Go Back   The Older Gamers Forums > TOG Public Forums > Digital Distribution & Game Applications

Digital Distribution & Game Applications Games distributed via On-Line Stores

Reply
 
LinkBack Thread Tools
Old 4th October 2010, 11:32 PM   #11 (permalink)
Retired Captain
Retired Captain
Ace - Post: 8036
 Redgum's Avatar

Default

https://support.steampowered.com/kb_...2347-QDFN-4366
Above is a link for how to retrieve a hijacked account


Can you remove your credit card information so when they hijack they cant gift games against your account?

Edit: found my own answer

log in to the steam account https://store.steampowered.com/account and you can delete the "last 4 digit crdit card". (and deleted!)
__________________

Division Captain (retired) Brink & BF 2142 | Sig by Ashlann | Brewing up a storm @MooCrkBrew


Last edited by Redgum; 4th October 2010 at 11:42 PM.
Redgum is offline   Reply With Quote

Old 5th October 2010, 12:22 AM   #12 (permalink)
Retired Captain
Retired Captain
Lethal - Post: 6191
 Beavis's Avatar

Lurking
Default

Be aware that with the latest trade/buy system in TF2 that aholes a targeting players to click on links to trade items........DO NOT click on any links on Steam chat
Beavis is online now   Reply With Quote
Old 5th October 2010, 05:18 AM   #13 (permalink)
Retired Captain
Retired Captain
Lethal - Post: 6186
 Roosta's Avatar

Default

Quote:
Originally Posted by Thermal Ions View Post
You'll probably get the response that the "verify email" option was implemented to provide this additional protection and I recall it being advertised at the time on the Steam News page.

It'd suggest that it should have been more prominently pushed by Valve as not everyone uses Steam as frequently as many of us and / or don't read the news page. How hard would it be for Valve email all users who haven't verified or have steam pop-up a recommendation maybe once a month when unverified users start steam. Through slackness I took a while before doing the verification and never received a targeted prompting either through Steam or via email. I'd imagine there are a good portion of accounts that still haven't verified and thus have to imagine the higher that number, the higher the number of stolen account support tickets Valve would be dealing with.
Spot on!!!!
Neither my Son, (nor myself for that matter) knew about the "Verify Email" option until my nephew showed me last night........
The only email my son got from Steam was to say that his change of email had been processed..etc...etc...
They should send an email with a verification code to the old email address in order for someone to change to a new email address. (The same as they do when you change your password).
All his games were gifts from me using my account with PayPal, so I hope he gets them back.
He is a shattered little man this morning, we've got a SLAK Lan to go to on Saturday, and it looks like he will be using my rig.
Quote:
Originally Posted by Jigoku View Post
On an account with no games, when you try to make a purchase without verifying your email address it will force you to do so before the purchase is allowed to continue. It's a shame it doesn't force this on every account.
Now there's the diddly...
He still hasn't purchased any games...They have all been gifted to him.
__________________
Think before you DO....Then DO before you have time to rethink.

Last edited by Roosta; 5th October 2010 at 05:22 AM.
Roosta is offline   Reply With Quote
Old 5th October 2010, 06:52 AM   #14 (permalink)
Retired Captain
Retired Captain
Elite - Post: 3198
 Xavien's Avatar

Psychedelic
Default

I have a friend who hasnt logged into steam for a year, hes only got one game on it L4D which he bought from a retail so hasnt got his details in steam. He wants to play guardian of light but when he tried logging in it didnt recognise his email address. He swears he has the email correct. When he puts in for a password change steam its sent a new password to the email address but he doesnt get anything. It looks to me that someone has hacked him and changed the details.

Steam are so slow to get back though i think its going to be a week or so before he gets to find out whats happened to his account but reading this does lead me to believe that hes been hacked somehow.

Can anyone explain where i can find the verify email option in steam please
__________________
Bowski Productions Presents A Free Online Fan Comic (Link Below)
-----------------------------------------------------------
-----------------------------------------------------------
Xavien is offline   Reply With Quote
Old 5th October 2010, 08:35 AM   #15 (permalink)
Retired Captain
Retired Captain
Ace - Post: 8036
 Redgum's Avatar

Default

Xavien - here is the link

https://support.steampowered.com/kb_...AS-1543#verify
Quote:
On Windows

  1. Right-click on the Steam icon in the System Tray and select Settings or press the Settings button in Steam's File menu.
  2. Click on the Verify email address button.
  3. Follow the on-screen instructions.
  4. You should then receive an email message from Steam Support.
  5. Click the unique link provided in this email message to finish verifying your email address. The web page which then launches will confirm your success.
On Mac

  1. Open Steam and click on Steam > Preferences
  2. Click on the Verify email address button.
  3. Follow the on-screen instructions.
  4. You should then receive an email message from Steam Support.
  5. Click the unique link provided in this email message to finish verifying your email address. The web page which then launches will confirm your success.

I never received the verification email message from Steam Support. What should I do?

If you do not receive the email message from Steam Support and you are running a Spam filter, check and make sure the message has not been filtered as spam.
If you are still unable to receive the verification email, you will need to contact Steam Support.
__________________

Division Captain (retired) Brink & BF 2142 | Sig by Ashlann | Brewing up a storm @MooCrkBrew

Redgum is offline   Reply With Quote
Old 5th October 2010, 08:37 AM   #16 (permalink)
Guild Officer
Guild Officer
DOTA2
Deadly - Post: 2174
 Chief's Avatar

Confused
Default

A bit of this going around at the moment. A togger had their account hijacked yesterday and it spread through several other toggers as the hijackers send links to everyone on the person's friend list. I received 3 messages from toggers yesterday, written in pretty bad english with a dodgy link.

So don't think you're safe if the message comes from another TOG person, and if you do click a link definitely don't enter any details.
__________________
Battlelog ~ PSN - Trent_Steele ~ Steam ~ Battle.net - Chief#6843
Chief is offline   Reply With Quote
Old 5th October 2010, 09:22 AM   #17 (permalink)
Retired Captain
Squad Officer
Left 4 Dead
Lethal - Post: 7441
 Drac's Avatar

Yeehaw
Default

Clicking a link by itself shouldn't be able to steal your password. Never type your steam password into a form field in a web browser - not even the web version of Steam's community website. Even just typing the password and not submitting/sending the form is enough to have a script on the page sneakily send whatever you type to a hackers database after each keystroke.

Do not use simple or generic passwords or anything based on the letters of your login or real name. Hackers can run scripts that test common passwords against the steam community website.
__________________
.
. . . .
.
Drac is offline   Reply With Quote
Old 5th October 2010, 09:28 AM   #18 (permalink)
Deadly - Post: 1775
 wHiTeRaSTa's Avatar

Relaxed
Default

Yep hows this..last night someone on my friends list sent me a I M saying "White i cant believe what you wrote on the forum : DD" like so, with a link to a bogus steam forum login page. As soon as the message came through his status went to offline. I have now blocked this so called friend. It's strange really seeing as i only have a few non Toggers on my list.
I blocked him and have forgotten the name.....wish i took some time to take down the details though. I do remember that this was one in my list with a ever changing nickname. I'm now going through my list and getting rid of peeps i dont know.

EDIT...I've found the name's that he goes by....
biggles-whiskers up for trade
biggles
TYG|Lord Bigglesbee
A Horse(Bigglesbee)
A Horse
Horses are for winners
{SLAK}Lord Bigglesbee

Check your friends lists guys......

His Steam community profile is..
http://steamcommunity.com/profiles/76561197996810978/

I've since unbloked him...and when i see him online he will be coping a serving from me i tell ya......
__________________
sleepwhenyadead

Last edited by wHiTeRaSTa; 5th October 2010 at 10:07 AM.
wHiTeRaSTa is offline   Reply With Quote
Old 5th October 2010, 10:18 AM   #19 (permalink)
Deadly - Post: 2244
 Dreadly's Avatar

Cynical
Default

Unfortunately Biggle's account was hijacked last night and links was being spammed to people in his friends list.

So not his fault, just a victim of a nasty phising attempt.

Last edited by Dreadly; 5th October 2010 at 10:25 AM.
Dreadly is offline   Reply With Quote
Old 5th October 2010, 10:22 AM   #20 (permalink)
Deadly - Post: 2008

Asleep
Default

Quote:
Originally Posted by Drac View Post
Clicking a link by itself shouldn't be able to steal your password. Never type your steam password into a form field in a web browser - not even the web version of Steam's community website. Even just typing the password and not submitting/sending the form is enough to have a script on the page sneakily send whatever you type to a hackers database after each keystroke.
Not entirely true, if you're worried about a keylogger, the keylogger will capture the entry direct into the Steam client as well. If you've had script injected after manually navigating to the steam website then you've got other serious issues going on (e.g. you've been pwned anyway). I doubt you'll get big use of CSRF or anything against steam. Personally, I'd classify this as acceptable risk.

More specifically never enter your username and password into a web form (for anything) that you did not navigate to manually. If you follow a link you click (even from google) DO NOT enter your username and password. This is why banks always tell you to type the URL to their banking site manually. Never enter your username and password into a web page that is not protected by SSL/TLS - most modern browsers will display either a padlock symbol and/or will change the colour of the URL (green for firefox). If you see any errors pop up about certificates, run for the hills.

You can be attacked by clicking on any given link without first inspecting the URL. If you aren't technically able to check these details, then you shouldn't click links someone has sent you - if they're all "hey check out this cute youtube clip of a kitten falling asleep in a teacup: YouTube - Kitten fall asleep in a teacup" don't click the link, manually go to youtube and search for the clip yourself.

This applies to all forms of communication, email, steam IM, MSN etc.

For those with kids: Make sure you teach your kids never to click on links someone sends them without asking you first. Also make sure you don't have a CC registered against their steam account - always send by gift!
__________________
Pen < Brush > Sword

Last edited by Mighty Brush; 5th October 2010 at 10:25 AM.
Mighty Brush is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +11. The time now is 03:31 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0