MaxOMax Posted December 5, 2019 Share Posted December 5, 2019 Just Beware !! Steam players – beware of fake skins as phishers try to hijack accounts Phishing scammers have once again targeted users of the popular Steam gaming service, it was revealed this week. The credential-stealing scam, first reported by security researcher ‘nullcookies’ on Twitter, offers new skins every day. A skin is a modification providing a new look and feel for items in Steam’s online games, and they are in hot demand. There are entire digital marketplaces dedicated to trading them. The scammers post to a Steam user’s profile. A typical message reads: Quote Dear winner! Your SteamID is selected as winner of Weekly giveaway. Get your ☆ Karambit | Doppler on giveavvay.com. A quick search reveals over a hundred Steam profiles displaying similar text. The URL, which Cloudflare now flags as a suspected phishing scam, appears to be down. Bleeping Computer explains that the site asked for a user’s login credentials, promising that in exchange, the words STEAM RAIN would appear in a chat window on the left of the screen. Clicking on the link would score the victim one of the free skins on offer that day, said the scam site. The chat window was, of course, a fake, as was the whole proposition. Victims who clicked on the link met a fake Steam login form that took their information for the crooks to use. That enabled them to perpetrate more fraud by using the victim’s account to post the same phishing link. This phishing attack is notable because it is so convincing. Often, phishing websites feature poor language or spelling mistakes, but this scam went to extra lengths to convince victims that it was real. For example, the crooks reportedly used JavaScript to randomly select phrases from a list, periodically updating the chat window. The site even included a faux Steam Guard two factor authentication (2FA) screen that sends a special access code to the address that the user entered, just as Steam’s real 2FA mechanism does. This all helped to lull the user into a false sense of security. Phishing scams gravitate towards heavily used online services like banks and popular email account providers. Steam is one of the most successful online gaming providers, peaking at around 14.5 million concurrent users this week. It’s no wonder, then, that this isn’t the only phishing attack that its users have endured. Other scams have reportedly lured gamers into clicking on screenshots of items offered for sale, triggering drive-by downloads, while some phishers have pretended to be Steam’s operators warning of a security problem. Original Article: Steam players – beware of fake skins as phishers try to hijack accounts Tag Line: Want to Have fun, join Trucking World at ETS2, ATS and TruckersMP. Respected Member of the Arab Community and TMPFormer: Forum Moderator, Support Team & Game Moderator Link to comment Share on other sites More sharing options...
Guest Posted December 5, 2019 Share Posted December 5, 2019 if something seems too good to be true it probably is. One of a few good statements to live by. Link to comment Share on other sites More sharing options...
ScaniaFan89 Posted December 5, 2019 Share Posted December 5, 2019 Who the hell clicks those things anyway, its literally saying " hi i'm a scam, click me " Link to comment Share on other sites More sharing options...
Bastet. Posted December 24, 2019 Share Posted December 24, 2019 Hello, Because this thread has been inactive for over 14 days, it will now be lock and archived to keep our forum organized. Kind regards, Chris [PL] TruckersMP Community Moderator //Locked & Moved to archives Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.