Phony My Team Voice App Being Spread on Steam Chat

Steam’s “Exploration Sale” Gamifies Security Settings

I’m always interested in seeing how companies deploy the gamification of security because it’s an easy way to get more people interested in locking things down, and with the launch of Steam’s latest sale they appear to be bringing back an old favourite: rewards for keeping your account secure.

As we’ve mentioned in the past, Steam Guard is an additional level of security for your account which means if someone swipes your Steam login, they’d still need to be able to gain access from a trusted device of yours which is probably unlikely to happen, unless they have physical access (in which case you may have bigger problems to worry about). There have been one or two sneaky attempts to get around it in the past, but by and large with Steam Guard enabled you’re pretty much locked down solid.

Back in 2012, Steam had their annual Christmas holidays sale and offered daily in-game challenges, alongside some tasks which weren’t game-centric. One of these was the below:

I can’t quite remember what the reward was for doing this (besides a more secure account, of course) but with the arrival of their latest sale I couldn’t help but notice the following:

Guarding the sales

Save 5% - 33% in the Community Market when you use a Steam Guard Mobile Authenticator

Steam Guard Mobile Authenticator  has its functionality built into the pre-existing Steam mobile app, and follows the typical pattern of having the device owner enter a code which changes every 30 seconds while logging into Steam. Unlike the desktop version of Steam Guard, this doesn’t have the drawback of scammers trying to convince you to send them your SSFN file.

Perhaps scammers could still grab your regular Username and Password by traditional means then try and ask you for your Steam Guard Mobile generated code, but they’d have to be super quick to then log in as you before the timer ticks down and changes the code. As mentioned on the support pages, never hand anyone a freshly generated Authenticator Code.

What is the Community Market, anyway?

Traditionally, this is where Steam users can buy and sell in-game items and other cosmetic objects such as profile backgrounds and funky little avatars to use in Steam’s IM chat. Many rare items can shift for huge sums of money [1], [2], and more often than not Steam accounts with large Market item inventories are prime targets for scammers and hustlers hoping to make a fast buck – typically at someone else’s expense.

There’s a huge amount of money being shifted around during Steam sales, and once this one is out of the way there’ll only be a short break until the official Christmas Sale rolls into town.

Can your wallet (and, more importantly) your security settings take it? If you have any intention of performing certain tasks in the Community Market then they may well have to!

Whether Black Friday or any other day, keep your (bank) cards close to your chest and safe shopping to you all.

Christopher Boyd


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.