Permanent Steam URL: https://steamcommunity.com/profiles/76561198841887758
IP address: 22.214.171.124
Permanent Steam URL: https://steamcommunity.com/profiles/76561198812003311
IP address: 126.96.36.199
Steam account was created somewhere around February 5th 2018, the legacy weapon was acquired by using someone elses save file before that moved into the cloud on March 6th 2018.
Permanent Steam URL: https://steamcommunity.com/profiles/76561198255127273
IP address: 188.8.131.52
I got a message from one of my Steam friends who also streams on Twitch with 2k followers.
So I did a quick check to the website and noticed it’s not a gambling website at all, the only function it has is to ask for Steam login details, including Steam guard code in order to login and continue the theft with a new friend list to go through.
Was he targeted because he is semi-popular streamer with over 400 Steam friends? Or was just a coincidence?
Below is the analysis of the phishing website.
The phishing website itself is not first timer or unique, in fact I had already ran into that phishing site via bots roaming Steam spamming the link to everyone they can, however the domain name had changed in between because I already report the phishing websites to the webhosters, domain sellers, blacklists such as Google safe browsing and so on..
Note how the “login” page is loaded into a brand new pop-up element which doesn’t link to any web address, about:blank.
Instead it’s a blank pop-up which only contains HTML data instead of opening a new website. To be precise it loads data from the same server as the index page, the images and style data is loaded from Steam. That is the only reason why web browser might indicate loading of data from Steam cloud provider akamai technologies.
When you open that pop-up in developer tools you will see that most of critical data is loaded from the phishing website, in normal open ID login pages it only loads data from Steam and displays web address on the tool bar above the pop-up. And when you are at a real Steam login page you will always see the secure text or lock icon at the address bar depending on your browser and the text before the web address should say Valve Corp [US].
To avoid these phishing website just refrain from gambling, you never know who is running such websites and how they deal with pots, items, transferring of items and most importantly how is the login and user accounts handled.
I just started streaming and right away someone who isn’t following me or visited my stream on Twitch before started asking for my trade URL and if I wanted to trade some CS:GO items. When I told him I wasn’t a trader or interested in trading the item(s) he would of wanted to trade he began insulting me and eventually left my stream chat when I didn’t reply anything to him.
Screenshot below shows the chat history and the text on the right side of the image isn’t included in the Twitch chat because AutoMod had removed those automatically.
Internet sure is getting worse and worse where you can do “anything” you want, because it’s Internet not “real life”. You can’t offend anyone on the Internet because it’s “not real”.
Here is the link that guys Twitch in case you want to tell him to behave, https://www.twitch.tv/alliedamped.
As of now all reports must be submitted using the in-game report form, even if you want to submit screenshot or video evidence.
If you are streaming you can’t go to edit the video or else you would have to “pause” or quit streaming first, your audience will just get bored waiting for you to download archive video or find live recording, edit and upload that before continuing forward from the report screen.
If you aren’t streaming and aren’t recording video from each of your games you must first find the recording and start recording, possibly change settings if you haven’t touched the recorder in ages. That can even be too slow to get any evidence.
And not in all cases you have super fast Internet connection and powerful CPU+GPU to;
- record screen in acceptable quality
- edit the video (mostly cut out or speed up irrelevant/boring scenes)
- upload the video to the Internet within the acceptable speed (less than 1 hour)
Then once you do have some evidence of the incident you must write something to the report which can be harder than it looks like. There is a character limit to it! You can’t explain the full game or incident in some cases if you wish to link to screenshot(s) or video(s), and if you have more than two links it could prove to be impossible to fit all that into the in-game report form.
All this because the reports are easier to use if all of them are in the same place. There used to be a Google web form for this with lots of space to write, guide how to obtain Steam ID and so on but console users can’t use that as efficiently as PC users. The game developers, BHVR, have said they are working on improving the report form back in May 3, 2018 but so far since then I personally haven’t seen anything to change with the in-game report form, other than;
- not opening the profile page if you click the report button
- showing you if the report was sent successfully (working icon)
- not opening the report form twice in a row for one click
- fixing other errors sending reports
If you are using ChromaCam to remove background of your webcam in OBS, Skype or whatever you are using your webcam for and notice ChromaCam not working after major Windows updates then you must reinstall your graphics driver again for Windows to recognize ChromaCam as a video input device again.
Windows update messes with your settings, graphics drivers and input devices sometimes and especially on the major updates.