New phishing spreding on STEAM again

I sent a message to every single person on my Steam friends list to hopefully save them from my fate. Thankfully, everyone else was a lot more cautious and wiser than me lol!

View attached image.

It seems I overestimate how much these bots try to scam random people. Maybe it's my TF2 inventory which makes me more of a target. That's why I made the association between "knowing" and "meeting". I'm tired of seeing this scam xD

Of course, but if you're willingly going to meet this person you never talked to once before who promises you a better life out of nowhere and for no reason and you look at google maps and it turns out it's in front of a building that says organ harvesting facility we kill people, I ain't gonna feel bad for someone falling for it. The signs were there right?

While I get your point, that's what a scammer does, it's preventable by the user only and steam will never be able to stop these out. You could generate some infinite variation of links that contain steampowered. It's just a phrase you could add anything to it.

The thing is tho, this isn't the first time this happens. This has been happening for like 15 years now maybe longer. People just willingly give their accounts to scammers.

Just because the page is copied from steam doesn't mean you gotta login. If the link at the top isn't store.steampowered.com, steamcommunity.com, or https://help.steampowered.com, you're not on steam. In the case of the above link, you're not going to steampowered.com, you're going to shareplaytest.com, so they didn't even attempt to get a domain with steampowered.com. Still if you're logged in, and you got to a site that looks like something and you're not logged in, maybe verify the url?

"Granted, this one is rudimentary at best but still, acting like everybody else are idiots for "falling for it" is kind of arrogant."

I'll take it. I never once, never once got scammed like this. Not even close. My concern is more if people fall for something like this, how do they have bank accounts, or deal with money irl? Like you just can't operate normally if you fall for something so simple. So to me, these threads look more like attention seeking. Maybe it's arrogant and I'll be that person, but this is the second thread about this exact same message letter for letter, although this format of a scam has been done hundreds of thousands of times before.

https://help.steampowered.com/en/faqs/view/70E6-991B-233B-A37B <---- I'll leave this here because steam already has an article going over all the scams you can fall for, so why not just read that instead? Wouldn't that be more beneficial to all these people? Or they just don't like to read and learn, but they enjoy the moment they think they discovered something new or relevant, which turns out has been done for over 15 years, so it's expired.

Thing is the attack involves more than just clicking the initial link.

You see I knew it was a phishing scam the second I saw it, but I was still curious, so I fired up a sandboxed Tor instance and followed the link to see what it does.

It basically shows you a page with a button to accept the playtest invite, when you click the button it creates a "fake" popup window to imitate the steam login page designed to steal your username/password. By fake I mean this popup window is drawn inside the same page, it was so obviously apparent because it doesn't match the window decoration of the browser/OS.

So again I don't understand how so many people fell for this, even without an antivirus warning it would have been easily spotted.

Good one 😬

Thanks for reminding me that I still have some cards from the last sale. Not enough to build a badge and also not worth the time to put sell them for the pennies they're worth (which I might have to do in the end). It was very disappointing.