The more I discover about Newgrounds, the more I see different worlds, flavours and hues.

Laniakea Supercluster

Joined on 12/3/23

Level:: 22
Exp Points:: 4,980 / 5,380
Exp Rank:: 10,745
Vote Power:: 6.35 votes
Art Scouts: 10+

Rank:: Pvt. First Class
Global Rank:: 2,682
Blams:: 287
Saves:: 3,020
B/P Bonus:: 20%

Whistle:: Bronze

Trophies:: 26
Medals:: 9,216
Supporter:: 8m 29d

"I have accidentally reported you" scam

Posted by ShangXian - 1 month ago

Hello everyone I hope things are going smooth despite the batshit that's happening around the world. I was planning to make a blog about a different topic but seeing that a dangerous scam is roaming freely across Steam, Discord, Bluesky, Xampp, Telegram and other socials and it's affecting users (I've came across five blogs about Discord accounts lost because of this so far), I decided to talk about it hoping more people are aware of this scam. I've already contacted privately my close friends and warned them about it. This is the blog that inspired me to write down this one:

Bluesky Scam affecting Newgrounders!! Accounts have been hacked!

"I accidentally reported you" scam and social engineering

The so-called "I accidentally reported you" scam is a very common scam that uses social engineering and phishing through fear-inducing wording. But what is social engineering? In the context of information security, social engineering is the use of psychological influence of people into performing actions or divulging confidential information. All social engineering techniques are based on exploitable weaknesses in human decision-making known as cognitive biases. One example of social engineering is an individual who walks into a building and posts an official-looking announcement to the company bulletin that says the number for the help desk has changed. So, when employees call for help the individual asks them for their passwords and IDs thereby gaining the ability to access the company's private information. Another example of social engineering would be that the hacker contacts the target on a social networking site and starts a conversation with the target. Gradually the hacker gains the trust of the target and then uses that trust to get access to sensitive information like password or bank account details (1).

Types of social engineering techniques

There at least six types of social engineering techniques: pretexting, water holing, quid pro quo, baiting, tailgating and scareware.

Pretexting= it is the act of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances. This involves some prior research or setup and the use of this information for impersonation (e.g., date of birth, Social Security number, last bill amount) to establish legitimacy in the mind of the target in order to make up an elaborate lie.
Water holing= this is a strategy that capitalizes on the trust users have in websites they regularly visit. The victim feels safe to do things they would not do in a different situation. A wary person might, for example, purposefully avoid clicking a link in an unsolicited email, but the same person would not hesitate to follow a link on a website they often visit. So, the attacker prepares a trap for the unwary prey at a favored watering hole. The attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. More info about it here: https://www.techtarget.com/searchsecurity/definition/watering-hole-attack
Quid pro quo= An attacker offers to provide sensitive information (e.g. login credentials) or pay some amount of money in exchange for a favor. The attacker may pose as an expert offering free IT help, whereby they need login credentials from the user (are you noticing a pattern? Well, we will see it later).
Baiting= it's the irl Trojan horse that uses physical media and relies on the curiosity or greed of the victim. Attackers leave malware-infected floppy disks, CD-ROMs, or USB flash drives in locations people will find them (bathrooms, elevators, sidewalks, parking lots, etc.), give them legitimate and curiosity-piquing labels, and wait for victims. Unless computer controls block infections, insertion compromises PCs "auto-running" media. Hostile devices can also be used. For instance, a "lucky winner" is sent a free digital audio player compromising any computer it is plugged to. A "road apple" (the colloquial term for horse manure, suggesting the device's undesirable nature) is any removable media with malicious software left in opportunistic or conspicuous places. It may be a CD, DVD, or USB flash drive, among other media. Curious people take it and plug it into a computer, infecting the host and any attached networks. Again, hackers may give them enticing labels, such as "Employee Salaries" or "Confidential" (2).
Tailgating= here the attacker pretends to be a company employee or other person with access rights in order to enter an office or other restricted area. Deception and social engineering tools are actively used. For example, the intruder pretends to be a courier or loader carrying something in his hands and asks an employee who is walking outside to hold the door, gaining access to the building.
Scareware= in this type of social engineering the fear and scare are the main tool used to bombard the victim and induce them to do everything the attacker wants. The intent is to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software (or other products). Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it.

So for those who know this scam, did you notice some traits in this type of scam? This scam is a mix of pretexting, water holing, quid pro quo and scareware techniques. After all social engineering attacks are not monoliths but can be a dominant trait with many sub-traits. I want to leave here a link to a beautiful Reddit post about some of the best books about social engineering you can find and that I suggest you to give it a read:

https://www.reddit.com/r/SocialEngineering/comments/kvr07b/the_best_social_engineering_books/

Social engineering can also be used for good, think about Christopher J. Hadnagy, an American social engineer and information technology security consultant founder of Innocent Lives Foundation, an organization that helps tracking and identifying child trafficking by seeking the assistance of information security specialists, using data from open-source intelligence (OSINT) and collaborating with law enforcement. It's a fascinating world actually, but back to our scam.

How it works?

from: https://www.reddit.com/r/Scams/comments/1aywxnj/i_accidentally_reported_you_for_fraud_steam_scam/

Out of the blue, a user tells you they’ve accidentally reported you for something you didn’t do, like making an illegal purchase, and that your Steam/Discord/Bluesky/any other social media account is going to be suspended.

They ask you to message an admin, whose profile they kindly provide, to help you sort out this dilemma. It emerged in late 2018 on Steam and spread across other media. The compromised account receives the same message that you did, and they send over information that led to their account being taken over. That account then sends hundreds of DMs to all of their mutual followers, and you just happened to be on that list. This is why I privately contacted my close friends to make them aware of this because some of them didn't even know this scam was a thing despite being known since 2018. I repeat this scam infects Twitter, Bluesky, even Newgrounds (I've seen a blog of someone who got via NG DMs a similar message, nothing bad thankfully happened as the person was wary enough to avoid the worst) and many other social media, don't fossilise your mind solely on Discord or Steam!

A common trait of this scam and its variants is the screenshot of an alleged support ticket to make it look like more legit and gain the user's trust (social engineering element). The ticket (and trick I would add) instructs you to reach out to somebody on Discord for help to “resolve the report” so that you don’t get banned. There is no word-for-word script that scammers stick to, but the gist is this: someone posing as you scammed them, but they reported you instead of the impostor. Another variant of this scam is the "doing illegal purchases” made by your account—another reason to cause a degree of alarm but flawed, nonetheless. The scammer then insinuates that help is on the way: a “Steam admin” that will cancel the report and remove the target’s account from the ban pile. However, they should confirm that the report against them was a mistake first. The sharing of a legitimate profile—or what appears to be legitimate—that is connected to Steam or its developer, Valve, is one of the tactics scammers employ to make their claims look more truthful.

If you raise the possibility that this Steam admin might not accept your friend request, the scammer suggests that you contact them via Discord. Now that you are convinced you need to do something to save your account, you get in touch with the Steam/Discord/Twitter/any social media admin. Of course, this admin is fake and likely either the scammer or an accomplice. Note that the tone of the conversation changes here. The scammer’s concerned and helpful front is gone once you start chatting with the fake admin (it's more stern and cold). After you briefly explain the situation, the fake admin asks for a screenshot of the chat that transpired between you and the scammer. The proof they ask for is a screenshot of your purchase history. They will also ask you to log out of your Steam account on your computer and/or mobile so they can “start the scanning of your account status”. Of course, there is no scan. The fake admin asks this as a lead in to asking for more information—for starters, the email address tied to your Steam account.

An email address is needed when a Steam user finds themselves locked out of their account and they forgot their account name or password. The fake admin asks you to get the verification code sent by Steam to your email address. If you happen to have Steam Guard enabled, the fake admin will ask for the code as well. SERIOUSLY, NEVER DO THAT!

If you comply with the fake Steam admin you can lose your accounts, your game items, and even money.

Targets who question any of the tasks the fake admin asks them to do are met with the pressure to respond quickly because they’re “running out of time”, they are presented with a fake certificate, or they are threatened with having their accounts deleted. Note the threatening tone aimed at inducing fear and despair:

Here another screenshot of a threatening tone, seriously fuck these bastards!

The scammers behind this scheme also come prepared. Not only do they have the materials—screenshots and a guide script—they need to counter frequent questions raised about their credibility, they are also not afraid to play on Steam users’ fears, even at the risk of losing the credibility they already built up with their target (3).

I copy-paste these important info taken from the website I took most of my knowledge on this scam on Steam. It's a list about Steam main traits for those who use it but might not fully know it:

There is no such thing as “Steam admin”, false report, or a “Certificate of Eligibility”.
There are Valve employees with Steam profiles. And they proudly display a legitimate badge to prove this. They are top-tier moderators (mods) who have full administrator privilege in Steam.
Real Valve employees belong to two invite-only groups, which are Valve and Steam.
There are Steam Community Moderators. Like Valve employees, current and retired moderators have their own badges, too. Community moderators can ban users, among other things.
Real Steam Community Moderators, both active and inactive, belong to the invite-only group, STEAM Community Moderators (SUFMods).
There is a page where you can look up all Steam Community Moderators.
Scammers link back to legitimate profiles of Valve employees or Steam moderators to hook targets into reaching out to through Discord. These Discord accounts are not manned by Valve employees but by scammers.
There is no such thing as an illegal item. That said, there is no need for anyone to review an item.
If an item does need inspection, Valve employees would not require you to hand them over. They will just look it up in their database.
Duplicate items (or dupes) exist, but they are not illegal. Duplication was done years ago by Steam Support to restore scammed or stolen items for hijacked victims. Steam Support doesn’t do this anymore.
If you have handed over an item to someone claiming to be a “Steam admin”, consider it gone forever. The current policy is that Steam Support does not restore items that have left an account, including scammed ones.
If there is a problem with your account, or you have an impending ban, Steam will let you know either via email, a Support ticket, or account alerts. Here is an example [link to account-alert-sample] (taken from Steam on Reddit).
A Steam moderator will never contact you via chat or a third-party app like Discord for any reason.
A Steam moderator will never mediate between you and another user.

As for Twitter, its personnel is not permitted to do any support work offsite. Their support people work internally, which means that they have a policy to avoid talking to you unless necessary to you. All Twitter support personnel are prohibited from opening accounts on mass chat platforms such as Discord by company policy.

What to do if you receive this message?

Disclaimer: sorry for the caps locks but I really want people to fully carve this into their eyes and minds.

1) DON'T DO ANYTHING, JUST IGNORE AND REPORT!!!

2) Do not panic, because nothing has happened to you or your account. YOU ARE SAFE!

3) If you are unsure (don't waste your time talking to the scammer!) CONTACT DISCORD/STEAM OFFICIAL PAGES which are:

https://help.steampowered.com/en/

https://support.discord.com/hc/en-us/requests/new

4) BE ALWAYS WARY OF MESSAGES LIKE THIS AND KEEP IN MIND THAT NOW MANY TEXTS CAN BE GENERATED WITH ChatGPT

5) USE LOGIC: how can someone "ACCIDENTALLY" report you????

To report someone, a person shall have a minimum knowledge of the potential reporty-worthy account. Just think about what you do here on Newgrounds when you have enough proof an account is causing trouble: you observe, analyse and only after collecting enough data, you will contact Tom to take action.

6) If there is a problem with your account, or you have a ban headed your way, in the case of Steam, it will let you know either via email, a Support ticket, or account alerts

--------------------------------------------------------------------------------------------------

Some security settings for Discord to be safe:

https://www.newgrounds.com/dump/item/2f8598b006204b51e3618cbf48b92848

https://www.newgrounds.com/dump/item/e7e70460fee5aac93399d7e985f341d2

https://www.newgrounds.com/dump/item/c0daec0f795fa0fa6118e3c2994ac868

With AI-generated content increasing over the years, the risk to create very legitimate e-mails from staff members, G-mails inbox messages featuring the ones that support sends to confirm they received a report, official Discord (but not only them) staff members impersonator, legitimate Chat-GPT-generated messages, deepfake and so on, these types of scams, which rely on the most effective tool to scam people (social engineering and phishing), will become incredibly common and more subtle. So my advice is to always keep updated to these threats and start building a thread model for Internet and online experience in general. To start a decent threat model, use this site:

https://www.privacytools.io/

Discord support scam, it's very interesting how these mofos use false certificates (maybe generated partially with AI and then corrected manually) to circumvent any suspect from the victim. Take a look at the screenshots especially the last ones.

What shall I do if my account gets compromised?

https://support.discord.com/hc/en-us/articles/24160905919511-My-Discord-Account-was-Hacked-or-Compromised

https://help.steampowered.com/en/faqs/view/0a94-f308-34a5-1988

https://steamcommunity.com/discussions/forum/1/1746720717353050137/

I leave here a list of links that talk about the main scams you can encounter on Discord but this applies on every social platform (remember to always be pro-active when it comes to threat model):

https://discord.com/safety/protecting-users-from-scams-on-discord

https://www.scam-detector.com/discord-scams/

https://www.aura.com/learn/discord-scams

https://www.howtogeek.com/879634/discord-scams-and-how-to-protect-yourself/

Totally unrelated scam that happens in the shape of phone text but it's important to know it, because it's a fucking scam:

https://www.malwarebytes.com/blog/news/2025/07/that-seemingly-innocent-text-is-probably-a-scam

So yeah, that's all for now. If I find other stuff to add I will do. Please take care, stay safe and INFORM YOURSELF and GET EDUCATED on the topic of online security ALWAYS and CONSTANTLY because scammers, criminals etc. act in a way very similar to bacteriophage viruses: they evolve rapidly. And we are the bacteria who need to adapt constantly if we don't want to be eaten in this evolutionary race.

References and footnotes:

(1) Hatfield, Joseph M (June 2019). "Virtuous human hacking: The ethics of social engineering in penetration-testing". Computers & Security. 83: 354–366. doi:10.1016/j.cose.2019.02.012. S2CID 86565713

(2) Conklin, Wm. Arthur; White, Greg; Cothren, Chuck; Davis, Roger; Williams, Dwayne (2015). Principles of Computer Security, Fourth Edition (Official Comptia Guide). New York: McGraw-Hill Education. pp. 193–194. ISBN 978-0071835978.

https://web.archive.org/web/20120415044716/http://www.antiphishing.org/reports/apwg_report_h1_2009.pdf

https://web.archive.org/web/20180622204958/http://news.bbc.co.uk/2/hi/technology/8313678.stm

https://www.reddit.com/r/Scams/comments/1aywxnj/i_accidentally_reported_you_for_fraud_steam_scam/

(3) https://www.malwarebytes.com/blog/news/2021/03/steam-users-dont-fall-for-the-i-accidentally-reported-you-scam

https://toyhou.se/~forums/5867.service-reviews/477785.beware-discord-scam-going-around

https://www.reddit.com/r/Scams/comments/1aq34ac/discord_support_scam/

Tags:

Comments

Log in to Comment

Yomuchan 2025-08-03 19:33:13

I like to act like I'm getting along with the scheme, then start wasting the scammers' time. "Its not loading." or "there's no response" or "I'm getting a white screen when I click your link."

[NEVER CLICK THOSE LINKS]

... I'm probably on some sort of blacklist now since it's been a while since the last message I got lol.

ShangXian 2025-08-03 19:33:13

I tend to do this with phone scammers. Literally two days ago I made waste time after three days she contacted me. I kept her on the hope I would fell, but instead I told her to wait and call me the day after just to repeat the same thing with the excuse I was busy during that day. Then I contacted the official number of the electricity company and they confirmed my intuition.

When she called me back I coldly replied "I thought about it and I'M NOT INTERESTED, bye!"

Online if it ever happens I just ignore and report.

SnSQRS 2025-08-03 20:17:51

Dang, thanks for sharing, all this scam stuff makes me feel uncomfortable asf just because every day it kinda evolves and those bastards make new strategies..

ShangXian 2025-08-03 20:17:51

No problem. This is why it's important to always keep constantly updated to the types of scams and now with new technologies and neurotechnologies scams will be even more dangerous and tricky. Think the worst, inform yourself, get prepared, adapt and evolve.

Of course when I say "constantly updated" I don't mean to read about it 24/7 or the mind will be overloaded and overwhelmed by this. I think being updated every six months can suffice.

AWildDomino 2025-08-03 20:21:00

I always like playing with the scammers, it's fun

ShangXian 2025-08-03 20:21:00

It may fun but I usually tend to ignore them on internet. I tend to ignore them irl too unless I really feel in the mood to: 1) make fun of them 2) harshly tell them to fuck off.

nyanker 2025-08-03 22:14:24

this happened to me once, i was like super scared cause the emails they make look so legit. i just said to the guy i can just make another discord account if this one gets banned.

ShangXian 2025-08-03 22:14:24

With ChatGPT and other AI-generated content, scammers can trick easily those unaware of it. This is why I mentioned the part of contacting directly the official channels. I always do it when I get phone calls from scammers who seem to insist too much in contacting me.

I once got an email from the bank I had an account where it asked me to update my personal info. Being extremely suspicious, especially because I started home banking, I directly called the bank and told the thing, but the bank said it was actually them so no need to worry. Of course they thanked me for being suspicious and I updated my personal info in real life.

In a scam attempt I got via phone some days ago, I again called my electricity company to verify if my suspects it was scam were true, and the company confirmed it was a scam. Most of the time I simply ignore calls from numbers I don't know but this time this mofo insisted calling me for three fucking days. Being quite pissed at them I made them believe I was interested, and they called me for other days until I kindly told them to fuck off because I wasn't interested.

Jojo 2025-08-03 22:18:28

I find the best way to find out if something is a scam is to do everything EXCEPT what they ask you to do. Lol

ShangXian 2025-08-03 22:18:28

Agreed. And always contact official channels in case of suspect, plus reporting this helps the website to keep track of the different types of scams.

bl00dy-seraphim617 2025-08-03 23:46:17

Rickroll them with your own “scam” >:)

THIS IS A JOKE FBI DONT KILL ME

ShangXian 2025-08-03 23:46:17

I don't rule out someone might actually have rickrolled them XD

LOL

SkilledFanBoy 2025-08-04 03:59:04

I didn't got any scam messages so i'm safe.

ShangXian 2025-08-04 03:59:04

Just because it didn't happened yet, it doesn't mean I will never happen. It didn't happen to me too because of my privacy settings minus one time where the account of a friend got hacked and tried to trick me but I just ignored and reported the account (it wasn't this type of scam though).

Always be vigilant and get educated in the field of scams both irl and online.

Yomuchan 2025-08-04 04:19:43

@bl00dy-seraphim617 Once, I feigned internet trouble logging into a faux page so I sent them a 'download' of my username and password. It was a text file with the lyrics of Rickroll.

ShangXian 2025-08-04 04:19:43

Beautiful!

NextRug 2025-08-04 04:42:01

some cavemen evolved brains so they could scam other cavemen and the rest of them evolved into civil human beings but some people just stay the same

ShangXian 2025-08-04 04:42:01

This is why I always use the phage virus-bacteria metaphor to show our relationship with criminals. They are like viruses, meaning that they evolve rapidly and we tend to be slower at adapting to their tactics just like a bacteria who takes much more time to mutate.

Viruses on the other hand have high mutation rates due to the large population sizes, short generation times, the lack of proofreading mechanisms inherent in their polymerases (specifically for RNA viruses) and high mutation rates. For example HIV has a mutation rate per base pair per generation 1.0 x 10^-5, while Staphylococcus aureus on the other hand has a mutation rate per base pair per generation 5.0 x 10^-10. Of course it's very high for bacteria, but my metaphor is to show how criminals are very fast, smart and adaptable to create variants (serotypes in the contexts of viruses) of the scams, and we must be almost as fast as them at counterattack their strategies. This is why being pro-active is more efficient than simply knowing a scam once it hits you. Search actively about the many types of scams both irl and online, study different types of scams on specific countries (this applies a lot with irl scams such as the tea ceremony scam that you can find when visiting China), acquire information and informatic science literacy, adopt strategies to be better prepared in case you are a target because just because you haven't been affected YET, it doesn't mean you won't be affect at all.

p.s. I love virology a lot, hence my small explanation of their mutation strategies.

EwanDoggieNG 2025-08-04 07:55:41

I've actually got some messages from friends saying "Hey, I need to tell you something. It's important." then I saw their account get fully changed to a fake "support" scam account lmfao

You should also make a news post about the "Hello pervert" scam email that's been going on as well.

ShangXian 2025-08-04 07:55:41 (Updated 2025-08-05 06:49:06)

Yeah, a frequent scam that can take many shapes over the years, hence the importance to stay vigilant.

Mmhhh, interesting I admit I didn't know about this scam so I will talk about it in future, for now I will keep this blog visible so more people can know about it as this is the type of scam that's currently affecting users. But after a week or two (probably after two weeks because I can feature the blog on the site's frontpage again to let more people be aware) I will write a blog about it so I can talk more in depth on sextortion techniques. You will be credited for letting me know about this scam, thank you!

And I will talk about Pegasus in brief, because I can already see a pattern that it's not true someone installed it on a victim's device. Plus it's used against politicians, journalists (here in Italy there is a delicate scandal involving journalists and NGO people being targeted with Pegasus)

EwanDoggieNG 2025-08-04 08:03:21

Another thing is that sometimes scammers are actually people who are sadly victims of human trafficking.

Depressing. :(

More info: https://www.abc.net.au/news/2025-02-26/fake-job-ads-leading-to-scam-compounds-and-sexual-slavery/104953504

ShangXian 2025-08-04 08:03:21 (Updated 2025-08-05 07:47:32)

Damn, just finished reading the article and I feel disheartened...I wish I could help these victims other than sending a virtual hug, but maybe donating to these organizations that help human trafficking victims such as Blue Dragon can be a start.

It sucks once again vulnerable people like women and poor people are the main target of this disgusting world.

Thank you for sharing this important article!

AFasterSlowpoke 2025-08-04 08:08:35

i think i had gotten the "i accidentally reported you" scam on discord DMs once or twice, quite a while ago, but i just ignored it, and unsurprisingly, nothing happened to my discord account.

ShangXian 2025-08-04 08:08:35

Yeah, I get sometimes sms telling me that a package is about to arrive and a link is provided. I never click on them because I know it's mere phishing and I still have a strong memory to know I never purchased anything. If I purchase something I write down the day, date and hour to keep track of it especially when it comes to digital purchases where I never save payment methods.

bl00dy-seraphim617 2025-08-04 09:02:44

@Yomuchan We’re no strangers to love

ShangXian 2025-08-04 09:02:44

You know the rules and so do I

StitchMiss 2025-08-04 10:07:39

Thank you for posting this, and especially with how detailed and in depth it is x_x Seems this scam has gotten to a fair amount of users on here. Hopefully it will die down now that more are aware of it, and, at the very least, now people will be more on alert

ShangXian 2025-08-04 10:07:39

You are welcome, I tend to be very detailed when I want to cover certain aspects of a specific phenomenon. In future I may even make a follow-up blog about the semantics and textual analysis based on Verbvalenz Theorie (German for "Verbal valence Theory") because reading carefully those scam messages made me notice some elements that disrupt the elements that make up a text such weak cohesion and coherence.

It may die down but it will definitely surge again in the future as new techniques will be employed. Remember if we can read about these posts warning us about these scams, scammers can too. And so they will develop counter-strategies against our counter-attacks to their main attacks.

Finasty 2025-08-04 19:09:42

It's nice you are sharing this, as a person who got this, i seriously don't know at first, but oh well, it's already been done anyway

ShangXian 2025-08-04 19:09:42

It's a duty to inform as much people as possible. Did you lost your account?

EwanDoggieNG 2025-08-05 07:48:54

@ShangXian It's horrible that people are forced to scam.

ShangXian 2025-08-05 07:48:54

Yeah, this happens when a mix of social-political and economical factors play a role into letting the worst of humanity come out. I wish all the best to these victims, the last story made me cry after she managed to reunite with the father.

Finasty 2025-08-05 09:12:11

@ShangXian Yep, my first discord account that i have since 2018

ShangXian 2025-08-05 09:12:11

I'm deeply sorry for the loss of your account :(
Now that you know what it is, you know what to do but be always vigilant as these scams evolve with time. @EwanDoggieNG mentioned me the "Hello, pervert" scam email and in two weeks I'm going to talk about it as I'm discovering interesting stuff and possible evolutions of this type of scam.

ShadenLines 2025-08-09 19:06:51

Wow...good thing I've never opened an account on Steam for any reason.

I do have one on Bluesky but luckily, I haven't gotten that kind of a message so far. It may be because I'm not a big enough fish for scammers to spend time on...am not there every day, nor have I ever linked anything financial to my account. All I do is post my art & comment on whatever interests me.

ShangXian 2025-08-09 19:06:51

Well, Steam gives you the opportunity to set it private, enhancing the control you can have over the data you show others. Setting your game details to private means other users can’t see what games you own, how much time you’ve spent playing them, or your achievements. This is perhaps the most significant aspect of privacy, as it prevents others from scrutinizing your gaming habits, judging your choices, or even using that information for potentially malicious purposes. For example, someone might use knowledge of your favorite game to craft a convincing phishing scam.

A private friends list prevents other users from seeing who you are connected to on Steam. This can be useful for preventing unwanted friend requests, doxxing and protecting the privacy of your friends, especially those who might prefer to keep their online activities separate from their real-life identities. It also reduces the likelihood of strangers attempting to infiltrate your social circle. Also if you set your profile as private this will impact the visibility of other information, such as your wishlist, badges, groups, and screenshots, and frankly it's a good thing.

By setting it private you can also silence the digital echo of your activity feed, and you know the cool stuff about this? You can even decide if your friends, in your friend list, can see or not your activity. You can choose to make your game details visible to friends only, or completely private. And if your “Game Details” are set to private, then no, others won’t be able to see what game you are currently playing or your playtime, even if you are actively in the game.

But this opens a question: does a private profile prevent people from sending me friend requests? Sadly no, it doesn't. A private profile doesn’t stop people from sending you friend requests. However, it makes it more difficult for them to learn information about you before sending the request. Plus you can always deny the friend request.

So the main downside is reduced visibility within the Steam community, but to me it's a great thing, because it will make harder for others to find you, connect with you, or trade with you. Also, some third-party services or websites that rely on Steam profile data might not function correctly if your profile is private. So for a lover of privacy like me it's a great feature, because I don't fucking care about visibility in communities like that.

-----------------------------------------------------------------------------------------

As for the scam

"It may be because I'm not a big enough fish for scammers to spend time on...am not there every day, nor have I ever linked anything financial to my account. All I do is post my art & comment on whatever interests me."

it doesn't matter if you are big or small, the very moment you move in the online space you leave traces and may attract the attention of a scammer, usually because of connections created with other accounts who have been compromised. One of the people who lost their Bluesky account, which is also a fans of mine here, started sending scam messages through their compromised account to all people who followed them, including very likely lurkers or people who never posted anything. So everyone can be a potential victim. I remember I was contacted via DM on Discord by one of my friends who had her account stolen. The scammer tried to pathetically lure me into their trap, it didn't work because: 1) I don't fucking care about Discord Nitro and I don't want it, 2) I already knew my friend lost her account due to poor digital hygiene and refusal to use Malwarebytes which would have protected her even without paying the Premium.

This was the only time where I got contacted due to my friend list but after this I never received any message because no one can send me DMs unless they are my friends (and I know they are very careful in terms of online safety, not like my level but still very good for the average Internet user) and all messages are scanned and filtered, including my friends'. I set privacy settings in way it's extremely difficult I get annoyed by this stuff. Despite this I always keep myself informed and updated because these bastards evolve rapidly like viruses and we are the bacteria; we must evolve and adapt actively and pro-actively.

ThatShadowPerson3 2025-08-19 08:02:06

Hey, I know I'm gonna feel stupid by asking this, but apperantly Bluesky said something about my account getting reported for "Illegal purchase and scamming", both of which are shit I DiD NOT do & I'm now currently busting my ass to sort out. Is this part of the scam they're trying to pull or...? <=/

ShangXian 2025-08-19 08:02:06 (Updated 2025-08-19 08:03:12)

Yes, it's part of the scam. This is a scam roaming freely both on Bluesky, Discord, Steam and rarely even here. Don't do anything, just report and block.

p.s. you are not stupid, you couldn't know this type of scam. These bastards take advantage of people's ignorance about these type of scams and how the sites (Discord, Steam, etc.) they use work.

ThatShadowPerson3 2025-08-19 08:07:16

@ShangXian Okay. I still can't shake the feeling that I did something very dumb, tho. Thanks for the heads-up, nonetheless... <B)

ShangXian 2025-08-19 08:07:16

As long as you don't follow ANY of those instructions and just report and block, you will be more than fine. I am sorry you experienced this scary scam that plays on fear. Stay safe!

You are welcome ;)

More Results