Much like the general population, cyber-criminals have areas of expertise.
Some grift people on social networks, other spread malware via emails and then there are the ones who know how to turn gamers items and accounts into money.
The main playgrounds for these types of criminals are the big gaming platforms like Steam, Origin or Battle.net. Typically, the fraudsters profile or target new users to the site along with others who know little about cyber-security. As new gamers sign up in droves on a monthly basis, cyber-criminals experience no shortage of potential victims, especially with the rise of multiplayer online games. Forewarned is forearmed. With that in mind, we’ve decided to make a list of the most widespread Steam scams and share it with you, so you’re better prepared.
1. Phishing is just as efficient on Steam as it is on social networks and the greater Internet. Fraudsters often analyse victims profile to tilt the odds into their favour, or to clone the account of a friend. The criminals will then send a private message where they ask for “help,” offer access to an “amazing game guide,” exchange some items or something else. Regardless of the text, the sole purpose of the contact is to make the user click the fake link in the message. It leads to a malicious site, which looks similar to Steam and requires the victim’s log-in information. When the deceived users authenticate on this site, they risk compromising their steam account (along with any other accounts that have the same password.)
To prevent this kind of scam Valve has invented the Steam Guard, which we highly recommend you turn on. It’s a variant of two-factor authentication and gives an additional measure of security to your account. You should always check if you are on the real site each time when you enter your login and password. If you see a misprint in the site’s URL (like the link in the tweet above (please don’t click it!)), a space-bar or some other excessive symbol, then you can be sure: it’s fake.
2. If the criminals fail to draw in victims via the social engineering, they will look to draw in easy prey from outside of Steam. To do that, the fraudsters write articles and publish videos on YouTube that “reveal” how to get something for free: gain extra experience, copy an item or find “secret” cheat codes.
Tips given in fraudsters’ content are mostly copied and pasted from other web resources. But throughout the text or the video fraudsters obtrusively offer to download some software or an extension that will boost victim’s game character to the unbelievable levels. If a deceived user downloads the malware the most interesting part begins, because nobody really knows what’s inside the file. One can lose his or her Steam account, or become victim to some form of ransomware. The best way to protect yourself from such threats is to install a reliable security solution. You should also be very attentive and check twice before opening links and downloading files on the Internet.
3. Sometimes people pay for the items not on Steam, but via PayPal, WebMoney or other e-currency services instead. So, you can get real money for your items, but sometimes fraudsters pay for the purchase and then write a tearful letter to the support team of their e-currency service where they ask to freeze the transaction and bring the money back. To prove their story they can even send a fabricated Skype screenshot, in which the victim looks like a fraudster.
If the support representatives believe the story (and it’s quite possible that they will, as the real victim is unaware of what’s going on and remains silent), then the users are left without both the money and items, given away as a “gift.” And there is no way to return it. That’s why you should not make bargains outside the Steam trade window.
4. Sometimes people try to befriend you or say that they are your old friends – that’s just you know, a second account they are using right now. In the end they ask to “try on those cool items” on the pledge of, “I’ll give it back, cross my heart and hope to die!” Of course, you shouldn’t believe them. Even while there is a small chance they can actually be your friends. If you suspect that you really know this John or Jane, check them: call them or write a Skype or Viber message. Just remember: if you give an item to a fraudster, you’re probably not going to get it back.
5. Fraudsters don’t limit themselves with the roles of “friends.” Sometimes they present themselves as Steam employees and try to pull a fast one: accuse users of a fraud and force them to give some of their game items for a “scan” and a “check.” Of course, they don’t work at Valve Corporation. No Steam employee will ever ask a user to share items with anybody else. So you can freely report these scammers.
6. Fraudsters can ask you to send them an email letter with the confirmation link or the link itself. Don’t ever do this, no matter how they explain it! As when they have the link, they can finish the bargain without your real approval. You certainly won’t like the results.
7. In the majority of scams fraudsters will try to hurry or rush you. This is no accident: for example, they can offer you an item, which looks like a valuable one, but in reality it’s not. Moreover, the less attentive the victims are, the bigger are the chances that they will fall for this or that fraudsters trick.
So never yield to pressure and check twice and thrice what you are trading for, before you confirm the bargain. Remember: according to Steam policy, you cannot return the items that were given away due to scam. All you can do is report a fraudster to the Steam support service.
For this you need:
Don’t hesitate to do it: if nobody teaches those bastards a lesson, they will continue their money grab activities.
Axarhöfði 14,
110 Reykjavik, Iceland