What’s the play here? Directing all Steam friends to a keylogger/malware site?
Looks like he is spoofing a mobile account. LordKosc and I put thumbs on each other’s purchases, but we never talk really unless we are commenting on something. We’ve never been on “Bro” or “Mate” level.
Yeah I am only on mobile, replying to the 150 or so friends they sent links to.
Thank goodness the mobile app keeps track of people you talked to recently.
It is 9am eastern, so earlier PMs are the scammer.
Guess the bro was a dead giveaway…
Hope your accounts okay bro.
🤜🤛
Yeah, I was pretty sure lordkosc wouldn’t talk that way to me, but I wasn’t sure! I only got one pm at first so was wondering what was up. I figured maybe he was in a weird mood or something!
I opened that facetop site in a Windows Sandbox. After one of those stupid identify the trains captcha tests, it asks you to authenticate in through Steam and presents a copy of the Steam login. Typical phishing scheme.
Yeah, that LordKosc guy really wanted to talk to me badly yesterday. Sorry I was asleep! :)
Glad you got it squared away now (I hope).
Yep fingers crossed.
This. I did some more digging once I got to work. Looks like the Facetop site spoofs the Steam API and captures your login information. Someone posted a link above that talks about how CSGO scammers can then use your account to scam trade for CSGO items, essentially using your account as the front while the items/cash they scam people out of are sent to their own accounts.
I decided to try going after the website directly to see if I could get it shut down, but alas it’s registered in Russia through a couple of blind registry services appears to be protected from DDOS attacks as well. I’m not going down that road as I don’t want to draw the attention of Russian criminals. It does explain all the “bro speak” though… @DarthMasta’s comic panel may be more accurate than he thinks!
Ha ha, logged on to send a private message to LordKosc. Glad to see it’s handled.
I still don’t understand how they could log on as me, without verifying Steam Guard.
Ignore that recent steam logon , clicked the icon by uncontrollable finger impulsive, lol.
Maybe they use the token they get with the Steam login to send messages on chat as the user? I don’t think Steam logins, made from an authorized machine, require Steam Guard. Could be that, perhaps.
Anyway, for reference, if you use third party websites that authenticate through Steam, make sure you’re already logged in to Steam’s webpage. Then when you get asked, you get a button instead of a login page, e.g.
Bro…!
Sup!
<.<