I got a message from one of my Steam friends who also streams on Twitch with 2k followers.
So I did a quick check to the website and noticed it’s not a gambling website at all, the only function it has is to ask for Steam login details, including Steam guard code in order to login and continue the theft with a new friend list to go through.
Was he targeted because he is semi-popular streamer with over 400 Steam friends? Or was just a coincidence?
Below is the analysis of the phishing website.
The phishing website itself is not first timer or unique, in fact I had already ran into that phishing site via bots roaming Steam spamming the link to everyone they can, however the domain name had changed in between because I already report the phishing websites to the webhosters, domain sellers, blacklists such as Google safe browsing and so on..
Note how the “login” page is loaded into a brand new pop-up element which doesn’t link to any web address, about:blank.
Instead it’s a blank pop-up which only contains HTML data instead of opening a new website. To be precise it loads data from the same server as the index page, the images and style data is loaded from Steam. That is the only reason why web browser might indicate loading of data from Steam cloud provider akamai technologies.
When you open that pop-up in developer tools you will see that most of critical data is loaded from the phishing website, in normal open ID login pages it only loads data from Steam and displays web address on the tool bar above the pop-up. And when you are at a real Steam login page you will always see the secure text or lock icon at the address bar depending on your browser and the text before the web address should say Valve Corp [US].
To avoid these phishing website just refrain from gambling, you never know who is running such websites and how they deal with pots, items, transferring of items and most importantly how is the login and user accounts handled.
I just started streaming and right away someone who isn’t following me or visited my stream on Twitch before started asking for my trade URL and if I wanted to trade some CS:GO items. When I told him I wasn’t a trader or interested in trading the item(s) he would of wanted to trade he began insulting me and eventually left my stream chat when I didn’t reply anything to him.
Screenshot below shows the chat history and the text on the right side of the image isn’t included in the Twitch chat because AutoMod had removed those automatically.
Internet sure is getting worse and worse where you can do “anything” you want, because it’s Internet not “real life”. You can’t offend anyone on the Internet because it’s “not real”.
Here is the link that guys Twitch in case you want to tell him to behave, https://www.twitch.tv/alliedamped.
As of now all reports must be submitted using the in-game report form, even if you want to submit screenshot or video evidence.
If you are streaming you can’t go to edit the video or else you would have to “pause” or quit streaming first, your audience will just get bored waiting for you to download archive video or find live recording, edit and upload that before continuing forward from the report screen.
If you aren’t streaming and aren’t recording video from each of your games you must first find the recording and start recording, possibly change settings if you haven’t touched the recorder in ages. That can even be too slow to get any evidence.
And not in all cases you have super fast Internet connection and powerful CPU+GPU to;
- record screen in acceptable quality
- edit the video (mostly cut out or speed up irrelevant/boring scenes)
- upload the video to the Internet within the acceptable speed (less than 1 hour)
Then once you do have some evidence of the incident you must write something to the report which can be harder than it looks like. There is a character limit to it! You can’t explain the full game or incident in some cases if you wish to link to screenshot(s) or video(s), and if you have more than two links it could prove to be impossible to fit all that into the in-game report form.
All this because the reports are easier to use if all of them are in the same place. There used to be a Google web form for this with lots of space to write, guide how to obtain Steam ID and so on but console users can’t use that as efficiently as PC users. The game developers, BHVR, have said they are working on improving the report form back in May 3, 2018 but so far since then I personally haven’t seen anything to change with the in-game report form, other than;
- not opening the profile page if you click the report button
- showing you if the report was sent successfully (working icon)
- not opening the report form twice in a row for one click
- fixing other errors sending reports
If you are using ChromaCam to remove background of your webcam in OBS, Skype or whatever you are using your webcam for and notice ChromaCam not working after major Windows updates then you must reinstall your graphics driver again for Windows to recognize ChromaCam as a video input device again.
Windows update messes with your settings, graphics drivers and input devices sometimes and especially on the major updates.
Dead by Daylight has monthly online ranking reset 13th day of each month. And this month I have moved into a new apartment, played a lot other games and overall been busy with life, so naturally my online ranking has been low in Dead by Daylight, as has been my time for playing the game. You can also see from the screenshot above that I have only played Dead by Daylight for 10.7 hours past two weeks, my profile page is public so everyone can see it also.
I was rank 13 and ranked up to 12 from that game, survivor ranks were 15, 10, 18 and BullyHunter_69 had 14 so that was fairly balanced.
Normally I would be rank 1 but I am still not so sure about this ranking system, haven’t really had the time to play much to see how it’s like or what rank I would be now with the new ranking system. And no, I do not derank on purpose for easier games, I like the challenge.
76561198261444821 wanted me to save while killer was camping. I didn’t know if the killer had NOED or not but I knew I didn’t have borrowed time.
So I went to the hook, even while he kept doing the “killer is camping” emote. I tried to lure the killer away by opening the exit gates hoping the killer would chase me and others could save but..
I realized (and too late too) that other survivors had left the game.
I kept trying to lure the killer away from the hook so I could try to save without getting blink grabbed off the hook – or fall down before I manage to unhook.
I didn’t get the save and the killer camped way too close to the hook, so instead of being mad at the others who left he whines at me in-game and writes this to my profile page.
Here is a quick 4 minute video of the incident.
Thank you Dead by Daylight (game) for getting all these wonderful people commenting on my profile!
I even had profile comments disabled for years and I decided to open up them just for people like this.
So.. I got asked to play for someone else using their Steam account.
I didn’t know what it was for or why he asked me, or even how he found about me.. So I played along to see where it was going. At first he asked me to play using my own account. I was busy with life and had recently moved to another apartment so I was nowhere close of rank 1 because of the monthly resets. I played a game as rank 9 killer, I depipped. He said I played well and had thought for some reason that I had actually pipped in that game.
Then he asked me if I could play one game on his Steam account, I didn’t ask questions and agreed. He was rank 1 killer so I thought he wanted to see me playing at the rank. This game was to be uploaded to Youtube, which I did – you can find the video here. I killed 3 out of 4 because one of them lost connection, either a game bug or due to me being cautious and using a VPN to protect my IP address because the owner of that Steam account got the IP address from an email automatically when I logged in.
Yes, I know.. You are not supposed to share, transfer or use another persons Steam account but I assumed it was only for the rank difference and he really wanted to see me playing at rank 1. And what’s the harm? He already had rank 1 and I only played one game, versus rank 1-3s. It was fair game either way and I didn’t touch his Steam account in any other way. Didn’t even check his recovery email address. He asked me to family share his Steam library with my Steam account but I refused and didn’t link our accounts.
Then he asked me to play again on his account at impossible hours like 6 am my local time when I would be asleep. Then again at 18:10 my local time when I could of in theory done it but was still on the fence if I should risk it by logging to someone elses Steam account yet another time. That could have severe risks to my own Steam accounts, if Valve were to say I stole his account or something similar.
Then few hours later I went on the Dead by Daylight Steam discussions boards as usual where I try to help people having trouble with the game and learn more about the game, and to keep up with recent issues and events.
It finally hit me, I were to play as him versus some popular person I am guessing, I really have no idea about streamers since I never watch any live streams of any games. I only try to stream my own gameplay to friends and other people who might be interested in my playing, after all it’s all public and open to everyone.
So I just wanted to tell the truth about what happened to me on one of the forum threads about this particular person.. And as usual I didn’t really know how he would feel about it. Sorry!
Here are the threads about this whole thing, at least the ones I could find with ease.
And here is what happened next..
I am sorry harshk but you only got yourself into this and I simply told some people what did happen, truthfully.