Instal Steam
login
|
bahasa
简体中文 (Tionghoa Sederhana)
繁體中文 (Tionghoa Tradisional)
日本語 (Bahasa Jepang)
한국어 (Bahasa Korea)
ไทย (Bahasa Thai)
Български (Bahasa Bulgaria)
Čeština (Bahasa Ceko)
Dansk (Bahasa Denmark)
Deutsch (Bahasa Jerman)
English (Bahasa Inggris)
Español - España (Bahasa Spanyol - Spanyol)
Español - Latinoamérica (Bahasa Spanyol - Amerika Latin)
Ελληνικά (Bahasa Yunani)
Français (Bahasa Prancis)
Italiano (Bahasa Italia)
Magyar (Bahasa Hungaria)
Nederlands (Bahasa Belanda)
Norsk (Bahasa Norwegia)
Polski (Bahasa Polandia)
Português (Portugis - Portugal)
Português-Brasil (Bahasa Portugis-Brasil)
Română (Bahasa Rumania)
Русский (Bahasa Rusia)
Suomi (Bahasa Finlandia)
Svenska (Bahasa Swedia)
Türkçe (Bahasa Turki)
Tiếng Việt (Bahasa Vietnam)
Українська (Bahasa Ukraina)
Laporkan kesalahan penerjemahan
Pedoman dan Aturan Diskusi
2 
Laporkan postingan ini
Two things.
1) On discord, they allow users to mask links.
https://steamcommunity.com/discussions/forum/0/4328601129270939054/?ctp=3#c6741411926481761877
2) Scammers change their URL all the time, it's the easiest thing for them to do as all they have to do replace I for L, o for zero, and so on.
1) I've seen this happen on Steam too, and as far as I'm aware you can't do that on Steam.
2) And both I and OP have explained that the first part of the website, until the ".com" does not contain any noticeable changed letters. It is still "steamcommunity", not any of the variations like "steamcommumnity", "steamc0mmunity", "steamcommunlty", "steamcommun7y" and so on and so forth. They even explain that it leads to the Steam front page, and that they have been expecting a "smart IDN homograph attack", which is exactly what you are describbing.
Again, I see this as a failure to actually understand what OP is asking about.
Not new scam. It is really old.
https://steamcommunity.com/discussions/forum/1/2592234299571197182/
Going waaaaaaay back...
https://steamcommunity.com/discussions/forum/7/558754899933789316/
https://steamcommunity.com/discussions/forum/1/523898291503812045/
The amounts might be different but the scam/phishing is the same.
You're either a ♥♥♥ or english isn't your primary language. I am aware of it being a scam, I know not to fall for the "free stuff from strangers on the internet" trap. I know that it's almost as old as Steam. I am not contesting any of that. Mine and OP's question is how does clicking a link that sends you to the Steam front page steal your data. Usually with phising scams you have to input your info into a fake website that looks similar to a real one, ie. like the examples I gave in my previous comment, which you clearly have failed to read until the end.
As like I said they change it all the time, that because if they get blacklisted, it just show up as BLOCKED to the victim, hence the point of changing it, doesn't matter .com it the fact they can do anything from misspelling steamcommunity .net .org or etc, or just change letters that is the point.
There is no magic attack you're thinking of unless they got control of your PC, you're using their network, connecting on their scam site, or etc...
Google.com will take you to Google.com for it to take you anywhere else either A) it's not correct spelling, B) Your device has been compromise, C) Using network like VPN/proxy to connect to some guy server, or D) Using device/network that not yours that compromise.
So unless there is a reason went out of your way to necro this discussion for a mindless rant, then there is nothing else to discuss.
this thread is like a year old, why did you even reply
Or do you see where your link leads? I don't. I can only see the anchor text (clickable text), not the real target.
I have often criticized Valve for this in the past and will continue to do so because they haven't managed to meet web standards for over 2 decades and attention to usability is also ignored in many cases.
- You can't do gifting via url. People can gift via Steam, but you only get notification via site & client, email, and pop up when you login to steam client. If anyone giving you a link for a gift it's automatic red flag scam.
PLEASE NOTE Discord has a problem where it allow uses to change the path of their hyperlink
using a command so they can say whatever they want, but the link goes somewhere else.
- Steam support will never do support outside of Steam, they don't do DMs, voice call, email, phone call, or sms, they only reply to tickets you make via Steam help page only on site no where else.
Anyone claim to be Steam admin/support automatically red flag scam. Scammers use claims having pending bans, or whatever.
- Scammers use tricks like vote for my team or you won a prize and try to trick you to login to their scam site, they even use FAKE tab pop up within your browser to trick you thinking it real thing but it just a fake phishing page to get you to login.
These are not new scams, or recent at all been around for years, the issue is people either ignore these signs, PSA, never take notice, be ignorant thinking it can't happen to them, or just want to play stupid games win stupid prizes learning hard way.
Some people just ignore url, and only look at the preview/embed that shown in front of them, as Steam, discord, and etc does display preview/embeds.
For Steam chat it does show you DOMAIN url, and if hover over it shows FULL url.
Also last part make ZERO sense as that means EVERY single app on this plant failed to meet web standards, because none of them stop phishing attacks.
https://steamcommunity.com/sharedfiles/filedetails/?id=3464127358
this threads a year old, there is no need to keep digging it up
Agree, ignoring warnings is a different issue (for various reasons) and it is also the case that even when copying links, it happens from time to time, that you click on the link if one is not careful.
There is also a large number of people who are unfamiliar with the topic, lack the knowledge, have not informed themselves or cannot even imagine what it is about and they often speak up when it's already too late.
One must also not forget that the platform is approved for users aged 13 and up, with all age groups and levels of education, knowledge, awareness of safety standards (which in turn often requires financial resources), and so on.
For example, I don’t see any pinned notice in the forum regarding protection and information about scam warnings. You first have to dig through the support section to find them, and even then, you have to know such information exists in the first place. Valve could do a lot more here. Many of these things are just small details.
And yes, it's up to each individual to read, understand and apply the information themselves (as always)
A lot of companies tried putting effort, but the issue is they know it's nearly impossible to prevent someone falling for scams as long as there away for scammers to communicate to the victim, from DM chats, emails, VOIP, mailing, phone scams, all these still exist to this day because it meant there people still falling for said scam, or else they would've given up.
Yes, are you?