Beware: Valve Steam Guard Phishing Attack Discovered

Another day, another exploit/attack/hack/breach/phishing scam to worry about. This one concerns Valve’s Steam Guard Protection and a new phishing scheme that, if successful, allows a cybercriminal to steal a file that will bypass the Steam Guard Protection and allow the thief to log in to the victim’s account from any computer.

Steam Guard phishing
The above is a fake--a phishing attempt

Malwarebytes detailed how the scam works. When you attempt to log into Steam on a different machine and Steam Guard asks you to submit a verification code it will let you in. However, if the phisher gets you to fall for a fake message that looks just like the Steam Guard pop-up, he can acquire your SSFN file, which, when dropped into the Steam directory on the thief’s computer, allows him to log in to Steam as you.

Steam Guard phishing
This is what you *should* see

“While logged in as a Steam user, they’ll be able to see the victim’s purchase history, change current email address, current Steam password, disable Steam Guard, change the profile name and update the stored payment method (if any),” wrote Malwarebytes’ Christopher Boyd in a post. Fortunately, “They can’t make purchases with the stored card because Steam requires you to re-enter the security code when making payments,” he added.

Be sure that you’re vigilant and that any Steam Guard screen you see is legit. Take an extra moment to scan for anything off.