Steam by Valve is among the largest online gaming service providers, with more than 150 million registered users and is naturally one of the biggest destinations for hackers and scam artists targeting gamers.
A number of scams recently have lured gamers with fake promises of attractive returns and duped them of their credentials, which often lead to credit card breaches and the likes. In the past, we have learned about malware or phishing attacks, but now, newer ways have cropped up for stealing login details of PC gamers.
The common forms of attacks used by hackers have matured over time and these scammers now use much more complex methods to phish credentials. Kaspersky Lab has discovered the common forms of new-age Steam scams. Here they are:
Many online stores try to lure multiple gamers with the hope of letting them buy games or other add-ons for dirt cheap prices. Though not completely fraudulent, the practice is shady and unethical as these stores sell or re-sell serial keys for various games without having any authority to do so.
Often, the algorithms involved in such lotteries are unknown and could be used to unknowingly scoop out the user’s credentials.
Free Gear Baits
Though old enough, phishing remains one of the oldest points of attack for online gamers. Gamers often receive deceiving links with promises of free giveaways, exchange offers, or other things in form of emails, or even through comments on online forums or social media.
While these links have the keyword “Steam” in them, these are not official links and are meant for stealing data. Many a time, the users are asked to enter their login details and this is where the attacker steals your credentials. These stolen accounts are usually sold after hackers change details.
Heavy Discounts on Games
To be able to buy multiple, say 50, games for a very low price, many users often opt to buy stolen Steam accounts (see previous point) which come with pre-purchased games. This is also attractive for those looking to take a shortcut to success and completing achievements without having to work hard.
While essentially, it might seem like a good deal, the second-hand buyer is often left empty-handed when the original owner tries to reclaim the account. The money is obviously lost as there is no law governing a stolen account.
Often, there are moments when hackers try to sell several applications or add-ons that might improve the privacy and security of Steam accounts. Sadly, many gamers fall for it without verifying these claims or citing reviews from previous users.
A number of such applications turn out to be meant for phishing and might lead to easy theft of Steam login credentials.
How to Avoid Steam Frauds
The best practice is to be aware of the existence of such scams and not be tempted by glittering offers. Gamers must make sure that they do not click on any link without checking its reliability. Users must pay extra attention while sharing personal information after clicking on email links. Lastly, it is important that all games and enhancements are bought from official stores irrespective of how lucrative a deal may be.
Lastly, users can opt to install two-factor authentication using services like Steam Guard to be able to provide an additional layer of security. To be able to keep malicious links at bay, you can also use a good anti-virus application or even the Windows Defender extension for Chrome which was recently released by Microsoft.