How To Enable Gaming Mode on Android 12

Back in Februry, folks at XDA had spotted an unreleased Gaming Dashboard in the works for Android 12. But up until now, there were no clear...


Newly discovered phishing scam on Steam

Posted by   on

New phishing scheme discovered via Steam

According to the Reddit post submitted today by one of the users, a simple action that he was asked to perform on Steam for a fellow gamer, almost resulted in him losing his account.

Trying not to arouse any suspicions, the innocent request urged the user to just vote for a gaming team. When trying to do so though, what he discovered was a bigger surprise than he expected.

However, in order to perform this action, you have to use Steam OAuth to log in, which is pretty much a common thing among verified websites.

The trick was that, after you clicked on Sign in via Steam, another virtual popup window would open inside the original tab.

This gives most users the impression that they are using the correct steam URL and that it’s completely safe to input the credentials.

Because the Valve corporation name and icon, as well as other elements of the original website’s UI are present, it becomes easier to trick the unsuspecting into providing personal information.

What surprised me was the quality of trick!

2FA data sent to the attackers

The post author on Reddit continues to explain that, in case anyone went through with this sign up process, the loss of the Steam account would be almost a certain thing.

If users had the 2FA option enabled, actually inputting the security code that they received on their phone, could lead to total account takeover, as they would have all the information they need.

Although the Steam platform isn’t commonly used to perform such schemes, its not uncommon. Malicious third parties will never stop concocting new ways to trick you out of your possesions.

No comments:
Write Comments

Hello Friends, welcome to we Hope You'll like it - COntact US