Watch out, PC players! Hackers are in the process of searching for your Steam account and using slippery methods to snatch it from you. According to a report from Group- IBa cybersecurity company, malicious actors use a phishing strategy that lures users unwilling to enter their credentials into login pages.
Of course, you might be thinking, “There’s no way I would fall for that!” Although some phishing campaigns use half-baked, disguised, deceptive pages to lure victims, Group-IB claims that the technology in its report, called “browser in browser,” uses legitimate-looking windows that seem indistinguishable from their original method. his peers.
What is a “browser in a browser” phishing attack?
Steam uses a popup for user authentication – not a new tab. As such, hackers take advantage of this by taking offline victims to interact with a popup that mimics Steam’s user interface, but it is of course a trap.
How can they get victims to click on these phony fake popups to start with? Well, many cybercriminals masquerade as League of Legends, DOTA 2, PUBG or Counter-Strike gamers and ask users to join their team. They also offer discount esports tickets, ask users to vote for their favorite teams, and more.
Once a user clicks a button on the “bait web page,” as Group-IB calls it, it fires a data entry form that simulates a legitimate Steam window. It even has an additional Steam Guard window for two-factor authentication (and a fake SSL certificate lock icon).
“Unlike traditional phishing resources, which open phishing web pages in a new tab (or redirect users to them), this type of resource opens a fake browser window in the same tab to convince users that it is legitimate,” Group-IB said. .
Some scam Steam windows go so far as to warn users that they are linking their account to an outside company, adding an extra layer of fake legitimacy to the phishing scheme.
Oh yeah, those cybercriminals are who – which sneaky. Group-IB said this phishing scheme is only available to select groups. Hacking teams that have access to this phishing group offer phishing services for hire. In other words, cybercriminals are selling access to Steam accounts, and Group IB has reported that some of the pro-player accounts are valued at around $300,000.
How to protect yourself
Group-IB offered a checklist in its report to help Steam users detect a phishing attack in their browser.
1. Check if a new window opens in the taskbar. If not, then the browser window is fake.
2. Try resizing the window. If the window is fake, you will not be able to resize it.
3. Minimize windows. If the window is fake, the Minimize button will close it.
4. Click the SSL Certificate Lock icon. If it is fake, nothing will happen.
5. The address bar in fake windows is not working.
Avoiding this phishing attack is fairly easy. Always be skeptical about unknown users asking you to join their team or make other requests. If the message includes that you clicked on the URL, your suspicions should be heightened. No matter how legitimate or authentic a web page is, refrain from entering your Steam credentials, especially if the link was obtained from a complete stranger.