Malwarebytes: ‘Typosquatters’ Build Fake Steam Community Site to Scam Unsuspecting Visitors

Anti-virus and Internet security research company Malwarebytes points out a common scam used to trick Internet users into thinking that they are visiting a legitimate site when they are in fact at a scam site just itching to steal their personal information or to infect them with some form of nefarious software. The example they use is a site that takes advantage of typosquatting.

These sites anticipate the names that might come out of a user inadvertently typing in the wrong URL due to spelling errors. In this example, a user might accidently type in "" thinking that they are heading to Steam's community site ( But because the scammers have built a site that looks identical to Valve's Steam community portal, users get tricked into logging in.

As Malwarebytes points out, clicking the “Sign in” button or the “Login” link at the upper right corner of this fake page directs users to the phishing page, which is a "pixel-by-pixel copy of the legitimate one."

Malware intelligence analyst, Jovi Umawing of Malwarebytes has more information on this scam over at the official Malwarebytes Blog.

But the best way to avoid scams like this is to always look at your address bar and make sure you have typed in the proper URL. If it seems off, then it probably is, no matter how authentic the page you are on might look.

As it turns out, when Malwarebytes did a Whois lookup on the domain it found that it was registered by someone in Russia.

Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone

Comments are closed.