STEAM GROUP
j.Fry Buy/Sell/Trade Group j.FryTrading
Join Group
STEAM GROUP
j.Fry Buy/Sell/Trade Group j.FryTrading
2,056
MEMBERS
0
IN-GAME
2
ONLINE
Founded
12 January, 2022
Overview Announcements Discussions Events Members Comments
 This topic has been pinned, so it's probably important
76561197964285909 13 Jan, 2022 @ 4:18am
How to spot a phishing scam
What is phishing?:
Phishing is a social engineering trick used to steal your login. Phishing usually happens on a fake login page, it pretends the be a legitimate website and not a scam.

Usually you check for phishing by double checking the url.

For example: logging in on Opskins will take you to a Steam page with a url
starting like this: https://gtm.steamproxy.vip/openid/login?... We know this is
legit because gtm.steamproxy.vip is a domain owned by Valve, the Valve
webpage is the ONLY page that should EVER ask for your login information.

If a website shows the Steam login page without the url starting with gtm.steamproxy.vip then someone is trying to steal your password! Even if you have two factor authentication, this will be phished as well.

We must always pay attention to the website Url to avoid phishing. Never let your guard down. Be vigilant! Many scammers will make websites that look like gtm.steamproxy.vip. Always double check that it is spelled correctly.

Scammers can still phish people that know this!
The first way to fool you is to use Javascript. Javascript is extra code that
runs in your browser sent from the webpage. Using Javascript a scammer
can make a fake popup that looks like a real browser window and displays the steam
login page. This is not a browser window at all. The reason scammers do this is
so they can put the gtm.steamproxy.vip url in the fake window. It
looks like you're logging into the correct page and fools people even if they're careful.

https://prnt.sc/n7is85
https://prnt.sc/n7iuqm

You can test for this by trying to drag the window off your browser page. As
you can see below, I could not drag this window off this site's page. There also
wasn't two Firefox icons on my system tray from the new window. Thus, I could
conclude this was a phishing attempt.

https://i.gyazo.com/e76fb45fb6b626580ffb80cfbd91181e.mp4

There's another way scammers phish

Another way this is done uses a real window popup. Using Javascript, the scammers write the Steam login page to the new window. You can spot this one if the url says: about:blank
In short, don't login with Steam if the page says about:blank either.
All Discussions > General Discussions > Topic Details
Date Posted: 13 Jan, 2022 @ 4:18am
Posts: 0
Start a New Discussion

Discussions Rules and Guidelines