Jump to content

New Anti-Phishing Policy [Steam Guard 3.0]


AwesomeMcCoolName

Recommended Posts

Valve should give you the option to restrict an account to a specific (or multiple specific) MAC addresses; thereby making phishing impossible.

 

When you set it up you're given a code, which you will need to input in order to change the MAC address/es associated with an account; and the only way to get that code is when you first set it up. (if you lose it, you're stupid, and fucked).

Link to comment
Share on other sites

or they could use two-step verification like google use with their gmail.

 

or people could stop being idiots, no offence to all the phished people but seriously, if you fall for phishing the year 2014 you should take a computer-course.

 

 

also, i like your font, i doubt you'll print this page so pls don't use times new roman :(

Link to comment
Share on other sites

or you could just not be an idiot and check the link :D

 

true but extra security always helps.

 

 

MAC address spoofing is part of most routers. This wouldn't really do much to stop phishers that know even a little bit.

 
Restrict to hardware you have surely this should be possible.
Link to comment
Share on other sites

or they could use two-step verification like google use with their gmail.

 

or people could stop being idiots, no offence to all the phished people but seriously, if you fall for phishing the year 2014 you should take a computer-course.

 

 

also, i like your font, i doubt you'll print this page so pls don't use times new roman :(

Times is best

team viewer :x

Not phishing.
Link to comment
Share on other sites

Dont accept blind adds, dont click links, dont download files, basically treat everyone/thing as a phisher.

Yes. But steam gets flooded with phishing shit constantly. Valve doesn't validate pp because they don't want to deal with it. So if they make phishing harder, they won't have to deal with it either.

Link to comment
Share on other sites

Valve could easily block misspelled links their plugins or dns servers that already block such things, shame valve has't implented it yet.

But i think phishers already adapting and using real malware to hack other accounts, like what happend to alex or lamebro completly bypasses steamguard.

Link to comment
Share on other sites

I'm surprised that the phishing plugins that most antivirus programs and web browsers have built in don't block them already.

 

you can always download web of trust (aka wot) https://chrome.google.com/webstore/detail/wot/bhmmomiinigofkjcapegjjndpbikblnp?utm_source=chrome-ntp-icon

 

It allows you to rate websites and see the rating that other users have gave it, if it's a phishing site it will most likely have bad reviews or no reviews at all, that should ring some bells.

Link to comment
Share on other sites

you can always download web of trust (aka wot) https://chrome.google.com/webstore/detail/wot/bhmmomiinigofkjcapegjjndpbikblnp?utm_source=chrome-ntp-icon

 

It allows you to rate websites and see the rating that other users have gave it, if it's a phishing site it will most likely have bad reviews or no reviews at all, that should ring some bells.

 

https://chrome.google.com/webstore/detail/block-misspelled-websites/hkeedolkcnamlgiodhcaielanmffhlil

 

Block misspelled websites.

 

Ofcourse not gonna help against phising links like that hit lamebro cleverpun or alex because that links to a download site rather downloading a rar file but i think those links are most obvious to avoid anyway.

 

Also you could lock steam down to 1 computer, phising like what hit lamebro cleverpun and alex will become more common because those hack your computer rather then your account completly bypassing steamguard 1.0 2.0 3.0 or even 4.0 and higher.

 

Anyway if steam locked acount to 1 computer as option or block misspelled steamcommunity website links they probably reduce phising hacks for only 1 maybe 2 month's.

Hackers will always find new way's to hack you.

Maybe valve should rather filter out unrecognized links and obvious download links, while only allowing links like from youtube etc or their own site etc.

 

I think it would be best to block every link thats not from steam by default with the option to disable that filter as option with warning about phishing attacks etc.

Link to comment
Share on other sites

https://chrome.google.com/webstore/detail/block-misspelled-websites/hkeedolkcnamlgiodhcaielanmffhlil

 

Block misspelled websites.

 

Ofcourse not gonna help against phising links like that hit lamebro cleverpun or alex because that links to a download site rather downloading a rar file but i think those links are most obvious to avoid anyway.

those weren't phishing links. An idiot like me could phish. What hit them was kinda advanced, and required more knowledge than I have (or Cleverpun, it appears) of computers

Link to comment
Share on other sites

those weren't phishing links. An idiot like me could phish. What hit them was kinda advanced, and required more knowledge than I have (or Cleverpun, it appears) of computers

 

That was a hack yes, aka creating backdoor at victim computer to gain control of their system, like i say'd that plugin blocks misspelled sites it won't help against what hit lamebro cleverpun or alex.

 

Just wait until wow shenanigans will start comming to tf2 community.

 

Aka you visit popular tf2 site like backpack.tf and suddenly their an malicious ad hitting large part of community which then falls victim to hacks.

It has happend many times in the past with world of warcraft, which why i use adblock.

Link to comment
Share on other sites

MAC address spoofing is part of most routers. This wouldn't really do much to stop phishers that know even a little bit.

I'm just going to quote this, since it seems like a [/thread] to me.

Link to comment
Share on other sites

team viewer :x

That's how they got me.

RAT + TeamViewer = lolnoitems6u.

 

If they want to REALLY implement security fucking call Blizzard.

I would pay for a Token that you need to enter in at each trade or something that could potentially fuck you over.

Link to comment
Share on other sites

That's how they got me.

RAT + TeamViewer = lolnoitems6u.

 

If they want to REALLY implement security fucking call Blizzard.

I would pay for a Token that you need to enter in at each trade or something that could potentially fuck you over.

 

I'm pretty sure guild wars 2 has ability to add google authenticator they could implent same feature to steam, if suggested it ages ago but valve probably never reads forums.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...