Author Topic: The "Fraud Prevention Team" Scam on Steam (Read 4270 times)

Defendor · May 28, 2019, 03:37:18 AM

Quote from: gr8dayseth on May 28, 2019, 03:35:46 AM

to not enter ur password on a site that almost convincingly looks like it's steam from a link too is another i've heard of

havent actually thought about that. do you know of any good examples on how to accidentally come across one of these look-alikes?

the only places i can think of that tells me to log into steam would be backpack.tf, scrap, and steamrep

Ad Bot · Advertisement

gr8dayseth · May 28, 2019, 03:53:47 AM

there's a scam site that almost looks exactly like steam's site on the login screen that they could try referring u to, u could potentially check the url and try comparing it with steam's actual url if it does happen but they can be quite similar. iirc it might also have something to do with pretending they're "fraud protection" like this thread or something of the sort and they need u to login in a separate tab for some reason. people working with steam won't have u do this ever so it's an immediate red flag once u know about this

the other site urls might just need a little bit of investigation with google too before even going there if anyone tries asking u to login somewhere for some reason

Naruto Uzumaki · May 28, 2019, 03:54:28 AM

Quote from: gr8dayseth on May 28, 2019, 03:53:47 AM

there's a scam site that almost looks exactly like steam's site on the login screen that they could try referring u to, u could potentially check the url and try comparing it with steam's actual url if it does happen but they can be quite similar. iirc it might also have something to do with pretending they're "fraud protection" like this thread or something of the sort and they need u to login in a separate tab for some reason. people working with steam won't have u do this ever so it's an immediate red flag once u know about this

the other site urls might just need a little bit of investigation with google too before even going there if anyone tries asking u to login somewhere for some reason

Excellent explanation. Thank you gr8dayseth.

gr8dayseth · May 28, 2019, 04:01:41 AM

just tryin to help out defendor with something he asked me about, don't see the issue

Naruto Uzumaki · May 28, 2019, 04:02:39 AM

A benevolent act. Truly praiseworthy, I expect nothing less of gr8dayseth.

Aide33 · May 28, 2019, 08:37:04 AM

how the forget do you guys fall for this?

do you think valve will contact you on discord of all places?

also, does the link they give you have https? thats a good way of telling phishing websites from real ones normally, you just click the lock next to the url to see if the cert is valid (but they can fake this sometime so watch out)

Conan · May 28, 2019, 10:36:08 AM

Quote from: Aide33 on May 28, 2019, 08:37:04 AM

how the forget do you guys fall for this?

do you think valve will contact you on discord of all places?

also, does the link they give you have https? thats a good way of telling phishing websites from real ones normally, you just click the lock next to the url to see if the cert is valid (but they can fake this sometime so watch out)

i highly doubt the cert is faked - more like the url is bad and people dont recognize it. certs ensure the ip address u accessed is the same as the one associated with the url you went to (in laymans terms) and generating a fake cert and a real steam website url is pretty difficult and likely not what they did to pull this scam off. they might have made a fake website with a bad url and enabled https on it though...

regardless the discord thing is a big tell - iirc steam will only contact you through email regarding account problems.

Writer The Wolf · May 28, 2019, 12:25:15 PM

Perhaps someone should mention that two-factor authentication would help here.

That way even if every other part of your account were compromised, you would still need you owner's 2fa device to log in.

Aide33 · May 28, 2019, 12:56:52 PM

Quote from: Conan on May 28, 2019, 10:36:08 AM

i highly doubt the cert is faked - more like the url is bad and people dont recognize it. certs ensure the ip address u accessed is the same as the one associated with the url you went to (in laymans terms) and generating a fake cert and a real steam website url is pretty difficult and likely not what they did to pull this scam off. they might have made a fake website with a bad url and enabled https on it though...

regardless the discord thing is a big tell - iirc steam will only contact you through email regarding account problems.

yeah thats what im saying

if the site is not https its a big red flag normally

Conan · May 28, 2019, 05:41:20 PM

Quote from: Writer The Wolf on May 28, 2019, 12:25:15 PM

Perhaps someone should mention that two-factor authentication would help here.

That way even if every other part of your account were compromised, you would still need you owner's 2fa device to log in.

part of the scam has people send the 2fa security key to the scammer to �prove� account ownership/login to the website or something

King T�ny · May 28, 2019, 06:59:36 PM

How would you fall for the oldest scam in the book?

Blockomaniac · May 28, 2019, 07:17:56 PM

rip my man trifornt

edit: nvm he was trolling smh die trifornt

Trogtor · May 28, 2019, 07:29:27 PM

imagine thinking anyone at valve would dm you over a forgetup. thats what emails are for.

sleep · May 29, 2019, 01:42:26 AM

Quote from: Trogtor on May 28, 2019, 07:29:27 PM

imagine thinking anyone at valve would dm you over a forgetup. thats what emails are for.

to make it worse, if valve has suspicion you are using fraud (like credit card payback and what not) you will just be banned without hesitation, or AFAIK chance to appeal

keaton · May 29, 2019, 02:38:15 PM

hey
i need to talk to you
i may have done something on accident