STEAM GROUP
TF2 Outpost by Fanbyte
Membership by invitation only
STEAM GROUP
TF2 Outpost by Fanbyte
160,705
MEMBERS
3,915
IN-GAME
31,117
ONLINE
Founded
7 August, 2011
Language
English
Overview Announcements Discussions Events Members Comments Curator
This topic has been locked
Amoo 28 Jun, 2014 @ 5:41am
Phishing bots crawling recent trades
After a bit of a vacation from trading I decided to put up various duplicate, extra, and unused items I had in my backpack. Currently I have 9 trades up and I generally bump them all at once. Since bumping 9 posts at once puts me longer on the front page I always get 1 to 3 instant friend requests. Some of these look like legitimate accounts, although their backpack is stripped of anything valuable, but most of them are fresh accounts with private profiles. If you add one of these accounts all they do is send you a phishing link and say something like, "My friend will pay b/o but he can't add you, here's his profile so you can add him" and other generic stuff like that.

Is there any plan to help prevent stuff like this? I'm basically forced to use trade offers simply because 99% of friend requests I get are from the same phishing bot. I've already blocked tons of them, but they keep coming every time I bump my trades. It's fairly annoying and to someone who is unaware it could be dangerous.
< >
Showing 1-1 of 1 comments
Currier Bell 28 Jun, 2014 @ 6:06am 
Posting from previous topics on this subject:

Sadly, there isn't much more to discuss. This has come up many times and we've done all we realistically can.

From: https://steamhost.cn/steamcommunity_com/groups/tf2outpost/discussions/0/540742399405362271/#c540742399404625939

"There is nothing we can do on our end. The only interaction between the phishers and outpost is them scrubbing the front page for SteamID numbers/profile links and then adding them directly through the Steam client.

If we were to remove that information, it would cripple the site and do nothing in the long term as that information can be found anywhere your profile is publicly seen.

Valve did take some action not too long ago where they limited the number of friend requests you could send out in a single day, but reversed it for some reason. "


On imposing limits on who can see trades: https://steamhost.cn/steamcommunity_com/groups/tf2outpost/discussions/0/540744299979574330/

"...we cannot add any type of restriction that makes a user need a certain action completed in order to use site functions, such as hours played or amount of items in a backpack.

Bots can easily idle whatever time it takes to do that, as well as fill up pages of weapons to bypass whatever system you set up. On top of that, it could restrict legitimate users who may just be started out on the game and our site.

Really, it's all on Valve to do something about phishing at this point, we can't do much more than the steps we've already taken to combat them besides try to educate more people on the practices and common signals of a phishing scam."


And on why phishing bots do not need to be online/public to get to you: https://steamhost.cn/steamcommunity_com/groups/tf2outpost/discussions/0/540743212121412369/#c540743212239182690

"...Let's pretend here that I was a phisher.

My account is perfectly normal, logged in and ready to view everyone's information. My account will then scrub the site for the information it needs, Steam ID's, Profile links, etc.

I then send that information to alt accounts Currier Bell 2, Currier Bell 3, Currier Bell 4 and more. They are the ones that send links to other users over Steam and never actually logged onto the site.

Even if we banned 2, 3, and 4, they have never been on the site. It was all Currier Bell 1 who did the work, who still looks perfectly fine and is logged on the site."
#1
< >
Showing 1-1 of 1 comments
Per page: 1530 50

All Discussions > General Discussions > Topic Details
Date Posted: 28 Jun, 2014 @ 5:41am
Posts: 1
Start a New Discussion

Discussions Rules and Guidelines