All Discussions > Steam Forums > New to Steam > Topic Details
cruz 5 Aug @ 11:39am
Suspicious "STEAM EMPLOYEE" messages
Hello all, the past month or two, I've received suspicious messages from a chatter called "VALVE Employee" saying my account has been locked. My friends are blocked and my picture has changed.

To be honest, I did login to a site with my steam credentials but I've changed passwords on everything after that and haven't suffered any loses on my account.

I've blocked and reported both individuals, just wondering if anybody has had the same issue.

My theory on that is that they are using some sort of loophole in some publucly accessible api that gives them control over certain "minor" actions in someone's account
< >
Showing 1-5 of 5 comments
cSg|mc-Hotsauce 5 Aug @ 11:42am 
Originally posted by cruz:
Suspicious "STEAM EMPLOYEE" messages

Hello all, the past month or two, I've received suspicious messages from a chatter called "VALVE Employee" saying my account has been locked. My friends are blocked and my picture has changed.

To be honest, I did login to a site with my steam credentials but I've changed passwords on everything after that and haven't suffered any loses on my account.

I've blocked and reported both individuals, just wondering if anybody has had the same issue.

My theory on that is that they are using some sort of loophole in some publucly accessible api that gives them control over certain "minor" actions in someone's account

There is no API that can hijack accounts without that accounts specific API.

Your account login info got leaked somehow. You need to figure out how.

:nkCool:
#1
Wolf Knight 5 Aug @ 11:43am 
secure the account correctly, changing passwords is not enough

Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://steamhost.cn/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://steamhost.cn/twofactor/manage
5. Revoke the API key https://steamhost.cn/steamcommunity_com/dev/apikey (there should be nothing in the APIKEY)

figure out how you gave them access to the account. they didnt find a loophole, you somehow gave them the account log in information.

all 3rd party sites are USE AT OWN RISK. your account shouldnt have an APIKEY unless you have a reason for it.
#2
abossut monster 5 Aug @ 11:54am 
влжап
#3
76561198848839090 5 Aug @ 12:23pm 
too
#4
Emperor Chungus III 5 Aug @ 2:37pm 
Usually when you click on a profile that is a Valve employee, there is usually a note, saying that Valve employees never ask for information. If you dont see that on the profile, take it with a grain of salt.
Last edited by Emperor Chungus III; 5 Aug @ 2:38pm
#5
< >
Showing 1-5 of 5 comments
Per page: 1530 50

All Discussions > Steam Forums > New to Steam > Topic Details
Date Posted: 5 Aug @ 11:39am
Posts: 5
Start a New Discussion

Discussions Rules and Guidelines