Saw this posted to a group Im a member of, just passing the info along:

"Seen this one making a few rounds lately, infected a few high profile accounts.

How it works
This is how it works. There's a link, that APPEARS to end in ".png", under the pretense of your friend sending you a screenshot. If you click this link, it will download a .scr file, which will hijack your steam account. Your steam account will start to send the same link to your friends.

What to do
Don't click links ending "sshot721.png", or any link from "screen-lighting" website.
This is the only website they are using at the moment, so it's the one you should definitely not click. They may start using other websites though, so be vigilant.

Turn on Download Notifications in Chrome.
Chrome has a feature which will ask you if you want to download a file, before downloading it. By default, this is OFF. You can turn this feature on by going to "Settings", "Advanced Settings", and clicking the checkbox on "Ask where to save each file before downloading." This feature is enabled by default on Firefox.

Ask your friend if they sent that link
In a lot of cases, the friends have managed to retain access to the account. Since it is automatic, ask your friend if they sent the link to you. If they say no, then you know they are infected. If they do not answer, presume the same."

10 years ago*

Comment has been collapsed.

Okay. Thanks.

10 years ago
Permalink

Comment has been collapsed.

Good to see the info spreading.

10 years ago
Permalink

Comment has been collapsed.

What to do if I click this link? Im using mozilla. Where to find this malware?

10 years ago
Permalink

Comment has been collapsed.

If you clicked it, I would suggest immediately deleting the file it downloads (obviously) as well as changing your Steam account info. Password, email address password, etc. Then run shit like Malware Bytes/Avast etc.

10 years ago
Permalink

Comment has been collapsed.

i once clicked the link bc i was curious.. hope it's fine as long as i didn't download anything (firefox also asked me if i want to download it)

10 years ago
Permalink

Comment has been collapsed.

thanks for advice

10 years ago
Permalink

Comment has been collapsed.

Good post, cheers!

10 years ago
Permalink

Comment has been collapsed.

Thanks for posting this, was about to post it myself :)

10 years ago
Permalink

Comment has been collapsed.

Isn't that pretty old scam?

10 years ago
Permalink

Comment has been collapsed.

ya, it really is.

10 years ago
Permalink

Comment has been collapsed.

yes, but it's intensifying

10 years ago
Permalink

Comment has been collapsed.

Thanks, but I wouldn't start interrogating my friend list.

10 years ago
Permalink

Comment has been collapsed.

Phishing with .scr files is old as balls, man. Friend of mine got phished this way this summer.

10 years ago
Permalink

Comment has been collapsed.

Its good to know that ! Thx mate ! :)

10 years ago
Permalink

Comment has been collapsed.

Only click on Imgur, Gyazo and puu.sh links, and you will be fine. Never click on any sketchy-looking link, that should be common sense.

10 years ago
Permalink

Comment has been collapsed.

I once got a link that looks like this: imgur.bi**.com (censored for security issues)

So yeah, be careful and mind the spelling too.

10 years ago
Permalink

Comment has been collapsed.

Don't click on a link ever, and everything will be okay.

10 years ago
Permalink

Comment has been collapsed.

Don't connect to the internet ever, and everything will be okay.

10 years ago
Permalink

Comment has been collapsed.

If you don't connect to the internet at all, be wary of USB drives. They can contain viruses too, and you haven't updated your virus definitions since you don't connect to the internet.

Just don't turn your computer on, and everything will be okay.

10 years ago
Permalink

Comment has been collapsed.

I once clicked on imgur link and there was a photo of Snooki there. YOU CAN TRUST NO ONE THESE DAYS!!!!

10 years ago
Permalink

Comment has been collapsed.

Me, too, so I did this to myself to get rid of the image

http://i.imgur.com/JOz8RgD.jpg

10 years ago
Permalink

Comment has been collapsed.

Many thanks for the information.

10 years ago
Permalink

Comment has been collapsed.

"If you click this link, it will download a .scr file" ... actually, it will prompt you to download said .scr file ... so if you do say "yes download it" and then after downloading "yes, run/execute it" ... then it's your own fault.

(and even if your browser does download it w/o prompt, you will still have to manually execute it)

still, thanks for the heads up =)

10 years ago
Permalink

Comment has been collapsed.

Phew, that's a relief.

10 years ago
Permalink

Comment has been collapsed.

Phew, that's a relief.

10 years ago
Permalink

Comment has been collapsed.

'#soOldThatISnewAGAIN

10 years ago
Permalink

Comment has been collapsed.

Thank you very much!

10 years ago
Permalink

Comment has been collapsed.

A bot tried to scam me with a link like that yesterday.

But I'm neither braindead or batshit ignorant, so i just reported and blocked.

To all the people that got scammed and clicked the link, you should be ashamed of yourselves!

10 years ago
Permalink

Comment has been collapsed.

ty mate

10 years ago
Permalink

Comment has been collapsed.

This kind of scam isnt new and around for a long time. What i dont understand technically, how can this script get your Steam data etc?
Edit: Okay, what i understand: You click the link, download the file or execute the file and than your acc gets hijacked?!

10 years ago
Permalink

Comment has been collapsed.

Probably requires that the person has steam remember password, when you have it remember password it is saved on your pc somewhere and thus the script only has to look there.

10 years ago
Permalink

Comment has been collapsed.

Like on cookies?

10 years ago
Permalink

Comment has been collapsed.

Saves to cookies when you login through a browser, not sure where it saves it for the client itself.

10 years ago
Permalink

Comment has been collapsed.

If you're not a stupid moron that finished 3rd grade you shouldn't be worried about getting scammed by a bot, doesn't matter in which method.
The people that are that intelligent to fall for this are the same people that use Free Antivirus in the hope that it'll keep all the viruses away and the same guys that think that an international hacker is interested in their facebook password...

10 years ago
Permalink

Comment has been collapsed.

nothing wrong with free antivirus software, it depends which program you use.

10 years ago
Permalink

Comment has been collapsed.

your text just reveals how ignorant and closed mind you are, no one has to pass all day in the front of the computer and know every rule and trick of every website, you really should spend more time outside, so for example if I get scammed on steam or think like one of the guys you referred, that means I'm dumb? No man, look the world, some people don't even know what a computer is, and you are saying if someone falls for a scam he/she is dumb? C'mon, I know you're smarter than that, there are so many factors that can influence people to make any kind of decision, that is a text of someone who didn't even finish 8th or 9th grade, I'm not saying you're dumb, I'm saying you should look other's perspective, and don't insult someone just because that person doesnt know something that you consider basic.

10 years ago
Permalink

Comment has been collapsed.

It is basic. Every single fucking person on earth who can rightfully claim they have a working brain should be wary of random people telling them to do random things (e.g. random dude on steam asking you to click a link).
The details may vary over time and place, but here's the thing: the situation is interchangeable, and that's why it is just as retarded to click on a random link a random person sends you on Steam as it is to show up in a dark alley at night because a guy on the street told you to be there cause he's got something really cool to show you.

10 years ago
Permalink

Comment has been collapsed.

A random person telling other random person that he/she is stupid/don't have a working brain, without prior knowledge of the person's background or condition is the ultimate moron IMHO.

10 years ago
Permalink

Comment has been collapsed.

I have to agree. If you're using Steam you're a PC gamer. If you're a PC gamer then you should know at least a little about PCs and all the dangers of the internet. If you fall for a scam like this then you're an idiot, because you have to actually run the file. Alright you download a file, now what? You going to click it? Really? Not even my mother (who came here from another country and knows literally nothing about computers) wouldn't do that. If you do fall for this I don't feel sorry for you.

10 years ago
Permalink

Comment has been collapsed.

I agree with you on the Steam part.

10 years ago
Permalink

Comment has been collapsed.

You would think, but Steam users time and time again have proven to be the dumbest bunch of people on the planet. Take a 2 second look at the Steam help forums and cry at the stupidity and all the people claiming they got their account hacked only to inform everyone after a day of prodding that they let a (online not real life) friend borrow their account and that their friend would never steal their account.

10 years ago
Permalink

Comment has been collapsed.

Agree, and who knows if someone actually tried it, because the scammer usually use alternative account.

10 years ago
Permalink

Comment has been collapsed.

10 years ago
Permalink

Comment has been collapsed.

Thanks for the info!

10 years ago
Permalink

Comment has been collapsed.

Nothing new, but still thx for info.

10 years ago
Permalink

Comment has been collapsed.

I clicked it because I'm stupid, and came from someone I knew and trusted, what do I do know? I dont see anything in my download files or in the download history of chrome. Are you sure it downloads it automaticly?

10 years ago
Permalink

Comment has been collapsed.

No idea, it depends on your browser settings assumingly. If you didnt open the file, you probably have nothing to worry about. To be safe, you could probably change your Steam password and the password to the email associated with your account.

I only have the details that I copy/pasted above so I cant really offer anything more to you in the way of advice.

10 years ago
Permalink

Comment has been collapsed.

There was no file to open. It didnt downloaded anything unless its invisible.

10 years ago
Permalink

Comment has been collapsed.

If you can still get in to your Steam account, it will behave much the same as the Spam worms on Facebook. To stop it, change your password as soon as you possibly can, if you still have access

EDIT Also, You can do this. Immediately after you have changed passwords, restart your PC, boot into Safe Mode and run an antivirus scan. I recommend ESET Smart Security. Running Malwarebyte's Antimalware wouldn't hurt, either

10 years ago
Permalink

Comment has been collapsed.

thanks for the info, It's still going around... people on my friends list were just hit moments ago...
The message post started with WTF dude (with the viral link) if its not answered it repeats.

10 years ago
Permalink

Comment has been collapsed.

Yeah, be on the look out for that. I just recently got scammed by that and lost all my items. Steam wont give my items back until I get "proof" but they got into my account by my computer so I didn't get any "New Device" things on my email. "EDIT" I am a complete idiot for actually falling for it and loosing my things. Its just that I've never seen a phishing link before.

10 years ago
Permalink

Comment has been collapsed.

good to know thx

10 years ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.