Steam phishing targets video game players

Filed Under: Phishing, Spam

SteamSteam, the world's largest online gaming platform, is increasingly being targeted by phishers trying to steal credentials from its 30 million users.

If you're not familiar with Steam, just imagine something like iTunes - but for PC and Mac video games.

If you're interested in digitally downloading video games for your computer, Steam is likely to be your destination.

Steam's website

Phishing attacks against Steam users are nothing new - they've been around for a couple of years - but as more and more users jump onto the Steam bandwagon (train?) phishers have greater chances of success.

Here's one example of a Steam phishing email, intercepted by SophosLabs, which was sent to an email address that has never registered for a Steam account:

Steam phishing email

Subject: Warning! Your steam account will be suspended?

Although it looks like the link will take you to the real Steam website, the HTML actually directs you to a phishing site. Our spam researchers had a wry smile when they spotted that the email was sent on 15 February and yet it claims that Steam accounts will be closed if they don't hear back from the users by 11 February.

Just as we've seen a black market for stolen iTunes accounts, so Steam accounts have a monetary value too.

So, don't be too trigger-happy and always think before you click on that link. And if you use the same password on Steam as you do on other websites you could be handing cybercriminals over more than just the keys to your games cupboard.

Valve, the company behind Steam, has published advice on how to secure your Steam account which users would be wise to read.

, , , ,

You might like

5 Responses to Steam phishing targets video game players

  1. gog user · 1694 days ago

    Another reason to use instead of steam!

    • Dave · 1693 days ago

      gog doesn't even come close to Steam's offerings, it's pitiful in comparison

    • Mark · 1560 days ago

      And what's to stop gog users getting phished? There's nothing about Steam that makes it especially vulnerable compared to other services.

  2. Helen · 1694 days ago

    I love your posts. I think you make me look web smart when I share them. Thanks

  3. Tim Thornton · 1694 days ago

    If the phishers ever learn to write their scam emails in correct, grammatical English, we're all doomed.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley