It's always a good idea to haveĀ browser Phish / Malware alert warnings enabled, because it can be the difference between seeing this when visiting a website:

Phish warning

Or seeing this:

Fake Steam login

The above site asks visitors to choose their game and "click on the appropriate image" to get the gift. What this actually means in practice, is every single image leading to the same login page:

Fake login

The page asks for your Steam username, password and associated email address. The only place you should ever be entering your Steam login is on the official Steam website - anything else will always run the risk of ending badly. Steam has a feature called Steam Guard. Anybody with a Steam account should enable this feature, as it provides an additional layer of security. When logging into a new PC / new location for the first time, Steam will send a special code to the registered email address on file. Without the code, you won't be able to log in. For obvious reasons, the email account tied to your Steam login should also be secure (for example, making use of two-step authentication) and it absolutely should not share the same password as your Steam account, lest the Steam Guard be about as much use as a chocolate teapot in a very hot greenhouse. Free game offers are the most common lure used by scammers to steal Steam and other gaming platform accounts. As much as I'd like to get my hands on some freebies, entering my login credentials on the first website which comes along is probably going to just part me from my username and password very quickly indeed. Christopher Boyd