Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads

Guide: Preventing Scams & Hijacking


Imperial Knight
 Share

Recommended Posts

Guide: Preventing Trade & Item Scams

A general guide to avoiding and preventing yourself from being scammed.

 

In light of the recent influx of HG recruits and members being scammed on TF2, here's a guide to help prevent scamming.

Due to a recent influx of these types of scams, please read below:

  • A current popular scam is one where someone will approach you claiming to have "accidentally" reported you to Steam for duplicated items. They will attempt to get you in contact with a "Valve employee" (in reality this is another account of theirs). On the "Valve employee" impersonating account, they will request either items or account credentials to "verify" your duplicated items. This is a complete scam. Do not give them ANY items. Do not give them any account credentials.

 

Common Methods of Scammers

The most common detailed methods scammers use to scam you.

  1. Quickly switching items on their side of the trade.
    • The scammer will initially place the item(s) you are attempting to trade for in the trade box. After you are either placing your item(s) in the trade box or have hovered over and viewed the item they have, they will quickly switch out the item for one worth much less. This can be very hard to see as sometimes they will have two unusuals, one with the expensive effect you are trading for and one with a cheap effect. They will switch out the expensive one for the cheap one and the item will even appear the same at glance in the trade box. Before clicking "Confirm trade", always hover over the other person's items to be sure that in the finalized trade they are the items you have agreed to trade for. Be sure to check details like the effect of unusuals, skins, killstreak effects, etc.
    • The scammer may also try to trick you by removing keys, metal, or any other item that is used multiple times in a trade. Always count up the amount and make sure it matches the correct value agreed upon.
  2. Trading outside of Steam.
    • The trade will most likely involve things that cannot be traded through Steam's trading system, such as real world currency or a game code (not to be confused with a giftable or tradable game). Whenever trading outside of Steam, use a verified middleman to do so. You cannot trust another person to hold their end of the trade if it involves you sending items to them in return for say currency or a promised game code. Friends of yours do not count as a middleman because that is also unfair to the other person; a middleman should be unbiased. You can find a list of official SteamRep middlemen here. Read the section on impersonation as you should always verify the middleman is who they say they are.
  3. Impersonation of a friend or a middleman.
    • Some scammers will have either a friend using another account or have another account themselves that is a replica as close as possible to that of an official SteamRep middleman. You should always verify that the middleman is who they say they are. This can be done by viewing their profile on Steam, right clicking, and hitting "copy profile URL". Paste that URL into SteamRep to see if they are an official middleman.
    • "Middleman injection" can also occur. The scammer may suggest a middleman and their profile will check out on SteamRep. The scammer will then have a friend or another account of theirs that is as close as possible of a replica of the middleman's account add you. Always add the middleman yourself (from SteamRep's add friend link or by going to their Steam profile from SteamRep). For detailed steps on verifying who the person is, feel free to read SteamRep's official Pre-Trade Checklist.
    • Some scammers may impersonate your friends by replicating their profile as close as possible to that of your friend's. Validate that this person is actually your friend before trading with them and always follow trade procedure despite someone being your friend. They may also use this during a trade by suggesting that you send items to your friend as a middleman, never do this as they may be impersonating your friend and you should only use an official middleman.
  4. Impersonation of a trade or gamble bot.
    • The scammer may create a fake account that replicates that of a trade or gamble bot's Steam profile. Validate with the site that this is an official bot. Note that some sites are actual scamming sites and will have "official bots" that are meant to scam you. Always be sure the site you are trading with is credible; view the section on trusted trading sites.
  5. Phishing links/fake websites.
    • The scammer may use a website or have a website that is a "phishing website". This means that the website mimics a familiar or official website in order to scam you. First, assess the website and make sure that it is the official website you meant to go to. Some phishing sites are very tricky and change simple letters that at first glance trick you. The link may have misspellings, characters that look similar, or may have a title that sounds official. Additionally, before signing in with your Steam account, be sure that the Steam login portal is valid. The only secure method of signing in through Steam is a redirect to Steam's secure website and then back to the original website. Just because a website allows you to log in through Steam does not mean it is not a phishing or scam website.
      • While on the Steam login page, verify that it is the actual login page by checking for an SSL EV (Extended Validation) cert, which is the Valve Corp. and country tag (such as [US]) that appear next to the URL in the address box. Also, verify that the website is exactly steamcommunity.com. Here is what the address bar should appear as in Google Chrome:
        GoKGTca.png
    • The scammer may also mimic trade websites. Be sure that the URL is correct whenever going to a link from a scammer. To verify, you can always Google search for the website you are looking for, such as TF2 Outpost.
    • The scammer may send websites that have downloads. Do not download anything from websites sent by the other trader. If you have auto-downloads on with say Chrome or Firefox, delete the file immediately.
  6. PayPal or other money service chargebacks.
    • When using PayPal, it is very risky for the person receiving the money. The buyer (person paying through PayPal) can "chargeback" the money, which revokes the transaction and gives the money back to them, even a month after the trade. If using PayPal is a must, it is recommended that you go to their SteamRep page and find the SourceOP link (SOP). The buyer's money/cash rep should be at least 90 days+ from a trusted source.
  7. Money transfer within Steam.
    • While many are aware that it is impossible to directly give or trade money through Steam, some are not aware. Scammers use this to their advantage by sometimes telling the person that if they will trade you Steam money. It is absolutely impossible for them to directly send you Steam money or any money through Steam. While trading on Steam, what is in the box when you hit "Confirm trade" is what you will be able to receive in Steam directly.
  8. False or fake trade links.
    • The scammer may sometimes send you fake trade links either through chat or place it on their Steam profile. These trade links are commonly to another account they have that will have a lower grade (cheaper) tier of the item you are wanting to trade for. For example, when you check the main account's inventory it may have an unusual with an expensive effect. You will then click the trade link to the replica account that has an inventory with the exact same unusual but with a cheap effect. Always be sure the trade link is valid, you can check if the account is the same through SteamRep (matching SteamIDs) or any other SteamID finder.
  9. Trade accept/decline links and email confirmations.
    • The scammer may ask for your trade confirmation or trade decline link, do not send these links to the scammer. They may also request a screenshot of the confirmation email (which contains confirmation or decline details), do not send a screenshot of the confirmation email.
  10. Community market listing scam.
    • The scammer may refer you to an item on the community market that is listed for a lot of money. They will then convince you to trade for that item from them as they own it and it will "make you a lot of profit". The reality is that they listed the item either from that account or commonly another account they have and since you can list items for however much you'd like (within the maximum boundaries). They make it look like the item is worth a lot while it is the only listing and is worth next to nothing.
    • The scammer may also tell you to purchase items on the community market from them for an item or similar while the item is not worth the amount paid and the scammer will not hold their end of the deal.
  11. Request to verify items.
    • The scammer may request that a friend of yours verify items as a "middleman" (hold the items so that after say a PayPal transaction goes through the friend gives your items). The scammer may then use another account to replicate yours as close as possible. He will then add your friend and tell him that you got whatever it was you were trading for, your friend will give him the items, and now you have lost your items for no return. Always use an officially verified middleman.
  12. Trading websites that take items for credits.
    • Many trading websites will have you trade items to a bot for credits. This can be very risky as you cannot confirm that you will get those credits or that the credits will actually get you anything on the website. The best way to deal with this is to trade the bot a smaller item that you wouldn't care too much about if you lost. If you get the credits and they work with purchasing and receiving items on the website, you will have less risk moving forward with larger value items. If the site does not give you credits with the small trade, do not trade any more items with the site.
  13. Lending or "inspecting" items.
    • The scammer may request to inspect the item they want to trade for or ask for you to "lend" them the item for a short period of time. Do not lend or allow the trader to have the item without something absolutely equal in return at the time of the trade.
    • The scammer can always view the item on the game's wiki page or by using in-game inspect functions, such as those in CS:GO.
  14. An illegally obtained Steam wallet balance.
    • The scammer may tell you that they have Steam wallet money but need tradable keys (or other items) and will offer to buy something of yours for much more than its worth (such as a skin) off of the market so that you can get these items for him. Steam will find out that the scammer has been using an illegally obtained wallet balance and you will lose the items purchased and receive a trade ban for completing the transaction with the scammer.
    • Scammers may obtain their wallet balance illegally by several different methods, such as stolen credit cards, "chargebacking" Steam on PayPal, etc.
  15. Bitcoin scamming.
    • The scammer may send you bitcoins that are not valid as Bitcoin will verify/confirm every ten minutes. If you are trading bitcoin for an item, wait at least ten minutes before sending the item over to the other person, after verifying that the page says confirmed (after the ten minutes).
  16. "Bait and Switch"
    • The scammer will usually have two accounts or a friend running another account. They will have one advertising a trade for selling an item for a bit overpay but less than another person who is advertising buying the same item for a lot of overpay. The scammer hopes someone will notice this and attempt to purchase the item for overpay and then sell it for a profit to the other person, but the scammer owns both accounts. After you trade with the scammer and overpay, you will not find any luck being able to trade with the other account.
  17. Gambling
    • Whether in-game, online, or anywhere else, gambling requires trust that the losing party will pay in the end. Use a trusted, verified, and official middleman to hold the items being gambled in order to prevent a scam. If it is not a large enough gamble (an amount like 1 ref), such as an in-game Spy-crab or another gamble, record a demo of it and post proof on HG Bans if you are scammed.
  18. Impersonation of a Valve employee or Steam moderator.
    • Valve employees and Steam community moderators both will have visible badges on their profile (either on the front page or under badges), you can view what those look like below. Valve employees and Steam community moderators will never ask for credit card information, account credentials, CD keys, or items. Valve/Steam does not provide support through Steam, only on their Steam support website.
      • Steam Moderators & employees will Always! be listed here.
    • Badges:
      fa79231a2222407aa21439203bd8cdc0.png9bdd46cef6e82b6780ecdd2fa320eb71.png
  19. Quickly switching items on their side of the trade.
    • The scammer will initially place the item(s) you are attempting to trade for in the trade box. After you are either placing your item(s) in the trade box or have hovered over and viewed the item they have, they will quickly switch out the item for one worth much less. This can be very hard to see as sometimes they will have two unusuals, one with the expensive effect you are trading for and one with a cheap effect. They will switch out the expensive one for the cheap one and the item will even appear the same at glance in the trade box. Before clicking "Confirm trade", always hover over the other person's items to be sure that in the finalized trade they are the items you have agreed to trade for. Be sure to check details like the effect of unusuals, skins, killstreak effects, etc.
    • The scammer may also try to trick you by removing keys, metal, or any other item that is used multiple times in a trade. Always count up the amount and make sure it matches the correct value agreed upon.

Dealing with Scammers

After identifying and preventing yourself from being scammed, this is what you should do.

  1. Do not remove the scammer and close the windows right away. First, gather evidence. Take screenshots of necessary items. View this official SteamRep thread so that you can gather proper evidence for a SteamRep report. This evidence will also be used to make a ban report on HG Bans.
  2. Now that all evidence necessary has been gathered, remove and block the scammer. Make sure to cancel/decline all trades with the person.
  3. Report the person on SteamRep with all of their guidelines and evidence here.
  4. Create a new ban report on HG Bans outlining the situation and attach all evidence as proof.

Other Things to be Careful With When Trading

Other warnings and precautions to take when doing any trading.

  1. Tradable Steam gifts.
    • If the scammer trades you a game or items that were fraudulently purchased, either through methods such as PayPal chargeback, stolen credit cards, etc. you will lose that game/item after the trade. If this happens to you, view the Steam Item Restoration Policy for item gifting to attempt to get your items back.
    • The scammer may trade you a game that is geographically (location) locked. Always hover over these items and verify that they are fit for your use before trading. Steam will not help you if you do get tricked into trading for a location/language locked game.
      • If you do end up trading for a location/language locked game, don't try to use a VPN (Virtual Private Network) as it is a violation of the Steam user agreement and may end up getting your account locked. Instead, maybe try to trade it with a person who can use the game.
  2. Non-tradable but giftable Steam gifts.
    • Be sure you are buying or trading for the right copy of a game. If it is giftable but not tradable, you may be stuck with the game. Additionally, the game may have long wait times until it can be traded. Always hover over the game and verify that it says "Tradable". You will never be able to sell Steam games on the Steam Community Market.
  3. CD keys on Steam.
    • It is very risky to trade for or receive CD keys (or license keys) from another user or non-trusted website. CD keys are considered to be proof of purchase by Steam and the person could use it to hijack your account.
    • If the CD/license key was purchased fraudulently purchased, your account will have the game removed and you may be trade banned.
    • Note that trusted sites like HumbleBundle will not do this to your account and are safe to use as long as they are entirely trusted. Normally, they will gift it through email rather than giving a direct CD/license key.

Hijacking

  1. What do I do if my account has been hijacked?
    • If you have lost access from your account you go here. Steam will request you provide evidence that the account is in fact yours. Possible proof of ownership can be wallet codes, cd retail game keys, banking history. In addition, you will also need to provide possible steam account login names (username) & any emails that are/were linked to your steam account.
  2. How do I prevent my account from being hijacked?
    • Scan your computer for viruses & other malicious content regularly.
    • Change the password on both your email & steam account. It's always good to keep the passwords different.
      • Passwords should be at least 8 characters long & should contain 1 special character, 1 number & 1 capital.
    • Never give out your password to anyone. This includes trusted friends.
    • Always have 2 Auth enabled at ALL times, & NEVER give out the auth codes or auth backup codes to anyone.
    • Only use steam official sites or steamrep approved sites.
    • Always keep steam banking information/history, cd retail keycodes & steam wall codes. If your account gets hijacked you can use this as proof of ownership.
    • always check steamrep.combackpack.tf & and their steam profile history/status before trading as they might be labeled as a scammer.
    • Steam admins, moderators or employees don't need access to your account, if there is an issue on your account it will be resolved by steam without them needing access to your account.
    • There is no such thing as a pending ban or pending account deletion. Either your community banned, vac banned or not banned at all.
    • Steam will never send you emails using Gmail, Yahoo, Hotmail, etc. If you receive an email from steam verify that it was sent from "[email protected]" or "[email protected]" if it was sent from a different email address then it's a scam & should be ignored.
  3. How do I get lost items back?
    • As stated in the steam item restoration policy, steam will not restore items that were lost during the hijack. Often times the items will have transferred multiple times through multiple people before a restoration request gets processed.

 

  • Like 9
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share