Jump to content
Sign in to follow this  
nosoop

Careful with "Steam" links, fellas!

Recommended Posts

1:23 AM - Pikachu on LSD: I think it's about time for a friendly reminder about phishers

1:23 AM - Tomætoes [sWF2]: he's like spiderman

1:23 AM - Tomætoes [sWF2]: a menace to society

 

Keep an eye out there!  Phishers are getting just that bit more craftier now.

 

Even with SteamGuard enabled, unscrupulous people have been simply asking for the SteamGuard code and have also written tools to grab authentication files off the installed Steam client and using it in their own.

 

Example message, poor English intact.

You'll get this either from friends that have been hijacked and/or other victims that scrape trading sites for your profile:

4:20 AM - dickbutt: Hi. My friend want to trade with you.Add him. steamycornmutiny.com/id/tf2player22

 

Of course, copy / pasting the link into your browser and bypassing Steam's link filter puts you on a page with a seemingly innocent Steam profile, and any action to attempt to add the "friend" points you to a sign-in page.  From there, you'd maybe consider dropping your username and password into the boxes and trying to sign in.

 

After filling in your info, the current flavor of the day for hijacking is this dialog, in place of the normal SteamGuard one you'd expect:

3gLLPVP.png

 

Which, if you download and run, will probably grab the SteamGuard file off of your hard drive, which is then easily usable in custom-written Steam clients.  I say probably, considering the analysis service I use isn't any more descriptive than saying it needs the .NET 4.0 framework.  The other one did, though.

 

tl;dr random executable downloads are bad, mmmkay?

 

I'm sure you're all careful about random adds and such, so this is a just-in-case thing if you haven't heard yet.

Share this post


Link to post

4:20 AM

 

Hoh

 

Seriously though, I got one of these messages while I was asleep apparently by one of our own members. It could happen to you too, reader. Maybe.

 

Anyway, everyone be cautious, no one wants to get all of their shit stolen.

Share this post


Link to post

SPEAKING OF PHISHED. SHOWING WAS PHISHED. :(

Indeed he was. The phisher sent me a message. I was all "haha, no." Weirdly, Showing's inventory looks okay.  The phisher removed me from his friends list though.

 

That cornmunity sounds mighty tasty.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...