โพสต์ดั้งเดิมโดย potato:

it doesn't lead to the real steam, they use a link with the word "community" mispelled

I was in a discord server where someone posted a steam phising link and the link wasn't misspelled. It was steamcommunity.com but when I copied the link and pasted it, it actually was a t.ly (link shortening service) link that redirected you to the phising site what had misspelled steamcommunity link. So there is something wrong on discords end or the t.ly link preview said steamcommunity.com

NoTextToSpeech has a video about it
https://youtube.com/watch?v=Jz-3goOPj9o

โพสต์ดั้งเดิมโดย Ettanin:

NoTextToSpeech has a video about it
https://youtube.com/watch?v=Jz-3goOPj9o

thanks

โพสต์ดั้งเดิมโดย root@Bash:~#:

Okay, figured it out. It's a highlight in Discord. It *shows* a real steamcommunity.com url.

those sneaky bastards

Imagine using discord

โพสต์ดั้งเดิมโดย T9:

Imagine using discord

Imagine using Steam - Group Chats

its well confirmed that many of the same spoofed urls for Steam Community in Discord are also being seen posted in Steam User Groups chats and Valve's own url filter isn't even reporting them as malicious to users in chat, yet virus total or urlscan io scans detects that they are.

Anyone here know of Sinking Yachts?

Discord based anti-phishing project founded by @ nwunder ? This project focuses on collecting and flagging domains that are running phishing scams against Discord or Steam, which are often spread with scam messages from compromised accounts.

Uncertain if this project is still operational.

I could easily show you all a list of 40 + Steam spoofed scam phishing url domains found in Steam chat rooms in 2 week chat history. Valve wouldn't like that. Yet Valve seems not to even care with maintaining it's url fitters or removing the malicious user accounts or urls from view, that are to domains that take weeks to be taken down by hosts when they are reported.

Tell me what the point or goal of VALVE is to have OFFICIAL Steam Group chats of their own with no active moderation in them and phishing urls on display in them?

Steam Workshop Counter Strike Gary's Mod ?

Or how about their partners? Euro Truck Simulator 2 or Rust?

Even DeadLock chat was recently bombarded by phishing urls. Valve was only a little more concerned there, but probably only because it's their newest IP. Can't have scammers killing off community before it even gets started.

โพสต์ดั้งเดิมโดย CANCELCULTURE:

โพสต์ดั้งเดิมโดย T9:

Imagine using discord

Imagine using Steam - Group Chats

its well confirmed that many of the same spoofed urls for Steam Community in Discord are also being seen posted in Steam User Groups chats and Valve's own url filter isn't even reporting them as malicious to users in chat, yet virus total or urlscan io scans detects that they are.

Anyone here know of Sinking Yachts?

Discord based anti-phishing project founded by @ nwunder ? This project focuses on collecting and flagging domains that are running phishing scams against Discord or Steam, which are often spread with scam messages from compromised accounts.

Uncertain if this project is still operational.

I could easily show you all a list of 40 + Steam spoofed scam phishing url domains found in Steam chat rooms in 2 week chat history. Valve wouldn't like that. Yet Valve seems not to even care with maintaining it's url fitters or removing the malicious user accounts or urls from view, that are to domains that take weeks to be taken down by hosts when they are reported.

Tell me what the point or goal of VALVE is to have OFFICIAL Steam Group chats of their own with no active moderation in them and phishing urls on display in them?

Steam Workshop Counter Strike Gary's Mod ?

Or how about their partners? Euro Truck Simulator 2 or Rust?

Even DeadLock chat was recently bombarded by phishing urls. Valve was only a little more concerned there, but probably only because it's their newest IP. Can't have scammers killing off community before it even gets started.

Steam, Discord, Facebook, Youtube, the list goes on endlessly even Google itself that brags about fighting phishing problems, yet they come out of the woodworks daily.

The main issue is even if take down said 40+ domains you see, they just alter the domain name, and back again in matter of mins. And yes they all do block said domains time to time, but they're no fast pace when comes to reports, or dealing with those domains.

Hell if I type in certain key words in google search I may get scam sites showing up left to right that just been problem since forever. Do I think everyone should step up their game yes, but do I expect them no because if not something they can control indefinitely, then something that going to be work in progress problem where either take time, or worse they do nothing about it.

โพสต์ดั้งเดิมโดย ぐがさん:

in the discord you can send one link using another phrase just sending the message like this:
[steamcommunity link](the scam site link goes here)

Hahahahah so it's not really an URL, it's just the website domain along with a random path 😅

โพสต์ดั้งเดิมโดย CANCELCULTURE:

education is the best medicine

โพสต์ดั้งเดิมโดย Dr.Shadowds 🐉:

Scammers use claims having pending bans, or whatever.

I've already had my account stolen by some of these suckers thinking they were going to get easy money from me

โพสต์ดั้งเดิมโดย Dr.Shadowds 🐉:

โพสต์ดั้งเดิมโดย CANCELCULTURE:

Imagine using Steam - Group Chats

its well confirmed that many of the same spoofed urls for Steam Community in Discord are also being seen posted in Steam User Groups chats and Valve's own url filter isn't even reporting them as malicious to users in chat, yet virus total or urlscan io scans detects that they are.

Anyone here know of Sinking Yachts?

Uncertain if this project is still operational.

I could easily show you all a list of 40 + Steam spoofed scam phishing url domains found in Steam chat rooms in 2 week chat history. Valve wouldn't like that. Yet Valve seems not to even care with maintaining it's url fitters or removing the malicious user accounts or urls from view, that are to domains that take weeks to be taken down by hosts when they are reported.

Tell me what the point or goal of VALVE is to have OFFICIAL Steam Group chats of their own with no active moderation in them and phishing urls on display in them?

Steam Workshop Counter Strike Gary's Mod ?

Or how about their partners? Euro Truck Simulator 2 or Rust?

Even DeadLock chat was recently bombarded by phishing urls. Valve was only a little more concerned there, but probably only because it's their newest IP. Can't have scammers killing off community before it even gets started.

Steam, Discord, Facebook, Youtube, the list goes on endlessly even Google itself that brags about fighting phishing problems, yet they come out of the woodworks daily.

The main issue is even if take down said 40+ domains you see, they just alter the domain name, and back again in matter of mins. And yes they all do block said domains time to time, but they're no fast pace when comes to reports, or dealing with those domains.

Hell if I type in certain key words in google search I may get scam sites showing up left to right that just been problem since forever. Do I think everyone should step up their game yes, but do I expect them no because if not something they can control indefinitely, then something that going to be work in progress problem where either take time, or worse they do nothing about it.

Agree.

I see that gift box scam accounts are now phishing in several partners third party product game hub chat rooms now on the daily too. THIS IS FOR YOU! GG VALVE!

It's apparently going to get way worse.

Today:
Nightingale
EA Sports FC 25
Dragon Ball (nudity also) today in hub chat rooms, probably others I don't know about.

Other products chat were hit with the phishing spam yesterday for about 5 -6 hours about 6 or more alt bot accounts used.

Call of Duty
Monster Hunter
The Blinding of Isac
Fall Out 76
GTA V and many more chats yesterday.

It's one thing to have user created groups targeted, and clearly another to have your own third party partners un moderated chat rooms targeted, imo. In the end it's all the same crime.

i dont know why valve even allow unmoderated live chat rooms. Even AOL worked out that wasnt a great idea.

โพสต์ดั้งเดิมโดย eram:

i dont know why valve even allow unmoderated live chat rooms. Even AOL worked out that wasnt a great idea.

They could in theory with the controls disable, hub chats that have no moderators?

I've seen some chat rooms where the chat seems locked from use to everyone in the room.

I did see yesterday, a user created group moderator simply unwilling to remove disgusting UGC spammed in violation of the rules posted in chat, reason given to another user was that the moderator tools given were to tedious to use to delete the spammed content.

imo unwilling to moderate, doesn't deserve the space, imo, but what do I know.

yes they could do whatever they like. everything you use on steam was created/written/coded in house.

โพสต์ดั้งเดิมโดย eram:

yes they could do whatever they like. everything you use on steam was created/written/coded in house.

Then they can even leave visible nudity, and scams in chats. Seems it's what they really like the most.

I sadly have to report it's still an ongoing issue, on Discord, using redirectional urls for '20$ gift' *showing* a legit steamcommunity url but redirecting to another url; reading in above comments there are 40+ of these domains known already, so I will not post the shortened redirecting url here)
Just informing that these scams are still on-going.

โพสต์ดั้งเดิมโดย MACKerMD:

I sadly have to report it's still an ongoing issue, on Discord, using redirectional urls for '20$ gift' *showing* a legit steamcommunity url but redirecting to another url; reading in above comments there are 40+ of these domains known already, so I will not post the shortened redirecting url here)
Just informing that these scams are still on-going.

It is never going to not be a thing.