The Steam Summer Sale is in full swing and so too are efforts to bypass the security of Steam Guard and compromise the security of your account. The latest phishing scam is actually an update of one that came to light back in April that largely automates the process, making it easier than ever to give up all your hard-earned stuff to the bad guys.
The previous iteration of this scam suffered from a fundamental flaw: Its success depended on taking advantage of PC users who weren't savvy enough to recognize it as a fraud but had enough technical know-how to manually upload their SSFN file, a central component of Steam Guard security, to a remote server. It's not brain surgery, but it's tricky enough to be a real obstacle.
The updated version goes a long way toward getting around, however, that by largely automating the SSFN upload process. As explained by Malware Bytes , victims are lured in by a fake Steam profile loaded with rare items for trade, which leads to a fake login page. At this point, a download link pops up along with a window claiming that the user is logging in from a new computer and must therefore enable Steam Guard.
"As an added account security measure you'll need to grant access to this browser by running the special tool (SteamGuard) we just sent to your computer," the message states. "To complete the login you should click to open tool, then authentication is automatically completed."
Obviously, that's not what actually happens. Instead, the program locates the Steam folder and the SSFN, then uploads it to the phishing site. With that in hand, the phishers have ready access to your account and all those sweet trading cards you've so painstakingly collected. In other words, running that program is an extremely bad idea, so don't do it.