Warning emails about my Steam account being compromised

[vc10man 732]

15 minutes ago, Holdit said:

If you see an IP address instead of the domain you're expecting, be very careful.

Superb piece of advice. Kudos to you, sir.

[vc10man 732]

18 minutes ago, Holdit said:

Um...I've just clicked on a link in an e-mail/opened an attachment and I think it might be dodgy.."

I've lost count the number of times I have had those calls too!!

[Jim Young 2,356]

3 hours ago, Ray Proudfoot said:

I've now received for the fourth time an advisory email from Steam saying someone using my correct username and password but from another country (KR) is trying to access my account. I have to click a link and supply a Steam Guard code to confirm my authenticity.

This link might be of interest https://steamcommunity.com/discussions/forum/1/392184491304466429/

Here is an example as to how easy it is to collect data from you and get the actual username/password - https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/.  The same type of operation might have been used by someone evil to gain access to your account information.  I think Steam and Google are major targets as they have huge accounts worldwide.

I got hit back around 1994 when I set up a gaming account on Steam when Steam was just starting up.  Less than a day after signing up and providing them my credit card info, I got a call from my credit card company (from a real human, today a computer will call) who stated someone was charging $50 a pop for games using my credit card and wanted to know if that was me.  It was not.  The credit card company stopped the transactions and sent me a new credit card.  I'm positive Steam has gotten more secure over the years but it left a bad taste in my mouth knowing how easy and how fast my account was compromised.  So I am not a current Steam user.  Now I see they have Steam Guard.  I suspect this is their security system?  Or is this added security you can get?

2 hours ago, Ray Proudfoot said:

no they didn't access my account because presumably Steam checks the IP address and a different country to mine would not permit access.

I doubt Steam checks IP addresses as IP addresses are, for the most part useless for identification anymore.  ISP's change IP addresses at their whim, even static accounts.  I am fighting many spammers and former members who are trying to gain access to AVSIM as their IP address is not showing up as their real IP or location in the world.  The IP addresses may indicate they are from California, NYC, somewhere in Europe, etc., but in fact the individual users are from Russia, Mexico, Ukraine, etc., where many spammers reside.  The IP address they use is very clean and does not show they used the address for spamming as they know website owners use IP's to identify spammers.  But, when they gain access, you suddenly find out they are spammers. 

A better security check would be your cookie.  Steam places a cookie on your system to identify some info about you when you logon and everytime you logon.  If no cookie or the cookie info is not correct, then Steam's computer balks.  An IP address might be part of your cookie though.

I use Malwarebyes as it blocks any information going from my computer to known spammers or bad websites.  Windows 10 Defender is doing a very good job too and I think they are even better than Malwarebytes.  They block any info leaving your computer to known spamming or phishing websites.  I use to check my Malwarebytes logs to see why something was blocked and the IP address to where it was going was to Russia or the Ukraine.

Best regards,

Jim

[wwdavis 44]

I do have a Steam account.

 

Bill Davis

[Ray Proudfoot 8,931]

Thanks for all that info Jim. I have deauthorized any other device other than my laptop but it advised none were authorized, good. Just my laptop.

Because I do home banking I'm very wary of what I click and what websites i visit. I have Avast installed and that seems to do a reasonable job. But I'm email savvy so never click on links unless I'm certain the source is bona fide.

No reply from Steam yet. Given I don't have an account with them so no credit card details are provided I'm not sure what if any damage a hacker could do. Just circulate my email address around the world I suppose.

I run CCleaner each evening which removes all cookies except the ones I choose to keep. Like this place for example.

I'll keep you posted on anything back from Steam. They really should give you the options to delete an account.

[nealmac 260]

It's funny you mention this Ray, cos I got a similar email yesterday. However, it was sent to my secondary email address. This is NOT the email I use for my Steam account. I would of thought that if someone was trying to hack my account, I would get an email to my primary email account? As far as I'm aware my secondary email is not affiliated with my Steam account.

 

Which leads me to believe that this is all a scam, and nothing to do with Steam at all.

[Ray Proudfoot 8,931]

Neil,

I'm not sure how it can be a scam when the email comes from noreply@steampowered.com. That is a genuine Steam address.

Still not heard back from them. Unless I hear by 09:00 tomorrow morning they will be getting a reminder. I detest these places where it's easy to register but not to de-register.

[vc10man 732]

4 minutes ago, Ray Proudfoot said:

I detest these places where it's easy to register but not to de-register.

I echo that too

[Ray Proudfoot 8,931]

If you search for Steam account removal it points to this address. http://store.steampowered.com/ssa_feedback

I have sent a request. Let's see what happens.

[vc10man 732]

7 minutes ago, Ray Proudfoot said:

If you search for Steam account removal it points to this address. http://store.steampowered.com/ssa_feedback

I have sent a request. Let's see what happens.

I have never found Steam's Support or Administration to be all that helpful. They generally fail to respond to any tickets. That's one of the reasons I never visit their Forums.

[Luke 782]

24 minutes ago, Ray Proudfoot said:

I'm not sure how it can be a scam when the email comes from noreply@steampowered.com. That is a genuine Steam address.

Origin email addresses provide no guarantees of authenticity. I can generate emails that come from that address.

Cheers!

Luke

[Ray Proudfoot 8,931]

7 minutes ago, Luke said:

Origin email addresses provide no guarantees of authenticity. I can generate emails that come from that address.

Cheers!

Luke

Okay but please explain how I can only gain access using the 5 digit code in the email?

Reading through a few posts it appears that if you haven't made any purchases or posted in a forum your account will be closed after a certain period of time.

I'm going to change my password to one that could never be guessed and if I get emails saying the account has been compromised then the only way that could happen is if a Steam employee is selling them or it's a glitch in their system.

[vc10man 732]

Purchases over what period, Ray? I have not bought anything much from them other than FSX-SE, and a couple of sceneries.

[Ray Proudfoot 8,931]

6 minutes ago, vc10man said:

Purchases over what period, Ray? I have not bought anything much from them other than FSX-SE, and a couple of sceneries.

Rick,

It's only if you haven't made any purchases they will close it. Even one complicates things.

[lodestar 186]

I'm receiving a spam regularly - offers, phishing emails etc. I was able to track some of them. If you are absolutely sure they are from Steam, just talk to them. I do have an email linked to my virtual Visa card, becouse of this. This is where i receive all that spam, and i don't bother with it