Researchers have spotted another phishing scam that is specifically targeting Steam players. This Steam phishing campaign hijacks accounts by tricking users with free keys. They then use these accounts to further prey on the friend list.
Steam Phishing Campaign Steals Credentials
A recent study by Malwarebytes Labs revealed in a blog post, a Steam phishing campaign is on a rise to target Steam players. As revealed by the researcher Jovi Umawing, the campaign hijacks accounts, and then further trick the accounts in the friends’ list to look legit.
The new scam caught the researcher’s attention when she herself received a message apparently from an acquaintance on Steam. The text of the message seemingly lures by offering 1 free game.
The shortened Twitter URL (now redacted) redirects the user to another website, which serves as an intermediate link. This website (steamredirect.fun in this case), then further redirects the user to the actual phishing page offering free games.
The researcher reached a web page ‘Gift4Keys’ that was just one of the many phishing pages behind the shortened URLs.
Scrolling down the phishing webpage revealed a section ‘Try your luck’ from where the user should win the free game. To do this, the user should click on the blue colored ‘Play’ button.
Once clicked, the site then shows an alert informing the user about the free game won this way. To claim the free game, the user gets less than 30 minutes, during which, he or she is supposed to login via Steam account.
Clicking on the login button then takes the user to another page where the user should enter the Steam account credentials. This is the actual phishing site through which the attackers behind the scam steal your Steam account credentials. After hijacking the account, the attackers then apply the same trick to con the Steam contacts in the account’s friend list to continue with the scam.
Beware Of Steam Scams
There may well be vigilant Steam players who can easily identify the phishing page well before becoming prey, regardless Umawing has shared some key identifying elements in the blog, she stated:
The links on the page, such as “Profile Privacy Setting” and “create an account” don’t work. The URL address bar is blank. Legitimate unaffiliated third-party sites display an EV certificate for Valve Corp, and the URL in the address bar says that the signing in takes place in steamcommunity.com. The Language drop-down box at the upper right-hand corner doesn’t work. It also appears to be in Russian even when visitors are outside of Russia.
Umawing has also shared a list of domains associated with this phishing campaign. Some of these domains are still live and continue to propagate the phishing campaign.
Since phishing scams on Steam aren’t anything new, the researcher advises all users to stay vigilant to avoid falling prey to these scams.
Take your time to comment on this article.