With more than 35 million active customers, the Steam platform is a true honeypot for cybercriminal flies. A common scenario is that of spam waves sent out into the e-world disguised as genuine Steam e-mails to trick users into installing malware.
Alternatively, Steam login page lookalikes put on their best “honest to God I’m the real thing” face and manage to snatch users’ credentials in no time. While in the first case proof of the crime being committed may require a good chase (unless your e-mail address is on the lucky “to spam” list of the day). In the second case, evidence may come to your virtual doorstep by itself, courtesy of “paste your loot here” services.
If you think you’ve heard this story before, well, you have. Recognizability is a classic’s quality. So is perennity. So, I’ll keep nagging you about this ‘till scammers’ hell freezes. These days, a list of Steam login information was posted on the internet. Most probably, it’s the result of a phishing process.
Yes, there’s a moral to this story.
Short version: strong passwords, one for each online account, plus anti-phishing protection RULE.
- Activate your phishing filter, as well as any other security applications or suites before browsing the internet
- Stay away from using a non-secured system. And if you truly have to use one, make sure you run the Bitdefender advanced scanning on-line free tool, Quick Scan, before going on.
- If you use a wireless connection, make sure your connection is secured and encrypted and that you know and trust the owner of the access point.