This situation is really bad!!
This situation is really bad!!
I'm sorry that wasn't my intention, but I was unclear on your expectations. You're right—most people recognize such messages as scams, even if they come from someone you know. It's possible you were hoping for a different response, given everyone's awareness of security risks. I hope this didn't happen to you.
Here, I'll assist you with free games, items, and money—no external websites involved. If a site requests your Steam login for access, chances are it has already captured it. Don't rely on every message you receive; someone's account could be easily compromised, as shown in the example. Let your friends know to avoid clicking links you get from me, I can assure you they likely received the same warning.
Possibly a fake login page? Two fields, one for account name and one for password—both lead directly to hackers' inboxes.
(PS, the inline smiley search is great!)
I also used the free/gift/comp steam game trade site before, but it seems Steam has altered how games are traded lately.
Here you are, the provided link isn't a valid Steam URL. They obtained your login details and accessed your account.
Sorry to be so direct, but anyone who thinks signing into an account through a third-party site is wise is making a huge mistake... I have no sympathy for such foolishness. You made a terrible choice, and the only person responsible is the one who acted irresponsibly.
Now treat it as a warning—learn from this and never allow any other website access to anything from another platform again. Don’t fall for the 'convenience' promises. It’s all a ruse to collect your data, whether for theft or selling your personal information to anyone willing to pay.
Use a reliable browser (like IE, not Chrome or Edge) with strong privacy settings... that covers ads, scripts, cookies, Java, and tracker plugins.
If you ignore these precautions... you’re the only one to blame.
Some time ago... before Steam began offering refunds for defective items (often less than 2 hours of gameplay), I attempted to request a refund for a collection of games that wouldn’t function properly (older Star Wars flight sim titles I enjoyed in my youth). They simply ignored me, refusing to reply to the support ticket for weeks. Although I still had the original CDs, they wouldn’t work on Windows 7.
I then submitted a PayPal dispute... and they finally replied, threatening to close my account if I didn’t resolve it, and saying they would hold back a refund until I canceled the dispute.
When I canceled the dispute, I couldn’t reopen it. I recorded their threats, saved their emails, and discussed the situation with PayPal. They agreed to reopen the case if Steam refused to process my refund.
I explained to Steam that this was what I had done and asked for a 24-hour resolution window. Eventually, I received my refund. Thanks to the team working on the X-Wing Alliance Update project, I was able to restore my original games—including XWA, XW VS TF, Expansion, and the original titles with expansions.
Not long after that, Steam altered their policy. Ubisoft, on the other hand, completely refused to issue refunds if a game had already been started, no matter its functionality. In such cases, you’re forced to pursue a chargeback or a PayPal dispute.
Nowadays, if I can find it on GOG, I will—unless it’s significantly cheaper elsewhere. I’ve boycotted EA for over ten years because of their poor practices and their connections with China.
Just to summarize and take responsibility, I realize it’s your fault. In the IT security world, people are often the weakest point, and it’s not rare for individuals to fall into these traps. Steam has relatively few security issues compared to other platforms—this attack wasn’t initiated by Steam. It occurred so easily because you essentially handed the criminals the keys to your system and told them, “Take whatever you want.”
Be cautious of every link shared by friends or family; this one didn’t come from a trusted source but from a system built to launch a phishing attempt. Avoid sharing credentials, as each transfer can lead the other company to store your information. Some handle it securely, while others don’t.
Security systems remain tightly controlled until someone is introduced, at which point they become vulnerable. You’re not the first, but you’re certainly not the last.