Coke Posted July 18, 2017 Share Posted July 18, 2017 Recently, it was brought to my attention that a malicious link was being shared around the community. Though the distributors may not have known, the link is an attempt to retrieve and compromise steam account information. Obviously, I will not be sharing the link here, but I advise all members of the community to be cautious when clicking on unknown links. Furthermore, any third party website (even if it has "steam" in the link) that offers free skins, steam wallet and/or games should not be trusted. We hope that everyone in the community stays well protected from any phishing attempt. If you believe your account has been compromised, please change your password immediately. Also, if you want an extra level of protection, I encourage mobile guard for maximum security. Thank you for reading, and I wish you all an excellent evening. Regards, Chief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke EDIT: IF you have any tips or details you would like to share about possible scams, please do so. Safety is a community effort! EDIT 2: Needless to say, if you are involved with spreading these links, please stop. It is a SCAM, and if you continue to do so you will be punished 3 Link to comment Share on other sites More sharing options...
ekksdee Posted July 18, 2017 Share Posted July 18, 2017 Thanks for the PSA hEad GA C.I.O Coke 1 Link to comment Share on other sites More sharing options...
Khazen Posted July 18, 2017 Share Posted July 18, 2017 Keep in mind: There will NEVER been an official Steam promotion that is advertised anywhere EXCEPT your main Steam client. And said promotions will NEVER ask you to log in anywhere except the Steam client. If a friend sends you a link, do NOT open it. Try to inform them and tell them to change their passwords immediately. The way these scams work is by encouraging people to spread it to their peers. So you will earn "points" for each person that logs in off your link. Don't fall for it and don't spread it. Link to comment Share on other sites More sharing options...
Bacon Posted July 18, 2017 Share Posted July 18, 2017 Thanks A lot [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke Link to comment Share on other sites More sharing options...
steamboat Posted July 18, 2017 Share Posted July 18, 2017 thank u [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke Link to comment Share on other sites More sharing options...
sza Posted July 18, 2017 Share Posted July 18, 2017 Great reminder! Thanks Chief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke Link to comment Share on other sites More sharing options...
JShuggy Posted July 18, 2017 Share Posted July 18, 2017 I approve of this message C.I.O.A.E.G.A (Chief Inspection Officer and Elite Global Admin) Shuggy Link to comment Share on other sites More sharing options...
Sage Posted July 18, 2017 Share Posted July 18, 2017 Good Shit note taken <3 thanks [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke Link to comment Share on other sites More sharing options...
sza Posted July 18, 2017 Share Posted July 18, 2017 Quote thank u [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke careful now, you may just get demoted from your rank from a whole community away 1 Link to comment Share on other sites More sharing options...
Not in Use Posted July 18, 2017 Share Posted July 18, 2017 QuoteKR D1 75 LP Shut up coke Link to comment Share on other sites More sharing options...
Drewskiii Posted July 18, 2017 Share Posted July 18, 2017 Thanks Coke appreciate it and whats with all the ranks?? @Coke Link to comment Share on other sites More sharing options...
Yous Posted July 18, 2017 Share Posted July 18, 2017 QuoteThanks Coke appreciate it and whats with all the ranks?? @Coke His new rank is Chief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A] Link to comment Share on other sites More sharing options...
Gracias Posted July 18, 2017 Share Posted July 18, 2017 honestly kinda sad how a PSA like this needs to be made. I get the phising part, but do people really need to be told not to click on links promising free shit. Link to comment Share on other sites More sharing options...
Savage Posted July 18, 2017 Share Posted July 18, 2017 Quote[C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke Thanks for the warning [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke Link to comment Share on other sites More sharing options...
Admiral Mirage Posted July 18, 2017 Share Posted July 18, 2017 Quotehonestly kinda sad how a PSA like this needs to be made. I get the phising part, but do people really need to be told not to click on links promising free shit. Obviously because many people got banned for promoting that link, and I heard about others getting malware/adware/spyware and their accounts taken over for a short period of time. Link to comment Share on other sites More sharing options...
Humungus Posted July 18, 2017 Share Posted July 18, 2017 QuoteGreat reminder! > Thanks Chief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke Link to comment Share on other sites More sharing options...
Drewskiii Posted July 18, 2017 Share Posted July 18, 2017 Quote His new rank is Chief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A] Oh snap that was pretty impressive bruhhhhhh Link to comment Share on other sites More sharing options...
SpaceGandalf Posted July 18, 2017 Share Posted July 18, 2017 @Coke isn't it supposed to be Chief Information Officer Supreme Roast Master Guardian First Class KR D1 75 LP Head GA Coke [C.I.O.S.R.M.G.F.C.K.D.75.L.H.G.A]Coke Link to comment Share on other sites More sharing options...
moris Posted July 18, 2017 Share Posted July 18, 2017 QuoteChief Information Officer Supreme Master Guardian First Class KR D1 75 LP Head GA Coke [C.I.O.S.M.G.F.C.K.D.75.L.H.G.A]Coke I would like to see someone say this with one breath Link to comment Share on other sites More sharing options...
Walker Posted July 18, 2017 Share Posted July 18, 2017 Thanks for the warning and good memes Link to comment Share on other sites More sharing options...
Rivvrs Posted July 18, 2017 Share Posted July 18, 2017 Thanks for the heads up! Link to comment Share on other sites More sharing options...
Metodub Posted July 18, 2017 Share Posted July 18, 2017 Now i know! Link to comment Share on other sites More sharing options...
Solace Posted July 18, 2017 Share Posted July 18, 2017 This was said in a staff meeting many months ago when it was an issue, but anyways @Coke is encouraging advice to be given to players on their own security, so, here's mine. If you see a goo.gl link, or any other shortened link on the server/ts/forums, It'd most likely be in your best interest to not click it without expanding the url first (unless that link was made by an SA+, who already has your IP) The reason why is because many skids use url shorteners to hide grabify links inside them. So when you click it, the person who sent you the link now has your IP. This was an issue on SUP before. The person who was permad for sending malicious links recently was also a victim of having their IP address made public by people doing this very thing. Our very own @Vladimir-Putin had also clicked a shortened link from a player once, and then that same player had DOSed him when Vlad tried banning him after I had told him that it was a malicious link. Funny, right? Anyways, people do this sort of thing with url shorteners all the time. Be wary of links you don't know because people seriously do this a lot, and it's happened a lot at SUP specifically, quite a few times. Even if it's a custom domain, people can easily turn their own domains into url shorteners. Though, keep in mind people with custom domains dont even need to shorten their URLs to get your IP, just visiting their site is enough for them to get it. My suggestion to you all is to use this website: http://urlex.org/ to expand any short URLs. If they expand to something like youtube.com, or any other site you know, the link is safe. If it expands to something like Grabify, the link is an IP logger and is not safe. all-in-all, use a VPN. Never give anybody your private email(AKA the ones you use to make all your website/service accounts with) and if you ever do need/want to give somebody your email, make sure you give them an email that was made specifically for communicating with people, rather than one used for making accounts. As unlikely as it seems, people can use your email to track you down. It's been done at SUP before, and it can lead to them getting your address, phone number, blah blah blah, etc. etc. Also keep in mind that Facebook, by default, allows people to search you up just by entering your account email. So it'd be best to turn that off as well. People can also crossref that email with database dumps. database dumps usually hold things like your email, IP address, ZIP code, address, name, etc. Otherwise, just w/e information you used to register the account. A good way to check if your email is in any easily accessible db dump, is by typing your email into this website: https://haveibeenpwned.com/ This website also has links to database dumps and will link you to any that you are in, so that you could see exactly what kind of info is leaked on certain websites. People who have these dumps will sometimes be able to get passwords as well. Which is another reason to use a password generator and manager; so that doesn't happen to you. Link to comment Share on other sites More sharing options...
Solace Posted July 18, 2017 Share Posted July 18, 2017 That all may sound a little far fetched, but all of it is from what I've seen happen at SUP before. Link to comment Share on other sites More sharing options...
Harry Callahan Posted July 18, 2017 Share Posted July 18, 2017 QuoteThis was said in a staff meeting many months ago when it was an issue, but anyways @Coke is encouraging advice to be given to players on their own security, so, here's mine. If you see a goo.gl link, or any other shortened link on the server/ts/forums, It'd most likely be in your best interest to not click it without expanding the url first (unless that link was made by an SA+, who already has your IP) The reason why is because many skids use url shorteners to hide grabify links inside them. So when you click it, the person who sent you the link now has your IP. This was an issue on SUP before. The person who was permad for sending malicious links recently was also a victim of having their IP address made public by people doing this very thing. Our very own @Vladimir-Putin had also clicked a shortened link from a player once, and then that same player had DOSed him when Vlad tried banning him after I had told him that it was a malicious link. Funny, right? Anyways, people do this sort of thing with url shorteners all the time. Be wary of links you don't know because people seriously do this a lot, and it's happened a lot at SUP specifically, quite a few times. Even if it's a custom domain, people can easily turn their own domains into url shorteners. Though, keep in mind people with custom domains dont even need to shorten their URLs to get your IP, just visiting their site is enough for them to get it. My suggestion to you all is to use this website: http://urlex.org/ to expand any short URLs. If they expand to something like youtube.com, or any other site you know, the link is safe. If it expands to something like Grabify, the link is an IP logger and is not safe. all-in-all, use a VPN. Never give anybody your private email(AKA the ones you use to make all your website/service accounts with) and if you ever do need/want to give somebody your email, make sure you give them an email that was made specifically for communicating with people, rather than one used for making accounts. As unlikely as it seems, people can use your email to track you down. It's been done at SUP before, and it can lead to them getting your address, phone number, blah blah blah, etc. etc. Also keep in mind that Facebook, by default, allows people to search you up just by entering your account email. So it'd be best to turn that off as well. People can also crossref that email with database dumps. database dumps usually hold things like your email, IP address, ZIP code, address, name, etc. Otherwise, just w/e information you used to register the account. A good way to check if your email is in any easily accessible db dump, is by typing your email into this website: https://haveibeenpwned.com/ This website also has links to database dumps and will link you to any that you are in, so that you could see exactly what kind of info is leaked on certain websites. People who have these dumps will sometimes be able to get passwords as well. Which is another reason to use a password generator and manager; so that doesn't happen to you. This post should be pinned. Really, really useful. Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts