LogIn
Valve
You should always be cautious on the internet, but Counter-Strike 2 players are especially vulnerable now as a new scam campaign has been unearthed targeting this group.
As reported by the Silent Push cyber security company (via PCGamesN), which discovered the plot, the scam uses complex browser-in-the-browser (BitB) phishing attacks to get users' Steam information. Players see realistic-looking browser pop-up windows that promise them CS2 cases. The display features the faces of the Counter-Strike 2 team Natus Vincere (Navi), making it more believable.
Players see the contents of the cases and need to input their Steam details to get them. Naturally, there are no prizes after that. Silent Push supposes the accounts are then sold through marketplaces.
Silent Push
The scam might change at any time, so you should always be prepared. First of all, free stuff for no reason is always suspicious. Moreover, as Silent Push noted, in this case, the login window didn't have all the expected functions: it couldn't be maximized, minimized, or moved outside the browser window.
"Our team encourages people to look for fake URL bars in any login pop-ups. If you see a URL bar, always try to drag that window outside the browser you’re viewing. This is the best way to easily confirm that the pop-up is real, and therefore, the URL bar would correctly display the URL of the pop-up. Otherwise, you could be experiencing a fake pop-up window related to a potential BitB attack," it cautioned.
So be vigilant and always check the legitimacy of anything that offers you stuff for free.
Find out more about the scam on Silent Push and join our 80 Level Talent platform and our new Discord server, follow us on Instagram, Twitter, LinkedIn, Telegram, TikTok, and Threads, where we share breakdowns, the latest news, awesome artworks, and more.