Steam’s Summer Sale officially concluded Sunday. This, however, did not deter scammers from continuing to target users with accounts on Valve’s popular gaming platform.
Steam users may think the screenshot below was taken from the default community page, steamcommunity.com. I would have agreed if the URL on the address bar isn’t actually sleamcummunity(dot)com.
The scammer/s behind this fake domain changed “t” to “l” (small L) and “o” to “u”. This is an example of a type of online threat we call typosquatting.
Clicking the “Sign in” button or the “Login” link at the upper right corner of the page directs users to the phishing page, which is a pixel-by-pixel copy of the legitimate one:
click to enlarge
After doing a simple WHOIS lookup, we have determined that the fake domain was registered recently and is hosted in Russia.
Dear Reader, please do keep a sharp eye on your browser address bar whenever you’re surfing online.
Also, when you type domain URLs into it (if you haven’t bookmarked them yet), make sure you key in the URLs correctly before hitting Enter.