They have all the backend information to do their investigation but that information will not be shared with you.

The info U get in your e-mail îs profile name - the one who can be changed very easy, If U would get account ID, that 76................... numbers, then U could report that user who sold his items

Originally posted by sniepz:

Someone hacked my account and indirectly transferred $200 to themselves via the community market. They sold cheap items at high prices (close to $50 each for $.03 items) on 'their' account, and bought them using my account. I figure Valve/Steam should be able to help since it all looks pretty obvious. I tried making a ticket but they just say no refunds. Surely there should be some sort of data or log regarding community market transactions that would make it possible to investigate things like this?

Accounts are phished not hacked.

You gave away all your account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or item sell sites, fake steam log-in websites, or by tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Your account was phished / hijacked. Follow steps 1- 7 to secure your account:

1. Scan for malware https://www.malwarebytes.com/

2. Check that the email and phone number on the Steam account are still yours.

3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

4. Change passwords from a trusted/clean device.

5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

7. Make sure your steam recovery email account is secure

Steam will NOT return lost funds or Items.

Because you were phished on your computer. They grabbed the session token from that 30 second 2fa code, along with your login info. that is the only way. with all 3 parts of the key, they could use that at any time to log in as you, since they had the 2fa session token code, steam thinks it is you.

The only way to get all 3 parts of the key is from your computer, you were phished.

https://help.steampowered.com/en/wizard/HelpWithAccount