25

Thanks to Steam guard, I get an email with a code when I try to log into my Steam account from a new device.

But this week I have received constants emails from people trying to log in my account (mostly from Russia)

I went to Steam and changed immediately the account's password, but 10 minutes after changing it, I got another email, from another computer in Russia trying to log in.

What is going on? Is my account in danger? Can I do something to stop this?

UPDATE

Checking virus in both O.S. in my computer

  • Windows: Clean (Checked with McAffe)
  • Ubuntu: Clean (Checked with Clamscan)
Improve this question
10
  • 6
    support.steampowered.com/kb_article.php?ref=8625-WRAH-9030 Mobile Authentication, If you are getting targeted that much Id give that an addition to your account.
    – James
    Commented Aug 24, 2015 at 17:58
  • 6
    If they still have the password minutes after you changing it, the probability that you have some type of virus/spyware on your computer is close to 100%.
    – Tim S.
    Commented Aug 24, 2015 at 18:33
  • 1
    Virus scanning is in no-way fullproof. There are plenty of keyloggers and hidden processes that will not get caught by the scan. I work with this regularly, and usually end up reloading the OS to be safe.
    – Tim S.
    Commented Aug 24, 2015 at 18:37
  • I just ran the AntiVirus in both my OS. Nothing was found. What means "reload" the OS?
    – Enrique Moreno Tent
    Commented Aug 24, 2015 at 18:38
  • 1
    @MonkeyZeus if you get to the 2-factor auth part (where they send you the alphanumeric code and you enter it into the Steam client) that means they have successfully entered the correct password, otherwise no 2FA would be sent.
    – Tim S.
    Commented Aug 25, 2015 at 22:40

5 Answers 5

Reset to default
25

You technically can't do anything against this. I can try to access your account myself if I really wanted to and you would get a message. It doesn't mean I know your password or will ever access your account.

There is really no reason to change your password again, because the person trying to access your account is just using a script to run through a bunch of popular passwords probably.

Steam will automatically block the IP address after so many attempts to login to one account. They will need to contact Steam Customer Support to unblock their IP address and they obviously won't do that.

Improve this answer
4
  • 22
    You should receive a code from Steam Guard only after you have successfully logged with a correct account/password combination. Your answer is reassuring but I wouldn't be so optimist in this case. It could be a bug with Valve, it could be a virus, it could be a pwned router. In any case, receiving a code probably means that someone else has the correct password.
    – BackStaB
    Commented Aug 25, 2015 at 12:25
  • 5
    (assuming the code is really from steam and not a phishing attempt)
    – BackStaB
    Commented Aug 25, 2015 at 12:33
  • 1
    A side note: I am not using a popular password. It is a 15 chars random password.
    – Enrique Moreno Tent
    Commented Aug 25, 2015 at 12:55
  • 1
    @Dbugger Unless you're astronomically unlucky, you should be fine, then. People in other nations do this all the time and you were simply unlucky enough to get your specific account chosen by some script kiddie. Their interest is not in you specifically but they're trying to "scrape off the top" and search as many accounts as possible for one that has a stupid password. So they'll lose interest in you fairly shortly. I actually have a Diablo III account that was hijacked once by Chinese users. I was glad! They farmed ridiculous gear on my Monk and I had millions of gold when I got it back...
    – Lucas Leblanc
    Commented Sep 18, 2015 at 21:39
18

"Steam Account Password Reset" email

If you're received "Steam Account Password Reset" e-mail - you're safe. The only thing you can do is filter those e-mails so they will not bother you ("skip inbox" action in gmail filters).

"Your Steam account: Access from new device" email

Bad. Someone just tried to login with correct password. I'm not sure if it's possible to trigger this e-mail without correct password. You should contact steam support.

p.s. Some antivirus companies provide free "one-time virus scanner" (NOT a trial version!) like fully portable dr.web cureit (don't check "I'd like to receive news e-mails"!). Also livecd/liveusb version.

Improve this answer
3
  • 4
    The later form of email, the "Access from new device" kind, can also be "triggered" through simple forgery. In other words it could be a phishing attempt and no one has has used his correct password. Even the first kind of e-mail could be a phishing attempt so don't click on any links on either sort of e-mail if you weren't expecting it.
    – user86571
    Commented Aug 25, 2015 at 15:33
  • @RossRidge steampowered.com have strict SPF policy set so forged e-mails will not be delivered on most mail servers (you can query steampowered's SPF with nslookup -type=TXT steampowered.com on windows). Of course make sure From field is "something(at)steampowered.com"
    – Sanya_Zol
    Commented Aug 25, 2015 at 19:16
  • That's a bit misleading. SPF only verifies the message envelope, not any of the headers or the body of the message. The "From" header is not checked. Phishing e-mail can still get through by simply not forging the envelope from. Since most people don't check their e-mail messages very closely, they won't notice that the "From" header ([email protected]) doesn't match the sender ([email protected]). That why I suggest simply not clicking on the links in the messages if you're not expecting it.
    – user86571
    Commented Aug 25, 2015 at 21:18
1

I had this problem and it drove me crazy and I think I've found the answer. Do you have 2 Steam accounts registered to your one email address? Maybe you have an old account that you've forgotten about. Somehow the password to that old unused account is out there, and the constant emails you get from Steam relate to this old account? So no matter what you do, you keep getting emails from Steam. Log out of Steam. Log back in using your email address. It should tell you if you have more than one account. Ask for a password reset on the old account. Then fill in an account deletion request. I hope this is your problem cause it's easy to solve.

Improve this answer
-2

Change your username and some data, remove any personal things, check IP address and use an IP address tracker to see where the hacker is. Back up some data (make another account with valuable items or inventory stuff).

Improve this answer
-3

You should try to change your password. People trying to log in to your account everyday is pretty bad news! A password change should stop those scum.

Improve this answer
2
  • 4
    Changing your password doesn't stop people from trying to log in; this helps absolutely nothing.
    – Frank
    Commented Sep 18, 2015 at 21:49
  • @Frank so; when Steam Guard emailed me, it very clearly said that someone logged in with the correct id and password but with a new device in a new location. Changing your password is the basic minimum this person should do.
    – dlamblin
    Commented Sep 3, 2018 at 3:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .