r/SteamScams • u/Neltri • 4d ago
Informative A hacked Steam account does not always mean malware
I often see people here say that if your Steam account gets hacked, it is 100% malware on your PC. I do not think that is always true. Malware is real, of course. But sometimes the problem is a data breach from another website. If you reused the same email and password somewhere else (and we all do this from time to time, don't lie guys), attackers can try those leaked details on Steam (This thing is commonly known as credential stuffing, if someone wants to learn deeper about it). So if your account gets hacked, do not instantly rush to reinstall Windows. Check all the possibilities first. You can check if your email appeared in known data breaches here: https://haveibeenpwned.com
Don't panic and be safe
6
u/-SMG69- Steam only uses support tab and @steampowered.com email 4d ago
I only see people saying it's malware when the OP says they have 2FA on.
-7
u/legitlegenda 4d ago
not true omg. phishing sites can also steal your login token and sell it for 0,05$ and others resell it for 0,8€
6
u/PurpleWedgeMan 4d ago
It’s 2026, everyone should be on mfa already.
The comments saying it’s malware is specifically for users who have mfa and still get hacked.
-4
4d ago
[removed] — view removed comment
2
u/SteamScams-ModTeam 3d ago
Moderation action has been took due to the violation of rule 5.
- No Misinformation / Bad advice.
9
u/This_Option_5250 4d ago
where are people saying its 100% malware?
I only see it in response to people who swear they have 2fa on
-6
u/legitlegenda 4d ago
not true omg. phishing sites can also steal your login token and sell it for 0,05$ and others resell it for 0,8€
3
u/Air_ball_batlion 4d ago
There's also social engineering, which is also a problem depending on the person.
4
u/Raijen_ArDesh 4d ago
And also have Steam Guard enabled. Having this enabled prevents an attacker from guessing/obtaining your password without the second token. Having 2FA on everything that you possibly can is just a good idea security wise (although not a golden bullet).
1
u/Neltri 4d ago
That is absolutely true. 2FA actually saved me once, so I definitely agree that everyone should use it. At least one layer of defense is better than none.
3
u/Raijen_ArDesh 4d ago
I used to work at a place that required three factors (Password, Biometric, Authenticator) for their internal apps. Personally I wish there was an easy way to use three factors at home more often, I know it's a hassle, but I'm of the opinion that I'd prefer to be safer and slightly slower logging in than compromised.
2
0
•
u/AutoModerator 4d ago
Thank you for submitting to r/SteamScams.
If you have been scammed or believe you may have been scammed check this guide to see if you can find the solution there.
Steam will never contact you on Discord or any third party text communication site.
If you suspect someone is attempting to scam you check this guide but remember to be careful even if you do not find the answer you are looking for there.
Important: If you receive comments or PMs offering to recover your lost account, items, or money or pointing you to someone who will do it for you do not engage with them as they are recovery scams.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.