My Steam account was Hijacked.


Recommended Posts

It reminds me of the xbox RROD, we talk about it, but never think it would happen to you.

Today I was just browsing the net when steam popped up a box saying it lost connection and my credentials needed to be re-entered. So I did, but the password was wrong. I didnt think much of it since I usually get my passwords confused but before I could try again, I got an email from steam saying:

This email message confirms that your Steam account contact email address has been successfully changed. We are sending this notice to ensure the privacy and security of your Steam account. If you authorized this change, no further action is necessary. If you did not authorize this change, or if you need additional help with your account, please follow this link to the Steam Support site and submit a request for assistance:

With alarm bells ringing in my head I knew I was ****ed. I have created a ticket with them and see how it goes but Im posting this because their account security is ass.

In World of warcraft, if you want to change your email address it sends an email to that address asking for CONFIRMATION, it doesnt just change it. Whats worse is the email doesnt even say what it was changed to. Of course, I cant retrieve my account information because it sends it to the "new" email address which some **** has now got. I don't know what damage is being done to my account at the moment nor how long it will take for them to respond.

Link to comment
Share on other sites

They should be able to fix it for you, they'll check the IP's and reset it.

Use a stronger password and a less obvious secret question/answer next time champ! Good luck, and I hope its resolved quickly!

Link to comment
Share on other sites

They should be able to fix it for you, they'll check the IP's and reset it.

Use a stronger password and a less obvious secret question/answer next time champ! Good luck, and I hope its resolved quickly!

I don't think that always helps. If anyone can guess my password I'd be VERY surprised. I've had my account hacked before too. I managed to change the password to something different before they did anything and I haven't had any problems since but I was very, very surprised.

Link to comment
Share on other sites

They are usually pretty good with this, i had my account hacked before all i had to provide was proof that i owned the account so they ask for example what card did i use to pay or the transaction id from my paypal account for a game i bought. I got my account back fine.

Link to comment
Share on other sites

unlucky hopefully you recover it

They should be able to fix it for you, they'll check the IP's and reset it.

Use a stronger password and a less obvious secret question/answer next time champ! Good luck, and I hope its resolved quickly!

its possible he had some form of keylogger installed or visited a bad website

Link to comment
Share on other sites

Happened to me ages ago.

Nothing happened, I just lost all my games and that was that. I think I had Half-Life 2 and Counter Strike Source on there so no big loss but pretty infuriating.

Link to comment
Share on other sites

its possible he had some form of keylogger installed or visited a bad website

Agreed, it might have just been that!

I've never had any of my accounts hacked. *touches wood* lol

Link to comment
Share on other sites

Maybe its because I'm feeling angry at the moment :p but I can't help but feel for a company who takes money for games and stores all your games, that there should be better security in place. something simple like only changing a contact email address if I can validate it from that email, like WoW does. Just seems too easy to change details without many barriers to overcome.

I think I also know how they gained access. It wasnt an easy password or secret question, it was a programme I downloaded. My own stupidity has caught up with me. Heres hoping its all fixed.

One more thing, since I can't gain access to my account, can anyone tell me just how much information can been seen from a steam account? As in addresses, card details, etc. Im worried what they can do with my account. Can games be removed?

Link to comment
Share on other sites

Not sure can you buy games if you had a credit card attached to it? or do you need to enter it in each time?

I can't really see much on the steam app that would be dangerous to leave but i'm not sure about their homepage

Link to comment
Share on other sites

Was it actually Steam popped with that message, or you just entered your account details in some random window that you saw in a website?

Steam only asks for the account password only in the login window.

I guessit was just another of them "Download Free Antivirus" ads, that were just a virus in itself. Would tell you had entered incorrect password, no matter what the password was (correct or not).

Link to comment
Share on other sites

Happened to me once, not sure how it happened, i contacted support though and then reset my account back so i had access to it :)

I had to send them pictures of my HL2 box and stuff lol.

There i was thinking a 14 char alphanumeric password would have been strong enough, silly me :p

Link to comment
Share on other sites

That's what got you. It was not steam that got you, was a fake java or flash in a site. I've seen alot of these on my iPod Touch, but with windows update instead of steam. No matter how strong you put your pw to it won't matter cause you gave it to them basically

Today I was just browsing the net
Link to comment
Share on other sites

Agreed, it might have just been that!

I've never had any of my accounts hacked. *touches wood* lol

There's a difference between having an account "hacked"... which is not what happened in this case.

And having someone socially engineer your password from you, or you downloading some type of malware on to your system that logged your keys.

Link to comment
Share on other sites

yeah, I'm sure very few people have their password guessed. as long as you have a good password like a 14 digit alpha numeric one like colin said then you're only going to lose your password from malware or giving it away.

Link to comment
Share on other sites

I think having a cryptic password is also a security risk (if someone is keylogging you and sees this complexed message theres going to be a good chance that its your password so they'll take it)

i reckon people should start using different passwords to throw off potential key loggers e.g.

password: "Hey, how are you today?"

will seem like normal chat log and its long :p :laugh:

Link to comment
Share on other sites

Rule of thumb, don't go putting in your steam info on any website.... I can't think of a single web site that ever would need or even ask for it.....

If you downloaded something.... stop hacking ... or stop downloading pirated software from unknowns.

Unless there is someone out there just running emails and password bots that try every possible combo, it is usually the users fault for their account being stolen.

Strong passwords wont help if the person is stupid enough to give their info out.....

Link to comment
Share on other sites

i got my steam account hijacked 1 month ago. The guy changed all informations on it including the city he was in, which was los angeles ...

I got my account back very easily by creating a support ticket on steam website.

my

And guess what, I didn't lose any game, I got Left 4 Dead free ... ahaha with all my half-life 2 and half-life packages. Guess I was lucky to get a free game.

I checked in the history, and someone gifted the account with Left 4 Dead.

All ended well for me.

Link to comment
Share on other sites

Is it really that hard to tell it's a scam? Every Steam Friends message window blatantly states:

Never tell your password to anyone.

In bold, underlined letters.

You say Steam needs to implement more security measures to prevent things like this from happening, well you know, a lot of it lies in the hands of the user. Cross your fingers the hijacker doesn't VAC ban your account.

Account Security Recommendations

Link to comment
Share on other sites

Is it really that hard to tell it's a scam? Every Steam Friends message window blatantly states:

Never tell your password to anyone.

In bold, underlined letters.

You say Steam needs to implement more security measures to prevent things like this from happening, well you know, a lot of it lies in the hands of the user. Cross your fingers the hijacker doesn't VAC ban your account.

Account Security Recommendations

Exactly, no amount of prevention set up by Valve will stop someone from taking your account when you are giving them your information.

Link to comment
Share on other sites

what do you mean ?

As in, from the moment you put the ticket in, how long did it take to get a resolution?

And in regard to the password comments, I never gave out any information to any dialog box or false website. Steam was just running in my tray as it has been for weeks, In fact the last time I logged into it was a month ago when I first installed Win7. So apart from the steam application itself telling me I have to input my password, I have not input my password anywhere else. The only other cause is a programme I downloaded, but how can a programme obtain my password from the steam files? Because that I can assure you is the only way it could have happened as I havent typed my password in any dialog box for steam in about a month. I have since done a full scan and changed all my passwords. And my comment about security, allow me to clear that up, I'm just surprised that for a site which takes my money and stores my games and details, I thought they would want a little more security from someone before changing their email address.

Link to comment
Share on other sites

It only took 2 days to get my account back.

Btw, to all the others saying don't give out your password .. what are you thinking,

do you really think i gave someone my password. At the time i was running Windows 7 RC x64 for a week

and I know for sure I didn't giveaway anything or my computer got compromised.

I've seen some widespread steam account hijacking in the past few months.

Link to comment
Share on other sites

The only other cause is a programme I downloaded, but how can a programme obtain my password from the steam files?

Really? Did you pay for it? Because you'd be amazed at what illegally downloading progs/apps/warez can bring about. Be thankful your bank/paypal account weren't compromised as well.

Link to comment
Share on other sites

It only took 2 days to get my account back.

Btw, to all the others saying don't give out your password .. what are you thinking,

do you really think i gave someone my password. At the time i was running Windows 7 RC x64 for a week

and I know for sure I didn't giveaway anything or my computer got compromised.

I've seen some widespread steam account hijacking in the past few months.

You would be surprised at how many people actually do give out their passwords... this coming from a guy who did xbox live tech support for 2 years.. trust me, people are generally stupid with stuff like this.

It comes from people playing online, thinking they made a friend, giving out too much info, and boom , stolen.

It also comes from tards who think a website can unlock or give them something, they put in their info, and stolen.

As he mentioned, he pirated some software, which is normal to come with trojans and key loggers. Valves protection could not have stopped his stupidity from leaking info. As goes for most.

Hopefully you do get it back, and hopefully you have learned your lesson. This is the chance you take with digital purchases. If you are not more careful, you can only be expected to have it lost after some time.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.