam it suggests they have a culprit providing this data to undesirables.

Share this post


Link to post
12 minutes ago, Ray Proudfoot said:

Doesn't sound like any of you have a Steam account.

I do have a Steam account, using FSX-SE and I have not had any account flags each time I start FSX-SE, other than that Steam was updating itself, Ray.

  • Upvote 1

Share this post


Link to post

I do have a Steam account, but I can't remember any hacking attempts. I have had them on my GMail account, though, but they are just attempts. It happens.

Wwdavis' advice about e-mail links is spot on. Likewise, if you receive an invitation to log into your <whatever> account via a form in an e-mail you should always decline to do so, and instead log in via your usual route. Such e-mails are often just a credential-harvesting phishing expedition.

 

Share this post


Link to post
1 minute ago, Holdit said:

GMail account

In fact, Gmail are superlative at letting account-holders know when a Gmail account has been accessed, even if it is the very same account-holder via non-default IP address, e.g. somebody else's wi-fi network.They are to applauded on this score. However, all is not that rosy in their garden as I get sent so much Spam mail, and not from any sites I have ever visited. So, do wonder if Google farms out email addresses to garner advertising revenues?

Share this post


Link to post
2 minutes ago, Holdit said:

I do have a Steam account, but I can't remember any hacking attempts. I have had them on my GMail account, though, but they are just attempts. It happens.

Wwdavis' advice about e-mail links is spot on. Likewise, if you receive an invitation to log into your <whatever> account via a form in an e-mail you should always decline to do so, and instead log in via your usual route. Such e-mails are often just a credential-harvesting phishing expedition.

 

Looks like I'm in a minority here then. I don't have FSX:Steam. I'm now with P3D moving from FSX:SP2.

I understand your advice about not clicking on the link in an email but given it does include a validation code which then gives me access to my login page on the genuine Steam platform it appears genuine. I don't click on any unsolicited emails. Mailwasher Pro is excellent for guarding against spam and dangerous mail.

Share this post


Link to post
3 minutes ago, vc10man said:

In fact, Gmail are superlative at letting account-holders know when a Gmail account has been accessed, even if it is the very same account-holder via non-default IP address, e.g. somebody else's wi-fi network.They are to applauded on this score. However, all is not that rosy in their garden as I get sent so much Spam mail, and not from any sites I have ever visited. So, do wonder if Google farms out email addresses to garner advertising revenues?

Yep, as we speak I just had an e-mail from them confirming that my daughter has logged in on her Android tablet. :smile:

I can't say for sure about the spam, because my GMail account also hoovers up mail from an old e-mail account that I used once upon a time to register an Internet domain name. Boy did that open up the spam floodgates... Still GMail does a great job of sending to the spam folder, so it doesn't bother me.

 

Share this post


Link to post
1 minute ago, Holdit said:

Still GMail does a great job of sending to the spam folder,

Yes, fully concur it does that, but I find that despite setting the Spam filters to delete, it still places them in the Spam label/folder, instead of just deleting them. Then I have to clean the Spam folder manually.

Share this post


Link to post
9 minutes ago, Ray Proudfoot said:

Looks like I'm in a minority here then. I don't have FSX:Steam. I'm now with P3D moving from FSX:SP2.

I understand your advice about not clicking on the link in an email but given it does include a validation code which then gives me access to my login page on the genuine Steam platform it appears genuine. I don't click on any unsolicited emails. Mailwasher Pro is excellent for guarding against spam and dangerous mail.

Yes that's fine, After reading your first post I did a quick search through my mail for Steam account-related messages and I found a few of those with the validation code. They are fine. If ever in doubt, hover your mouse pointer over the link, and the target address will appear in the bottom left-hand corner of your browser. If you see an IP address instead of the domain you're expecting, be very careful.

Your policy regarding e-mail clinking is a wise one. Part of my job is to train (mostly non-technical) users in good security practice, and I stress the e-mail link warning several times, but still I get the occasional call "Um...I've just clicked on a link in an e-mail/opened an attachment and I think it might be dodgy.."

  • Upvote 1

Share this post


Link to post

I've written to Steam Guard support detailing my experiences since opening the account. Let's see what they say. The only personal info they have about me is my email address. I haven't applied for a forum account as they requires more personal info.

Share this post


Link to post
15 minutes ago, Holdit said:

If you see an IP address instead of the domain you're expecting, be very careful.

Superb piece of advice. Kudos to you, sir.

Share this post


Link to post
18 minutes ago, Holdit said:

Um...I've just clicked on a link in an e-mail/opened an attachment and I think it might be dodgy.."

I've lost count the number of times I have had those calls too!!

Share this post


Link to post
3 hours ago, Ray Proudfoot said:

I've now received for the fourth time an advisory email from Steam saying someone using my correct username and password but from another country (KR) is trying to access my account. I have to click a link and supply a Steam Guard code to confirm my authenticity.

This link might be of interest https://steamcommunity.com/discussions/forum/1/392184491304466429/

Here is an example as to how easy it is to collect data from you and get the actual username/password - https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/.  The same type of operation might have been used by someone evil to gain access to your account information.  I think Steam and Google are major targets as they have huge accounts worldwide.

I got hit back around 1994 when I set up a gaming account on Steam when Steam was just starting up.  Less than a day after signing up and providing them my credit card info, I got a call from my credit card company (from a real human, today a computer will call) who stated someone was charging $50 a pop for games using my credit card and wanted to know if that was me.  It was not.  The credit card company stopped the transactions and sent me a new credit card.  I'm positive Steam has gotten more secure over the years but it left a bad taste in my mouth knowing how easy and how fast my account was compromised.  So I am not a current Steam user.  Now I see they have Steam Guard.  I suspect this is their security system?  Or is this added security you can get?

2 hours ago, Ray Proudfoot said:

no they didn't access my account because presumably Steam checks the IP address and a different country to mine would not permit access.

I doubt Steam checks IP addresses as IP addresses are, for the most part useless for identification anymore.  ISP's change IP addresses at their whim, even static accounts.  I am fighting many spammers and former members who are trying to gain access to AVSIM as their IP address is not showing up as their real IP or location in the world.  The IP addresses may indicate they are from California, NYC, somewhere in Europe, etc., but in fact the individual users are from Russia, Mexico, Ukraine, etc., where many spammers reside.  The IP address they use is very clean and does not show they used the address for spamming as they know website owners use IP's to identify spammers.  But, when they gain access, you suddenly find out they are spammers. 

A better security check would be your cookie.  Steam places a cookie on your system to identify some info about you when you logon and everytime you logon.  If no cookie or the cookie info is not correct, then Steam's computer balks.  An IP address might be part of your cookie though.

I use Malwarebyes as it blocks any information going from my computer to known spammers or bad websites.  Windows 10 Defender is doing a very good job too and I think they are even better than Malwarebytes.  They block any info leaving your computer to known spamming or phishing websites.  I use to check my Malwarebytes logs to see why something was blocked and the IP address to where it was going was to Russia or the Ukraine.

Best regards,

Jim

Share this post


Link to post

Thanks for all that info Jim. I have deauthorized any other device other than my laptop but it advised none were authorized, good. Just my laptop.

Because I do home banking I'm very wary of what I click and what websites i visit. I have Avast installed and that seems to do a reasonable job. But I'm email savvy so never click on links unless I'm certain the source is bona fide.

No reply from Steam yet. Given I don't have an account with them so no credit card details are provided I'm not sure what if any damage a hacker could do. Just circulate my email address around the world I suppose.

I run CCleaner each evening which removes all cookies except the ones I choose to keep. Like this place for example.

I'll keep you posted on anything back from Steam. They really should give you the options to delete an account.

Share this post


Link to post

It's funny you mention this Ray, cos I got a similar email yesterday. However, it was sent to my secondary email address. This is NOT the email I use for my Steam account. I would of thought that if someone was trying to hack my account, I would get an email to my primary email account? As far as I'm aware my secondary email is not affiliated with my Steam account.

 

Which leads me to believe that this is all a scam, and nothing to do with Steam at all.

Share this post


Link to post

Neil,

I'm not sure how it can be a scam when the email comes from noreply@steampowered.com. That is a genuine Steam address.

Still not heard back from them. Unless I hear by 09:00 tomorrow morning they will be getting a reminder. I detest these places where it's easy to register but not to de-register. :rolleyes:

Share this post


Link to post
4 minutes ago, Ray Proudfoot said:

I detest these places where it's easy to register but not to de-register. :rolleyes:

I echo that too:angry::angry::angry:

Share this post


Link to post
7 minutes ago, Ray Proudfoot said:

If you search for Steam account removal it points to this address. http://store.steampowered.com/ssa_feedback

I have sent a request. Let's see what happens.

I have never found Steam's Support or Administration to be all that helpful. They generally fail to respond to any tickets. That's one of the reasons I never visit their Forums.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now