The moment a platform is popular, and millions of users start using it, it immediately becomes the target of hackers. Steam, for example, is the most well-known PC gaming platform used by millions of users. And, for this reason, hackers look for ways to deceive their users by using this platform as a hook. And this has given rise to one of the most famous scams within this gaming platform: “I accidentally reported you”.
We are playing, or we just have the program open, and suddenly we get a message from an unknown person who tells us, in English, that he has accidentally reported us to Steam because, supposedly, an account that pretends to be us has duplicated elements and has cheated you. They don’t always send the same messages (so they don’t appear to be bots), but the concept is the same.
This is how they steal your Steam account
this scam first appreciated on the platform in 2018, and in 2020 it grew quite a bit. The curious thing is that after so much time, in 2022, it continues to be active with hardly any changes in the modus operandi. The hacker apologizes for reporting us in error, and tells us that if Steam administrators process his complaint, we will lose full access to the store and all of our games.
But nothing happens, because he is already here to help us. To avoid having our account closed, what we have to do is add a Steam admin to Discord (log out of Steam? sounds weird) and talk to him from that platform. Moreover, so that we can see that it is true, it shows us the supposed requirement to close an account.
Already in Discord, the supposed Steam administrator (who, of course, is not a Steam administrator) will ask us why we have added him to the platform, as if puzzled. After explaining what has happened to us, he will tell us not to worry, that if we follow his steps and prove that the account is ours and that he has not been involved in that problem, the account deletion charge will be canceled.
Here comes the problem. The Fake Steam Admin It will ask for our username and password. from Steam. It will also prompt us our authentication code in order to validate the account. Everything is a scam. Also, if we question him, he will rush us saying that we have little time left. If we give the data, the hacker will have accessed our account, and we can say goodbye to her.
advanced social engineering
Hackers take care of each and every step of this scam. The accounts they steal even maintain a good reputation within the store, since they use them to deceive other users. They even have screenshots and fakes with which to try to trick users.
Any user with a little knowledge of the matter will easily realize the scam. In addition to being a classic of social engineering, neither Steam nor any other platform is going to ask you to use another platform, such as Discord, to continue with a report.
Some details that can help you avoid falling for this scam are:
- There are no “certified” Valve admins.
- Real Valve employees have a badge on their profile, and they wear it proudly.
- The company’s employees belong to two groups, which are only entered by invitation: Steam and Valve.
- There are no illegal items inside the store, so we can’t be kicked out for that.
- Duplicate items exist, and they are not illegal. They were usually duplicated in the past by Valve itself to return stolen items to their original owners. This is no longer done.
- No Steam worker will serve us on Discord. And much less mediate between two people.