Compromised OOer Steam Account Reporting Thread

Discuss site matters here

Moderators: FishPants, ooRip

User avatar
Lassr
Posts: 16969
Joined: Wed Oct 13, 2004 10:51 am
Location: Rocket City (AL)
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Lassr »

Alefroth wrote: Thu Dec 09, 2021 4:11 pm Now jaddison80
yep. although I never got a reply to my reply so his account may be locked now.

Nevermind, he just replied, must not be a bot this time. Reported him.
The only reason people get lost in thought is because it's unfamiliar territory.

Black Lives Matter
User avatar
Alefroth
Posts: 9252
Joined: Thu Oct 14, 2004 1:56 pm
Location: Bellingham WA

Re: Compromised OOer Steam Account Reporting Thread

Post by Alefroth »

Lassr wrote: Thu Dec 09, 2021 4:15 pm
Nevermind, he just replied, must not be a bot this time. Reported him.
Ditto
User avatar
Carpet_pissr
Posts: 20793
Joined: Thu Nov 04, 2004 5:32 pm
Location: Columbia, SC

Re: Compromised OOer Steam Account Reporting Thread

Post by Carpet_pissr »

You guys sound pretty sure that it's not really Jaddison having a bit of fun with us and pretending to be a tricksy bot!
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Carpet_pissr wrote: Thu Dec 09, 2021 4:35 pm You guys sound pretty sure that it's not really Jaddison having a bit of fun with us and pretending to be a tricksy bot!
Anything's possible.

But then, given that the advice I gave above is to get the person's account locked, after which Steam's investigation would show what actually happened, likely resulting in a permanently blocked account... that would be rather risky.
What doesn't kill me makes me stranger.
User avatar
dbt1949
Posts: 25953
Joined: Wed Oct 13, 2004 12:34 am
Location: Spiro Oklahoma

Re: Compromised OOer Steam Account Reporting Thread

Post by dbt1949 »

Just on the odd chance anybody wants to contact me on Steam chat I'm here to say it ain't happening.
Ye Olde Farte
Double Ought Forty
aka dbt1949
User avatar
Daehawk
Posts: 65710
Joined: Sat Jan 01, 2005 1:11 am

Re: Compromised OOer Steam Account Reporting Thread

Post by Daehawk »

naughty Steam boys
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Daehawk
Posts: 65710
Joined: Sat Jan 01, 2005 1:11 am

Re: Compromised OOer Steam Account Reporting Thread

Post by Daehawk »

Harkonis is the latest member.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Teggy
Posts: 3933
Joined: Fri Oct 15, 2004 10:52 pm
Location: On the 495 loop

Re: Compromised OOer Steam Account Reporting Thread

Post by Teggy »

Daehawk wrote: Sat Jan 06, 2024 7:32 pm Harkonis is the latest member.
LOL yup, just came to report this.
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Reminder: The first post has steps for responding to the problem. It is not necessary to unfriend him, and it is best if you do not communicate with the scammer (it will result in them unfriending you so you can't report them as compromised.) Seriously - if you get a message, report the account ASAP. The quicker people report it, the quicker it'll be locked, and the less the potential for damage.
What doesn't kill me makes me stranger.
User avatar
Smoove_B
Posts: 56126
Joined: Wed Oct 13, 2004 12:58 am
Location: Kaer Morhen

Re: Compromised OOer Steam Account Reporting Thread

Post by Smoove_B »

I do believe rmcolosimo has been compromised...
Maybe next year, maybe no go
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

rmcolosimo is next up.
What doesn't kill me makes me stranger.
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Missed it by this much.

Very important, since this is going around again: Don't unfriend or block them, but please report them so that their account can be locked before they do more damage. See the first post, or if you're lazy:
Blackhawk wrote: Sun Nov 28, 2021 3:41 pm First, report them. It takes less than a minute. After a few people report them, the account is locked by Steam. That reduces the damage done to the rest of the victim's friends. Here is the process, starting from the person's profile page:
Spoiler:
Image
Image
Image
Image
Second, respond that you know it is a scam if you want to (but again, this may result in them unfriending you, forcing you to look them up again later.) There is no need to block them or unfriend them. They rarely waste time messaging you again once they know you're a failed target - they want to move on to as many people as possible before they are locked out.

Third, post in this thread to warn other OOers.

Bonus community service: Send them a PM on OO, or contact them elsewhere to let them know ASAP that their account is compromised. They'll want to act fast. Then link them to this thread.
What doesn't kill me makes me stranger.
User avatar
Lassr
Posts: 16969
Joined: Wed Oct 13, 2004 10:51 am
Location: Rocket City (AL)
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Lassr »

RMC is hacked also.
The only reason people get lost in thought is because it's unfamiliar territory.

Black Lives Matter
User avatar
Daehawk
Posts: 65710
Joined: Sat Jan 01, 2005 1:11 am

Re: Compromised OOer Steam Account Reporting Thread

Post by Daehawk »

rmcolosimo
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Baroquen
Posts: 4750
Joined: Fri Oct 22, 2004 12:45 pm

Re: Compromised OOer Steam Account Reporting Thread

Post by Baroquen »

Blackhawk wrote: Sun Jan 07, 2024 5:43 pm rmcolosimo is next up.
Can confirm.
User avatar
Zarathud
Posts: 17052
Joined: Fri Oct 15, 2004 10:29 pm
Location: Chicago, Illinois

Re: Compromised OOer Steam Account Reporting Thread

Post by Zarathud »

Definitely rmcolosimo's turn. So funny to get these texts from him
"sup
u can help?
Why are you silent?
u here?"
If you've ever met RMC, you know that's not him.
"A lie can run round the world before the truth has got its boots on." -Terry Pratchett, The Truth
"The presence of those seeking the truth is infinitely to be preferred to those who think they've found it." -Terry Pratchett, Monstrous Regiment
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

I got in touch with him on Facebook - thankfully the OO FB group has a 'who are you' thread.

FYI, I also sent out messages to him via OO and email, just to ensure he knew ASAP.
What doesn't kill me makes me stranger.
User avatar
Lassr
Posts: 16969
Joined: Wed Oct 13, 2004 10:51 am
Location: Rocket City (AL)
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Lassr »

Blackhawk wrote: Sun Jan 07, 2024 5:55 pm I got in touch with him on Facebook - thankfully the OO FB group has a 'who are you' thread.

FYI, I also sent out messages to him via OO and email, just to ensure he knew ASAP.
Great, I did submit a report to Steam also.
The only reason people get lost in thought is because it's unfamiliar territory.

Black Lives Matter
User avatar
RMC
Posts: 6786
Joined: Wed Oct 13, 2004 1:49 pm
Location: Elyria, Ohio
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by RMC »

Sorry everyone, I got hacked. But I fixed it, so please ignore any messages coming from me in chat.
Difficulties mastered are opportunities won. - Winston Churchill
Sheesh, this is one small box. Thankfully, everything's packed in nicely this time. Not too tight nor too loose (someone's sig in 3, 2, ...). - Hepcat
User avatar
RMC
Posts: 6786
Joined: Wed Oct 13, 2004 1:49 pm
Location: Elyria, Ohio
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by RMC »

Zarathud wrote: Sun Jan 07, 2024 5:50 pm Definitely rmcolosimo's turn. So funny to get these texts from him
"sup
u can help?
Why are you silent?
u here?"
If you've ever met RMC, you know that's not him.
Sigh. Thanks, and yeah. Not sure what I did. I had two factor authentication on, but did something I shouldn't have.
Difficulties mastered are opportunities won. - Winston Churchill
Sheesh, this is one small box. Thankfully, everything's packed in nicely this time. Not too tight nor too loose (someone's sig in 3, 2, ...). - Hepcat
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

RMC wrote: Sun Jan 07, 2024 6:09 pm
Zarathud wrote: Sun Jan 07, 2024 5:50 pm Definitely rmcolosimo's turn. So funny to get these texts from him
"sup
u can help?
Why are you silent?
u here?"
If you've ever met RMC, you know that's not him.
Sigh. Thanks, and yeah. Not sure what I did. I had two factor authentication on, but did something I shouldn't have.
The most common cause is that you got a message just like that - or the one in the first post in this thread. It's a carefully designed scheme that makes you think you're logging into Steam, but are actually passing your information on to a third party who uses it to log in. You enter your credentials and hit enter, and they're taking those credentials and trying to log in within milliseconds. If Steam asks for an authenticator, they pass that request to you in an identical popup, and you put in your code, which they pass on to Steam. And the entire process is automated - you hit 'submit' and they've logged into your account, provided your authenticator code, removed the authenticator from your account, and changed the login/password in a matter of seconds.
What doesn't kill me makes me stranger.
User avatar
Bad Demographic
Posts: 7781
Joined: Wed Oct 13, 2004 9:21 am
Location: Las Cruces, NM

Re: Compromised OOer Steam Account Reporting Thread

Post by Bad Demographic »

I (unthinkingly) responded so if you get a steam chat from me, disregard it.
I've changed my steam password - i hope that suffices. (and I sent an OO pm to RMC)
"Those who can make you believe absurdities can make you commit atrocities." Voltaire

Black Lives Matter
User avatar
RMC
Posts: 6786
Joined: Wed Oct 13, 2004 1:49 pm
Location: Elyria, Ohio
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by RMC »

Yeah, I think I got something like that the other day. Darn, I know better. But I have the app on my phone, and usually scan the QR code, I thought that was pretty good at making it hard to hack. But I guess being an idiot is still being an idiot.

So will my account get suspended by Steam? I opened a ticket with them, explaining what happened. Since I had some money in funds that the person who hacked me used to buy some stuff off marketplace.

I did disconnect all devices connected to my account, and changed my password, but my email address and phone connected to the account were still the same.

And just noticed that they blocked all my online friends, so I wasn't getting any messages from anyone. Sigh.
Difficulties mastered are opportunities won. - Winston Churchill
Sheesh, this is one small box. Thankfully, everything's packed in nicely this time. Not too tight nor too loose (someone's sig in 3, 2, ...). - Hepcat
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

So, for clarity for everyone, I followed the link on the attempted scam link RMC sent me (with all of my shields set to maximum, and knowing what part of the process actually compromises the account) just to show what it all looks like:

1. Receive a message like this asking for a vote:

Image

2. Go to a very legitimate looking website:

Image

3. Click on 'Vote' and get a login prompt:

Image

Everything there looks just like a site legitimately logging you in through Steam to use the Steam API. Even the URL at the top is correct (because it isn't actually a URL field, it's just a text field.) I'm not kidding - I logged out of a legitimate site that I use and logged back in. Here's the real one:

Image

And as soon as you sign in to the fake account, they're using the same information to log in to Steam, and then feed you directly back and response Steam gives (like "Enter authenticator code.")
What doesn't kill me makes me stranger.
User avatar
RMC
Posts: 6786
Joined: Wed Oct 13, 2004 1:49 pm
Location: Elyria, Ohio
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by RMC »

Yeah, I did follow that the other day, someone asked me too vote for something, and in a moment of weakness I did it. Sigh.. Never again.
Difficulties mastered are opportunities won. - Winston Churchill
Sheesh, this is one small box. Thankfully, everything's packed in nicely this time. Not too tight nor too loose (someone's sig in 3, 2, ...). - Hepcat
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

RMC wrote: Sun Jan 07, 2024 6:37 pm Yeah, I think I got something like that the other day. Darn, I know better. But I have the app on my phone, and usually scan the QR code, I thought that was pretty good at making it hard to hack. But I guess being an idiot is still being an idiot.

So will my account get suspended by Steam? I opened a ticket with them, explaining what happened. Since I had some money in funds that the person who hacked me used to buy some stuff off marketplace.

I did disconnect all devices connected to my account, and changed my password, but my email address and phone connected to the account were still the same.

And just noticed that they blocked all my online friends, so I wasn't getting any messages from anyone. Sigh.
Steam may still lock it, but only until they confirm it's you.

If you were able to change the password, then that's good news - this new team may only be using part of the toolbox that the old one was. The old one would have changed it within seconds (or maybe Steam added delays in changing certain combinations of information.)
What doesn't kill me makes me stranger.
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Also, this is why I say that everyone should bend over backwards to not show that they know it's a scam (I delayed them while I reported the account, and already had the report button up before I sent the very first response), and then do everything to try and contact the victim so they can respond ASAP. Once they know you know they can block you, which makes it much harder to do anything about.
What doesn't kill me makes me stranger.
User avatar
Daehawk
Posts: 65710
Joined: Sat Jan 01, 2005 1:11 am

Re: Compromised OOer Steam Account Reporting Thread

Post by Daehawk »

Fun days to look back on some day....maybe.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Lassr
Posts: 16969
Joined: Wed Oct 13, 2004 10:51 am
Location: Rocket City (AL)
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Lassr »

Now Eel Snave
The only reason people get lost in thought is because it's unfamiliar territory.

Black Lives Matter
User avatar
noxiousdog
Posts: 24627
Joined: Tue Oct 12, 2004 11:27 pm
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by noxiousdog »

Lassr wrote: Mon Jan 08, 2024 6:32 pmNow Eel Snave
Yep. Just got it.
Black Lives Matter

"To wield Grond, the mighty hammer of the Federal Government, is to be intoxicated with power beyond what you and I can reckon (though I figure we can ball park it pretty good with computers and maths). Need to tunnel through a mountain? Grond. Kill a mighty ogre? Grond. Hangnail? Grond. Spider? Grond (actually, that's a legit use, moreso than the rest)." - Peacedog
User avatar
Daehawk
Posts: 65710
Joined: Sat Jan 01, 2005 1:11 am

Re: Compromised OOer Steam Account Reporting Thread

Post by Daehawk »

yep ES has been hounding me in chat. Just ignoring...will report.
--------------------------------------------
I am Dyslexic of Borg, prepare to have your ass laminated.
I guess Ray Butts has ate his last pancake.
http://steamcommunity.com/id/daehawk
"Has high IQ. Refuses to apply it"
When in doubt, skewer it out...I don't know.
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Anyone try to send him a message to let him know?
What doesn't kill me makes me stranger.
User avatar
El-Producto
Posts: 602
Joined: Fri Oct 15, 2004 2:59 pm
Location: Ontario, Canuckistan

Re: Compromised OOer Steam Account Reporting Thread

Post by El-Producto »

Hey All, long time no post!

Eel Snave is all over me, I reported the account.

Cheers
"Goonies never say die"
www.bovineconspiracy.com
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

I was able to get him a message, again via the OO Facebook group. That's more useful than most know - it also gives us a way to communicate when OO isn't available.
What doesn't kill me makes me stranger.
User avatar
Eel Snave
Posts: 2892
Joined: Thu Oct 14, 2004 6:09 pm
Location: Wisconsin
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Eel Snave »

hooooorayyyyyyyyyy
Downwards Compatible
We're playing every NES game alphabetically! Even the crappy ones! Send help!
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

See what happens when you disappear for a few months?
What doesn't kill me makes me stranger.
User avatar
Eel Snave
Posts: 2892
Joined: Thu Oct 14, 2004 6:09 pm
Location: Wisconsin
Contact:

Re: Compromised OOer Steam Account Reporting Thread

Post by Eel Snave »

That'll teach me.
Downwards Compatible
We're playing every NES game alphabetically! Even the crappy ones! Send help!
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

Max Peck wrote: Tue Jan 09, 2024 4:37 am
Blackhawk wrote: Mon Jan 08, 2024 9:51 pm there are surprisingly few red flags.
It's a well-known scam that has been in use for years now. Getting a Steam message from a friend asking you to vote for their Counter-Strike team is the red flag. It's up there with getting an email from a Nigerian prince. :lol:

I'm probably more paranoid than most, but any sort of message asking me to click a hyperlink is a red flag for me.
Absolutely true. Anything that involves a hyperlink is red flag enough to at least do a search first. I meant more that, once you follow the link, there is nothing that makes it stand out as wrong - except for one thing, and that's only obvious if you log into other sites through the Steam API often enough to notice it:
Unagi wrote: Tue Jan 09, 2024 9:49 am I'm hyper-paranoid about this stuff and don't ever (EVER!) use my Steam Login for anything but logging into Steam. I refuse to even do those "Your Year in Review" things, as they need you to do just that.
And that's the difference. If you're already logged into the main Steam site on your browser, using one of those third-party Steam logins doesn't require your credentials. A real sites gives you a popup from Steam asking if you want to allow access to your profile. That's the thing that people miss - you cannot log in to any site with your Steam password other than Steam itself. Where it throws people is that if you're not already logged into Steam when you try to connect, Steam itself asks you to log in - and that's what this is spoofing.

Instead of this:

Enlarge Image

You should get this:

Image

And when you click 'Sign In', there's no followup - it simply gives the site access to your profile, no extra password required.

The big difference is that you're not giving them your Steam credentials - all you are doing is giving that site access to your public profile. It's the same stuff that a friend would see upon logging in. There is absolutely no mechanism there that allows the other site access to your password - it's literally as safe as having a friend look at your profile, and the site can't do anything with it that your friend couldn't do. The whole point is to give utilities like sites like LaunchBox or GoG Galaxy, and sites like steamcompletionist.net or HowLongToBeat access to the list of games you own, your achievements, your playtime, etc, that you've made public so that they can provide services (like ways of tracking your backlog, or sorting your library more effectively, etc.)

If there's ever a question about a login, just make sure you're logged into the Steam website itself first - go there yourself and log in. If the other site still asks for your login info instead of just giving you the "Sign in?" prompt, there's something wrong. If you really doubt, clear your cookies and try again. If you're logged into Steam and it still asks you for your password, that's a red alert.

There's nothing wrong with choosing not to, that's perfectly legitimate. But I did want to clarify how they work differently for those who are on the fence. Connecting a site/app to Steam is not the same as giving them your credentials.
What doesn't kill me makes me stranger.
User avatar
Unagi
Posts: 28212
Joined: Wed Sep 20, 2006 5:14 pm
Location: Chicago

Re: Compromised OOer Steam Account Reporting Thread

Post by Unagi »

hyper paranoid :shifty:


but, I do appreciate the light you have put on the distinction.

I have found the "I want to put no thought into this, but I also want no risk" to basically result in "Then can you do without the feature being presented?" - If I can, I move on.

I'm like this to a fault. And I need to actually work on it. But then there are times (like this thread exposes) where I sit comfortably in my "I never ate the fish" position on Airplane! and my behavior is reinforced.
User avatar
Blackhawk
Posts: 46042
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: Compromised OOer Steam Account Reporting Thread

Post by Blackhawk »

That's the thing - it's not obvious how it works until after you've done it.

They really should change the 'Sign In' button to 'Share Profile.' The term 'Sign In' suggests that it's something other than what it really is. In practice, you're just give the site/app limited friend access.
What doesn't kill me makes me stranger.
Post Reply