How secure is Steam? I just got this email saying someone in Myanmar is trying to steal my games...

How secure is Steam? I just got this email saying someone in Myanmar is trying to steal my games. Has anyone else had their account compromised before?
Before you ask, I don’t even live in Missouri so no, you don’t know where I live

Attached: 5848DF3B-EC00-4F54-8346-144E607ADEA5.jpg (1242x1088, 495K)

Other urls found in this thread:

haveibeenpwned.com/
twitter.com/SFWRedditVideos

Just change your email and password to something impossible to guess.

nigga just use 2 step verification

Yeah. Might have been from a keylogger, but these days it's more likely that you've used the same credentials on another site that had a data breach.

If you have two-factor authentication then they still can't log in, but you should probably change your password anyway unless you want to continue getting those alerts.

I had emails about people trying to use my Ea, Ubisoft and Blizzard account. Never got any from GoG or Steam so either they are more secure or the hackers are better at not being noticed.

turn on 2FA if you're really worried about it, nobody will ever be able to steal your account unless you do something unbelievably retarded

Admit it OP, you had a weak ass password that could easily be bruteforced.

This. I also have a 20 character long password. It's honestly probably your fault that you got hacked. Hope you didn't have any expensive items in your inventory, senpai.

I have a 14 year account that I even lent to a friend for 5 years, and I've never been hacked or hijacked.
Steam is pretty damn secure, considering you don't use your email address to log in, you use an account name that is never made public.
On the other hand some people have tried to jack my gmail since you can't really hide the login method that way, but still all they could do was trigger two factor authentication codes sent to my phone.

Then again, I practice common sense computer security which for some reason flies over everyone else's heads.
Two factor authentication with Steamguard is an obvious must.
The second, compartmentalize everything. I run nothing except for Steam and Firefox and other official programs on my main computer. Impossible to get a virus if you don't actually download or run anything shady. I have a burner computer I use for that that is probably chock full of viruses but only because I haven't bothered to set up a VM on it.

Dang, Cape's only about 45 minutes away from me

I have 2FA enabled.

I got alerts from somebody trying to access my Ubishit and Sony accounts. Probably because they had the same e-mail from a LoL account that I paid a booster to get me to diamond.

Go here and type in your email.
haveibeenpwned.com/

My email was leaked with the myfitnesspal phone app.

OP was probably lying about that not being his info because he was too lazy to blurr it, so head on over there and kill him for everyone itt.

I had an old ubisoft account that I forgot about and only recently checked on it and there was a ton of login attempts from russia and I think some southeast asian countries. Closed that shit up quick.

fucking this

14 year old account and haven't had a single issue. When steamguard rolled out it was an obvious choice to enable it. There is a serious problem if you get an email about a login attempt, because that means they have your actual account name; either keylogged or phished. Could've even been anyone you've mentioned your account name to.

>go here and leak your email

Not him, but that site is legit. It is run by an Aussie IT-security developer who has a lot to lose if that would be fraudulent.

why are you lying?
from the moment I sent my email to them, I started receiving daily spam from their domain

Make a screenshot.

>site is legit
>asks for bitcoin donations

Attached: 1351021900505.png (293x279, 85K)

I can't right now, but trust me, it's true.

Steal your games? You technically don't even own the games.

That means your login name is on a pwned list.
Very little Steam can do about that.

And what's wrong with that?

*tips fedora*

Hackers like money laundering.

>dude just trust me

As long as you use a unique password and 2FA for both your email and steam accounts, it's virtually unhackable (assuming you're not being personally targeted by some asshat with a lot of time in their hands). You'd have to fall for some really obvious social engineering trick.
I'd say the vast majority of compromised accounts are due to either phishing (you typed your credentials in a fake website like a retard), simple malware distributed through social engineering (join some server that drops a malicious file in your computer, admins ask you to run the file to finish "installing the server files" and you do it like a retard) or simply because you reuse your passwords like a retard and there's some SEAmonkey going through a compilation of database leaks searching for retards like you.

And what's wrong with that?

Never actually had anyone try to log in to my steam account but I also have all the security options going. Used to get the occaisional scammer sending me messages and asking for login info but that's about it.

i get like 4 emails everyday for all of my launchers but they never get in lol

>Impossible to get a virus if you don't actually download or run anything
lol

With anything be it from Runescape to Steam 2fa can always be overriden by disabling via E-mail. Get 2 step verification and change your emails password.

Additionally you can check the dudes Ip if he acvessed your email and block it however this is likely a VPN

Bros, what happens if I lose my phone? That's the only thing that scares me about 2 step verification.

My password is an 8 digit number that has no connection to anything with two letters and two symbols. No way someone just guessed it. Must have been a data breach somewhere else

Pretty sure you can get new sim with the same number.

This.

When I got mugged I got my number put on another SIM card.

T. Mentally retarded. 8 digit numbers take literally less than a minute to bruteforce.
You fucking deserved it.

>Only 8
>no special characters just numbers
Thats weak as shit

Check your email here:
haveibeenpwned.com/

And find out how many data breaches your password has been leaked by.

>leak your email
Are you mentally ill or just pretended?

I have Steam Guard enabled.

Fucking MyFitnessPal
God damnit

>Impossible to get a virus if you don't actually download or run anything shady.
This is patently false. Even if you use something like Noscript and block all scripts from unknown webpages, it’s very unlikely but always possible that some trusted website gets hacked and laced with an exploit kit that finds out that your web browser hasn’t downloded the latest security update yet (or worse, uses a zero-day exploit) and gets through to your PC using that. Also, someone could hack a site that hosts downloads for something you trust, replacing the files with infected versions.

Don’t get me wrong, you certainly can be *almost* sure that you will never get infected if you are careful and use Ublock (and why you wouldn’t?), but saying that it is ”impossible” to get a virus is just straight out lie. The much-vaunted Common Sense is the most important security layer and gets you very far, but it certainly doesn’t make you immune.

Reminds me how I once got a call from some fag saying how my information is all over the place and many companies own it and they can delete all of that and just need ~100-120€ to get their lawyers on the job.
Spent like over 30 minutes talking with that guy until he suddenly hang up. Kinda rude desu

Attached: 1556141538261.jpg (800x800, 41K)

That's Malaysia, not Myanmar. Make sure to change your passwords including your emails, if you haven't yet. Get 2FA mobile as well.

Now that was a walk down memeory lane.

This. You can be 99,999% secure with careful browsing and download habits + aggressive Noscript settings, but you will never ever be immune. No matter how big tech wizard you believe yourself to be, there’s always the possibility of human mistake, and even if you don’t fuck up, someone you’re supposed to trust can fuck up and end up harming you through that. Most virus infections happen due to sheer retardation, but if every possible bad thing happens to happen at once, you can always get infected too.

could've just told him to not be retarded.

Why would someone use zero-day in an exploit kit targeting regular users?

I mentioned it mostly as a theoretical possibility, the point being that it is unlikely but theoretically possible to get infected even if you do nothing stupid. It’s true that it’s unlikely that someone would waste a zero-day in an untargeted attack, far more likely that exploit kit would just use an old version of a browser as an attack vector.

>>>reddit.com