Skip to content

How I got my Steam account hacked and what I learnt from it?

  • by
  • 4 min read

Steam accounts getting hacked or hijacked has unfortunately become a common phenomenon in the past couple of years. Hackers can dupe via several avenues and can lay waste to your work (inventories in this case) that you’ve worked so hard to collect over time.

Recently, there was another such attack on Steam users that duped users into giving up their own Steam accounts and guess who gave up their account like an idiot? Yes, it’s me.

So how did it happen? Was I not careful? Or did I just gave my password away like that? Well, none of those things exactly.

You see, there are a number of ways your steam account can get hacked. Most of the betting sites that offer weapon skins and games for free are scams. This is also the most common method people end up losing their Steam accounts.

However, this attack was new. I haven’t seen anything like this before and apparently, it’s still going on.

Also read: Top 15 alternatives to Steam

So what exactly happened?

So this one fine day last week I get a message from one of my Steam friends telling me about a site that’s giving away free games. Now I know this person, I play frequently with them, but as soon as I read the message, I know it’s a scam. But I click the link anyway.

The link takes me to this website.

How I got my Steam account hacked and what I learnt from it?
Looks legit right?

I press the roll button and here’s a brand new game for me. For some reason I decide to go ahead and log in with Steam, and here’s where all hell broke loose.

As soon as I logged in, my account password was changed. Before I could even realise what had happened, my Steam account’s phone number was removed, the email address was changed, and even the Steam Guard Authenticator was removed.

I was left baffled. All of this happened in less than 10 seconds of me logging in.

After five minutes of hurling abuses at myself and frantically freaking out, I finally gained composure and started tracking down the website. Eventually, I was able to narrow down to a single IP address coming from Moscow, Russia.

How in the world did I not see that coming? I’ll never know.

There’s a good chance that this is a dead end as my guess is that the hacker is using a VPN with a fake IP to fend off potential back trackers.

At the same time, I sent an email to Steam support begging them to get my account back. Sure enough, after almost 15 hours of waiting, I get an email with my steam username and a new password. I immediately went on to change the password of pretty much all of my accounts following this incident.

Also read: Is Chrome becoming a surveillance software for Google?

What do we learn from this?

Do not click on such links, please. Or even if you do, do not sign on such websites. Sorry to say, but no one is giving away free games to you.

The message in the red box is the one the hacker spammed from my account. I got my account back, but as you can see, the other person didn’t
















Yes mistakes can happen and thanks to the god-like steam support I was able to get my account back but someone else might not have been this lucky. People have lost their accounts in the past and let me tell you when you see all that hard work going down the drain, it hurts.

Besides, it poses a big security risk to other accounts associated with your steam account. And with a little bit of work, the hacker will be able to reach your card details if you have them saved in your Steam account.

So please be vigilant. If you’ve received any such links, please just ignore them. You might just lose your account and everything else with it.

Also read:What is Email Spoofing and 9 ways to protect yourself

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here:

Exit mobile version