Phishing Attempt Out and About Using Steam
Just wanted to pass the word that we at Aeropause just recevied an email telling us that our Steam information was invalid and that our account was about to be suspended. Problem is that the email the notice was sent to was not associated with any Steam account, and that it came to every account. The notice was as follows:
Hello,
Because of the spamming attempts, our database was compromised.
Many steam accounts are stolen by spammers.
We have to check our database for the stolen accounts.
You have one week to login from your usually ip and update your account.After this time you will be warned again and all the unchecked accounts will be deleted.
Please login here:http://steamcommunity.com/update.html
Thank you for understanding!
www.steamcommunity.com
Do not go to any of these websites. They look to be false, but we are sending word to Valve Software to make sure that it is a fake. As for now, please be suspect of this email. Steam email normally will come from Steampowered.com and they will never ask for your account information through email.
Tags: consumer, fraud, phishing, steam, valve, warning
7 Comments »
Leave a comment!
While you're at it, I would like to give you $20,000 to get my money to America from overseas. I just need you to pay this $150 processing fee.
Really? Geez! That's a *opens calculator application* $19,850 profit! Sign me up. Here's my informa— HEY! WAIT A SECOND!
This reminds me: I need to login to Steam and change my default language from “Engrish” to “English”
It's hard to say, if you read the SSL Server Certificate for that site, as well as for https://store.steampowered.com/login/ (which I navigated to manually, and should be the real deal), each was issued on 3/09/2009 and expires 3/10/2011, and are both registered to “Valve Corporation.” Admittedly this doesn't prove anything, but it's either an amazing coincidence or an impressive phishing attempt to obtain a VeriSign Class 3 Extended Validation SSL SGA certificate on the same exact day as the real Valve corp.
Unless of course the site I got to was fake too, which is possible.
Steamcommunity.com is the official site. Unless you altered the site in the OP this is pretty much the worst phishing attempt I have ever seen.
It's hard to say, if you read the SSL Server Certificate for that site, as well as for https://store.steampowered.com/login/ (which I navigated to manually, and should be the real deal), each was issued on 3/09/2009 and expires 3/10/2011, and are both registered to “Valve Corporation.” Admittedly this doesn't prove anything, but it's either an amazing coincidence or an impressive phishing attempt to obtain a VeriSign Class 3 Extended Validation SSL SGA certificate on the same exact day as the real Valve corp.
Unless of course the site I got to was fake too, which is possible.
Steamcommunity.com is the official site. Unless you altered the site in the OP this is pretty much the worst phishing attempt I have ever seen.