1. There is no such thing as a "pending" ban or Steam admin. Anyone threatening your account is a scammer trying to scare you. Read more.

GUIDE ON HOW TO STOP SCAMMERS

Discussion in 'SteamRep Guides' started by Dronefly, Apr 18, 2012.

  1. Bobslobtheblob

    Bobslobtheblob New User

    Messages:
    15
    Steam:
    STEAM_0:0:45810773
    Just happened to see an offer from you on outpost and looked at your profile. I'm a semi experienced trader, but I've been scammed with a chargeback once, and I'm steering clear of paypal now.
    This is an amazing tutorial. Thanks for taking the time to make this; It'll help me a lot in future transactions.

    PS. Congrats on the baby :D
    Dronefly likes this.
  2. laur3ntziu00

    laur3ntziu00 New User

    Messages:
    1
    Steam:
    STEAM_0:1:46630543
    Thanks for this guide!:)
    Dronefly likes this.
  3. the_best_noob

    the_best_noob New User

    Messages:
    8
    Steam:
    STEAM_0:0:52405770
    I don't know if this would fall under the category of be polite, but if someone doesn't accept your offer, don't be a dick. One time someome attemptep to report me here and banned me from at least 30 diffeerent servers because i didn't sell him my festive minigun. If someone doesn't accept your offer, just take it and move on
  4. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    I don't find a report on you, can you point me to it?
  5. the_best_noob

    the_best_noob New User

    Messages:
    8
    Steam:
    STEAM_0:0:52405770
    He never actually did it. After reading all the criteria on how to report people, he was intelligent enough to know that I would obviously not be marked as a scammer. I still found it hilarious that he got that butthurt over not finding a good deal.
  6. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    Ah, ok, thnx. At least the criteria help to prevent bad reports :)
  7. the_best_noob

    the_best_noob New User

    Messages:
    8
    Steam:
    STEAM_0:0:52405770
    Personally, I just wish there was a thing that blocked you from posting in that section until you read the guide and made a passable example report. There are still way too many bad reports out there in that section imo.
  8. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    lol, that would go exactly the same way as the "agree" tickbox on a software installation... everybody scrolls down as fast as they can tick the box and click the button without reading a word of it.
  9. the_best_noob

    the_best_noob New User

    Messages:
    8
    Steam:
    STEAM_0:0:52405770
    Probably explains why there isn't one
  10. Wolf532

    Wolf532 New User

    Messages:
    1
    Steam:
    STEAM_0:0:40869877
    Thanks for this guide, had no idea about the phone call thing. I'll keep that in mind when I trade with someone.
  11. Heretic

    Heretic New User

    Messages:
    7
    Steam:
    STEAM_0:1:5034062
    This is a very comprehensive guide, though I would amend two parts:

    1)
    I'd amend that to be clear that middlemen can't protect you from chargebacks. They WILL protect you from a trader your taking an item and running without completing the transaction.

    2)
    I'd add to the section about Sharks that it's a bannable offense in some communities so that if someone does get sharked, they may have some recourse against the other trader.
    VenGanZa likes this.
  12. What should you do if you clicked ont he phone call? You said run something but I do not understand, should you change your password etc?
  13. Dronefly

    Dronefly New User

    Messages:
    352
    Steam:
    STEAM_0:0:41413966

    Well first of all you have to assume that the person is trying to scam you. If you click on the phone call button (assuming they insisted on "chatting with you via voice" what they are doing is opening a back door into your computer that will potentially allow them to do things such as install a key logger or a virus. The first thing you should NOT do is enter or change any of your passwords. In fact, get yourself a trojan , worm, virus software that will fully clean your computer BEFORE entering ANY passwords to ANY sites. This way even if they were successful in accessing your computer and installing one of these malicious softwares they will not get any vital information. If you have already done so, you should probably change your passwords for online on ANOTHER computer, not the one you initiated or had been requested to do any phone call chat. 9 times out of 10 you will probably have the accidental click which is innocent enough and was NOT a hacker. But to be safe, question them WHY they initiated the phone call and then proceed with the steps described eariler. Only worry if the trade is not a standard trade or if someone acts "abnormal" or "fishy"
  14. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    really? you that bad with computers?

    First of all, to get infected via remote means, one must have a command & control access in some form. Really depends on the computer of that person, and their setup of their home-lan.

    Lets say, the average set up is ADSL/Cable:

    Wire connection to the provider
    is connected to:
    a Modem/Router combination device
    which is connected to:
    The computer/laptop via a wire or wireless connection.

    The modem/router runs a NAT, a IPS, and its own DHCP pool to give out IP addresses to the internal devices. The combination of those makes it for a external party not possible to set up a connection to a specific computer on the network by design (the "session" is not known, so the router will discard any packages of unknown sessions, making a attack futile). So, thats the first "jump" they have to make to get thru. lets add another "hoop".

    With XP SP3 and higher, (windows Vista, 7, 8) is a build in firewall (another form of IPS), while these are quite rudimentary, they do the basic thing: not allow external sources to open up a communication channel without permission (ie: a "exception" into the firewall, must by the user of the computer, given permission to do so).

    now, with this, quite rudimentary explanation, we fast forward to applications for communications. I didn't get a good gist of WHAT software was to be used. so that falls in 2 categories:
    1. Known applications (Skype, steam, Mumble, TeamSpeak, etc)
    2. A program to be downloaded by the "attacked" party.

    If you know anything about how communications work, you would know that with the first category applications won't allow you any additional "loopholes" for a attacker. The only thing they may gain from such is to find a IP address of the intended victim. With the SECOND category however, then you come indeed in possible malware, but that is not done remote, its done by the user himself. This can be many things, a website that has been forged to attack your browser via various means, a program to download, a script to run, etc.

    Really, taking control of a machine from remote does require certain means, firewalls killed almost all of those. The only way for them to gain on your computer is by being on the same network, and start brute forcing their way in. But brute forcing only works if things have an exception. Like file sharing.

    Please stop making claims about how things work when you have no clue.
  15. Dronefly

    Dronefly New User

    Messages:
    352
    Steam:
    STEAM_0:0:41413966
    You are assuming people set up security on their connections. Almost ALL people today STILL use default provider configurations and STILL do not set up secured network connections. Ultimately I am just trying to make people understand that the likelyhood of this being a scamming method is next to none, but is still a possible loop hole. There is no reason why they need to get a random chat request on steam via voice. All it takes is a simply inquiry why chat was initiated. I personally have yet to have someone try to scam me via chat but it HAS been done in the past and discussed here as a successful way that people hacked into machines so I added it to the guide as something to simply avoid and not dabble with. Sorry if I do not know exactly HOW to hack a system (i am not a hacker) but I know that it HAS been used in the past.

    On a personal note, there is no need to get so hostile. :/
  16. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    "default provider configuration" actually is as I described above. Windows Firewall is default enabled on windows.

    https://en.wikipedia.org/wiki/Private_network
    See the "Private IPv4 Address space", and also second paragraph of "Misrouting".

    But you also mention (ab)using the data stream of a chat between clients. for a pretty simple communications system as chat, its very easy to secure against abuse on it. Whitelisting and some checks on data size and type is enough. As that is so simple, its quite unlikely that its not implemented.
  17. Dronefly

    Dronefly New User

    Messages:
    352
    Steam:
    STEAM_0:0:41413966
    When you buy a plug and play router the default administrator password is always the same from the manufacturer, also the ip address assigning is default. If you are lucky enough you can get full router control and firewall control simply by trying the default manufacturer configurations. I would assume based on that you can then easily gain access to a pc and take control remotely of it at a later time. Then you chat up the person and can back drop a keylogger of some sort via open chat port? Isn't that the same exploit that people have used for "logmein" and similar applications that open a direct port simply when the software is installed? After all as a person who installs such software (or steam software, skype, etc) do we not open up certain ports for the software during automated software configurations? Isn't this where a potential exploit can occur. I understood that voice communications in steam are done on a specific port, not the default 21. Am I wrong im my assumptions here? Please clarify so I can update the FAQ for everyone to be on the same page.
  18. DataStorm

    DataStorm Retired Staff

    Messages:
    3,448
    1. The "default administrator" router login is ONLY accessible from the INSIDE of a network, not from the outside. If they where, then it would be that nearly EVERYBODY would have a hacker active in their local network. For they gained access to the router, upped a new router firmware and use those devices to do all kinds of nasty things. So no, that is NOT the case.

    2. With installing software and having firewall software active, you get the question to allow the application to access the internet and/or receive information (incoming/outgoing). If one is not researching their applications on their computer for their validity, I'd say they deserve it. Its pretty simple to research, type in google "+programname malware trojan" or other stuff. You can up the downloaded file to a online virusscan system like https://www.virustotal.com/en/ which scans it with a lot of different antivirus aplication makers. Be in control of your machine. Too many just are installing anything without ever giving it a thought.

    And btw, "logmein" is pretty safe if you use it in the correct way. Its the person, the remote controller I'd be worried about. Sure you can configure it wrongly, and run a risk. But that goes for windows, that goes for the internet router (do not put your computer as DMZ, or set it to "bridge"), your firewall etc.
  19. Dronefly

    Dronefly New User

    Messages:
    352
    Steam:
    STEAM_0:0:41413966
    But many routers DO have access to log in remotely into them (I am not just talking wifi). And also, many "gamers" here are not in control of the house pc that their mommy,daddy,sibling installed because they were the most knowledged or the allocated "techie" in the house. The point is that many traders and gamers are NOT educated enough to know what scams are out there and instead of having them learn the hard way, these guides are here to guide the less educated.

    I for example know NOT to let someone have my username and password. Also understand what phishing sites are and how they work. But not all do.

    See my quote above. Again, installing a software just by default is unfortunately what most do. Not many people have "techies" at home or "tech" experience in maintaining, and securing pcs. Hence why so many "virus" removal companies on the market (something every single person can do at home so easily its ridiculous that such services even exist!).
  20. /)☣RedFireCat☣(\

    /)☣RedFireCat☣(\ New User

    Messages:
    25
    Steam:
    STEAM_0:0:43815877
    Nice guide. This helps me with trading :)
    Dronefly likes this.