Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Then go to that site and click the “Sign in with Steam” button.
A legit openID will let you sign in with one click.
If it asks you to enter your login info, it is phishing.
There is a lock saying "Valve Corp [US]" next to the url.
If on Google Chrome, there will be a lock next to the URL (Even the mobile)
It's not too difficult to register something that looks like Valve, and because it's technically flawless it will get a "green" by the browser. Yet, my "Valwe Corp" still isn't that same thing as the real Valve. I might even be able to get a "Valve Corp" in some country.
Also, browser have had security issues that allowed websites to display stuff in the address field that didn't really correspond to what was shown as a webpage.
All this may or may not be easy, fixed, still an issue etc. -- but it's all extra work, and it can fool you. Logging into the real Steam on your browser beforehand is trivial (in fact, unless the login has expired for some reason, I never have to do that...), and the real "Login through Steam" will just ask you whether you want to log in with that account. That's trivial, and even IF that website manages to get your Steam login name somehow, how is you clicking "Yes" going to give them anything?
Official Steam logins on third-party sites uses OpenID and the pop-up shows the Steam URL.
As an example...
The pop-up by itself is NOT generated by the site.
I sort of explained it a little more here...
https://steamcommunity.com/sharedfiles/filedetails/?id=1534605887
Check the 'phishing' index part of the guide.
Next try dragging that popup window outside of the other's web-browser window, ensuring it's not a faked popup. One of the phishing tricks is to create a movable box on their own webpage, with want just looks to be a popup window frame, URL box, and the SSL certificate. You wouldn't however be able to use it like a real popup web-browser window, change URL or vertify the SSL upon clicking.
Thank you so much.
You saved my account just by this message. I've already gotten hacked once and don't want to try it again.
Some random person sent me a friend request asking me to join a tournament.
Then sent a link to a website called: https://cyber-esport.com
The scammer asked me to vote for his esports-team after I said that I didn't want to join it, and said that I needed to be logged in to vote.
I then started making an account but with a false e-mail, username etc.
After that, the website tried making me connect with Steam, but that seemed a little weird that I already needed to connect to steam before doing anything else.
I tried connecting it and a fake popup appeared, that looked kinda legit and also not.
For example, I tried moving the window to my other monitor, or outside the web browser, but couldn't. Tried changing language just for fun, but couldn't. The Steam corp. logo was fake too, but it was so well designed and looked legit because of that.
Now I am sure this person is a scammer, trying to steal my login info.
Thank you so much for your help. I now blocked and reported the person, thanks to you.
Thank you for saving my account. <3
Yup, i reported the website for scamming as well. Asking for steam login was just too suspicious because it wasn't in a new window. I called them out and they closed the site instantly haha
How about you stop going to random websites that promise you free money?
Random things on Discord that have Steam "like" links to scam sites...
Report those people who send them.