Account phishing in itself is not something new in the digital world. It's seen everyday, from small scale account jacking, to large scale corporate sabotage. However, we're more interested in our Steam accounts right now, especially with the summer sale underway. Let's hope this bit of information will help keep a lot of you more aware, and safer.
What exactly is 'Account Phishing'? It's a pretty simple concept to understand if explained correctly. Account Phishing is when someone creates a 'fake' webpage and/or application that is design to steal your account information. Majority of account Phishing is done via websites that resemble the real one. Such as the website used in the recent SSFN Phishing attempts:
As you can see, resembling the original site is accomplished. However, if you take a closer look at the URL, it says 'steamcommnurty.com', which most people would not notice immediately if clicking on a link from a friend on Steam. With this specific Phishing scam, users are linked to this fake steam profile that has rare items for games in which people would gladly trade for. But little do these people know, they're moments away from having their accounts stolen!
Upon logging into this phishing site, you will be prompted to sign in to your steam account. This is the first mistake; they now have your username and password. But wait! Steam Gaurd will protect my account!1!1 That's correct...until you get directed to the next page, which has a spiffy notifcation that tells you to run the 'steamgaurd.exe' that they just tried to download on your computer. Upon running this malicious program, the SSFN file from your Steam installation directory is uploaded to a remote site, in which the creators of the application can access.
Looks pretty promising, doesn't it? Too bad it isn't, as Steam would most likely never have you perform such an action. When ever they detect that you're signing in from a new device/browser, they will email a code to the address associated with your Steam Account. Some of you may be wondering what exactly all of this even means. Basically, once they've acquired your account credentials and your SSFN file, they have everything needed in order to appropriate your account from right under your nose. With access to your account, they can do pretty much everything you can do. Including taking your precious steam games. And with the summer sale in progress, it's pertinent that everyone is aware of these phishing scams.
Lord Gaben, protect us from the fishes!11! If you'd like to know more about how these Phishing scams for Steam were first found out, head over to http://blog.malwarebytes.org/
Source | Source