The entered Steam credentials have already been stored on the scam website. While failure to sign in is shown on the users’ screen, in the background, the harvesting process is initiated. “The account name or password that you have entered is incorrect.” When the users enter their Steam credentials, the page presents an error message stating the following: That’s one of the ways for scammers to make fake things look real. With the Steam login page open, users can clearly see how legit it looks. Instead, they stated that they encountered a few instances where the code breaks and the spoofed URL in the fake address bar doesn’t show as it should. The pop-up page didn’t load completely when Malwarebytes was testing how the scam works. If you scroll up and down on the original page, the Steam sign in the window goes with it. “If you try to drag the window off of the parent chrome window, what happens? You can’t. Such semi “Pop-up” has been seen and argued about before by Reddit user “/Bangaladore.” Here’s what he had to say: In fact, it’s part of the website itself. The scam continues when the users click on “Get Nitro.” Once selected, a “Steam” pop-up that looks exactly like what the platform would offer appears.Īlso, according to Malwarebytes, the pop-up does not open in a separate window as most pop-ups do. Once they tap the link, they are redirected to a website crafted perfectly to resemble a legitimate Discord page. Now, a lot of users might not pay attention to details and click the link anyway. “See, here free nitro for 1 month, just link your Steam account and enjoy.”īefore we explain the whole process, you can tell by the grammar mistake at the beginning of the sentence that this is a scam. The following screenshot is an example of what users may find resting in their Message Box: The new scam involves bot accounts or accounts controlled by scammers that are sending free Nitro subscriptions to Discord members. Free Discord Nitro? Not Quiteĭiscord has more than 300 million users and scammers are taking advantage of how popular the platform is. What is the attack and how are they implementing it? Find out in this article. Such a broad attack is not something you normally come across every day, but it is happening. Now, attackers are aiming for the “Best of Both Worlds” with a new phishing scam hitting both Discord and Steam. Discord has millions of users, which is why it has become the main target for scammers to repeatedly prey on victims.Ī couple of weeks ago, the “I accidentally reported you” scam saw the light on Steam.
0 kommentar(er)
