Watch Out For These Phishing Attempts On Your Steam Account

PC World notes that phishers are now targeting Steam account holders. Games are an easy target because you can make quick money off of them and the security isn’t as high as with, say, credit cards. The site that first reported this, SpywareGuide, demonstrates two examples— and—that will attempt to trick you into giving them access to your digital library of games.

“Avoid Steam Games Scam Sites” [PC World]


Edit Your Comment

  1. h3llc4t, breaker of office dress codes says:

    I wonder if Con Seannery used either of these services.

  2. sebadoh128 says:

    I can’t wait to see what the Daily Show has to say about this, get ready Gabe Newell, you are about to get Santeli’d!

  3. Blueskylaw says:

    What is this fascination with nebulous products?

    Games that are stored on a computer, songs that are stored on a computer/mp3 player/Ipod, books stored on a Kindle.

    It seems that a lot of these items cost just as much if not more than their physical counterpart, yet have enough restrictions on them to make a kid in detention cry.

    When will people realize they are being brainwashed into buying items that are “convenient” yet hold no real value. (try selling a downloaded Kindle book on ebay).

    • Oranges w/ Cheese says:

      @Blueskylaw: As far as I know, steam is really convenient because, once installed you can download a copy of the game onto any computer you may happen to be using at the time. And without your username or password, no one else can use it unless they too also have a copy associated with their account.

    • Project_J187 says:

      @Blueskylaw: Steam holds just as much value as a boxed copy of a PC game because PC games cannot be resold due to the authentication codes that must be used.

      The actual benefit comes from being able to log into any computer and download your games. Also there is no disk to worry about losing (or having to put in the dvd drive everytime you play). There are other benefits as well, but Steam is just as tangible as a box game that will only allow 3 installs.

    • DoodlestheGreat says:

      @Blueskylaw: The trick is, the REAL value of a game, a book, or music, isn’t in that physical object that you pick up at a store. It’s the creativity of the persons responsible. The game designer, the writer, the musician.

      The trick is that for centuries, it’s been the belief that the media is the message. It isn’t and never has been. It’s merely a vehicle for the creativity, and a vehicle that for the most part has been in the control of a handful of companies that print and distribute physical objects.

      Now it’s possible for the creators to do their own distribution, or to have greater control and profits when working with larger firms. It also means that a much wider variety of work is now available, and things that would go out of print or out of stock can be kept and made available forever, since the space needed in the “store” is a handful of clusters on a hard drive.

      A few weeks back, Steam had a sale on a lot of classic games. I picked up the original Half-Life for 99 cents. No, I can’t resell it. But when it’s a buck, who cares? If I tried to buy the actual disk, it would have cost me more in time and effort, much less the actual product, than just clicking a few buttons. In the 70’s, this would have been science fiction and not the reality of how we live.

      Then there’s the environmental advantages. Even if you count in the need to generate the amount of electricity used, it’s a fraction of the resources needed to make and distribute those physical objects we’ve relied on for so long.

      It’s a horribly overused term, but this is what is meant when something is called a paradigm shift: A complete reworking of how the general populace sees the world. Sure, there’s drawbacks that have to be worked with. And a horse can eat grass by the side of a road while you have to stop at a gas station to fill up your minivan. Yet somehow, I don’t see a resurgence in buggy whip sales…

  4. ScottRose says:

    @Blueskylaw: I couldn’t agree more.

    And in addition to the lack of value, there is also the users’ reliance on the company’s continued existence. At least when you buy a paperback or a CD (or a non-DRM MP3) you can use it whether the seller is still in business or not.

    BTW – “Reply” isn’t working for me. Works on Giz though, so I don’t think it’s my browser.

  5. narq says:

    Wow, I’m amazed people would even think about buying a steam game on any site not steam or in the steam app. Steam IS a great way to get games though. They usually have a lower price than the disc based version. I was able to catch the weekend sale at the end of it while at work and buy Left 4 Dead for cheap then it automatically downloaded on my home computer ready to play by the time I got home. How awesome is that?

  6. Micromegas says:

    To people saying Steam games have no value, well, nothing has value intrinsically. It only has value if someone else is willing to pay for it, and there are quite a lot of people, myself included, who are willing to pay for and download games through Steam to avoid the hassle of the brick-and-mortar stores.

    • SynMonger says:

      @Micromegas: Death to Gamestop! I don’t buy my games through brick and mortar much anymore. Steam, xbox arcade, ebay are my first stops for a game I want to purchase. Could have something to do with my living in a rural area :)

    • Diet-Orange-Soda says:

      @Micromegas: They have no resale value. I can sell a copy of Diablo II, key and all, that I bought ten years ago and the buyer could still play online. I can’t do that with a game activated online. All of my Valve titles are tied to my account. Unless I sell someone access to my Steam account, I’m stuck with them.

      • Micromegas says:

        @Diet-Orange-Soda: You have a point about reselling games, but it won’t be long before games purchased in actual brick-and-mortar stores are not resellable either. Game developers, particularly Epic Games, are trying to figure out a way to kill the resale market, and what Epic’s CEO has proposed more than once is to make it so that crucial data needed to play the game is left off the DVD, and the DVD comes with a code which you can use to download the missing data from Epic’s servers, but the code is only valid for the first console or PC that uses it, so the game would be useless to anyone but the first buyer.

        So, yes, Steam games aren’t resellable but that will be the norm in the industry before long, so I don’t see it as a particular disadvantage of the Steam system.

      • Ratty says:

        @Diet-Orange-Soda: This is at best disingenuous. For the last while Blizzard has allowed people to register their CD keys to an account and retain full use of the keys, whether or not they have a disc. People can also get a Diablo II key banned–offline and online. Ditto ANY game with online multiplayer. Someone buying a used game with a CD key has NO idea as to whether or not the key is valid. And that can determine whethewr or not the game is playable, even if on the surface it seems fine.

        It’s not a good idea for the buyer. Steam eliminates any possibility of a fraudulent key.

  7. IT-Chick says:

    I was actually going to suggest on Sean Connery’s issue if it was phishing.

  8. Ratty says:

    Do what I do–buy the physical copies of the game and register them on Steam. Ta-da! It won’t work for every game but I’ve accumulated quite a few that way.

    WHY you want your games on Steam and not necessarily a disc: You can play your games on any computer at any time by logging into your account. If the computer doesn’t have the gam einstalled you can install it for free that way. If the computer does have it, it uses your authentication to play it. That way you can access your friend list as well as not worrying about if someone has had the game disabled for cheating. And there’s no limit on the number of downloads you can do, or computers you can have it on–just don’t play from multiple locations at once.

    It’s still better than some physical copies entirely that use their own services to phone home for authentication every time you play. Steam authenticates once for offline content, and during the game for things hosted on its own networks. Something like Spore will be authenticating all the time and will not even allow you to play single player if it thinks something is awry. Steam only locks you out of multiplayer/online.

    • Diet-Orange-Soda says:

      @Ratty: Your physical copy is essentially a digital copy unless you can’t deauthorize your license and sell it to someone else.

      • Ratty says:

        @Diet-Orange-Soda: While this is true, it’s true of pretty much every PC game to come out in the last several years. They all need to be verified online before being played.

        There hasn’t been a viable used PC game market in years.

        • David Brodbeck says:

          @Ratty: Considering most PC games that have been out for more than a year or two sell for $10 or less, there’s almost no point in buying used anyway.

          Besides, I’ve never bought a PC game on CD-ROM that didn’t require downloading 200 MB worth of patches to make it playable. At least with Steam that’s automatic and I don’t have to track down the game company’s website.

          • Ratty says:

            @David Brodbeck: I’m in total agreement. Heck, you can even get NEW games for great prices with Steam much of the time. Left 4 Dead was all of $15 or 20 a few weeks back.

            Digital distribution may have been seen as a passing phase… in 2004. It’s 2009 now. Steam no longer sucks and almost every PC game company offers online game distribution and re-downloading options for titles you already own. Blizzard saved me tons of cash this way by allowing me to register my Diablo/Warcraft/Starcraft CD keys to an account and just download the games free of charge any time. Before I would have had to re-buy the game and be stuck with exta CD keys just to legally get new CDs to reinstall.

            If a console disc or cartridge breaks, you’re screwed, and console games don’t drop in price as rapidly as PC games. I stepped on my Starcraft installer discs by accident and won’t ever have to re-buy.

    • dreamsneverend says:

      @Shadowman615: Same here.

  9. Shadowman615 says:

    Somehow the reply buttons aren’t working for me either today.

    @Blueskylaw: I buy a lot of PC games from Steam. Honestly none of what you said bothers me enough not to. I can download copies of the games on any of my computers at home, or when I get a new one. I never sell old games anyway (PC games are harder to do this with regardless, but that’s another semi-related issue).

    Above all else, it’s just the convenience of not having to drive to the store. And other than maybe for gift giving, I don’t derive any additional value from the physical box and CD. The only value I get is from playing the game, which is real value to me, and exists regardless of where I get it from.

    But I’m just saying it works out great for me. YMMV. Nobody’s brainwashed me, though, thanks. I decided for myself what I wanted to do.

  10. Blueskylaw says:


    Try selling a virtual refrigerator to an Eskimo.

    At least if he can see it, you have a chance of selling it to him.

  11. Ghede says:

    @Diet-Orange-Soda: Exactly. Not to mention Valve keeps fairly good tabs on accounts, and they can be suspended at a moments notice. If an account is reported stolen, it will be back in it’s owners hands eventually, but first it will be taken out of the thief’s hands.

    The only way I could see the accounts having a resale value is if the buyer is instructed to download all the games they want, then disconnect the computer from the internet any time they want to play a game on the “account” since steam allows a limited offline mode.

  12. Jeremy Wentworth says: is another site run by Zteve Zestner (the person listed in the whois data for one of the two sites). It’s a site about Runescape hacking/phishing. Kind of brave of this person, if this info is indeed correct.

  13. HunterZ says:

    br0kenrabbit: hi
    Greg_ValveOLS: good evening
    br0kenrabbit: What’s ip?
    br0kenrabbit: up?
    Greg_ValveOLS: my name is greg a member of the valve online Support team
    br0kenrabbit: On MSN?
    Greg_ValveOLS: yes Smiley
    br0kenrabbit: Why?
    Greg_ValveOLS: we logged multiple ips from your account and ned to verifi your information
    br0kenrabbit: My information?
    Greg_ValveOLS: we believe someone may have stolen your account mmmm you havent shared youre account infomation with anyone have you?
    br0kenrabbit: No. I don’t even have it written down.
    Greg_ValveOLS: hmmm maybe a keylogger on you r PC then maybe you need a format?
    br0kenrabbit: Well…
    Greg_ValveOLS: if you can verify your account information to me i can insure that only your ip have access to it Its a new security feature were trying because this happens so muchlogin names and passwords aint safe anymroe You know. Smiley
    br0kenrabbit: Well
    Greg_ValveOLS: dont worry this connect it secure
    br0kenrabbit: Can I be honest with you, Greg?
    Greg_ValveOLS: k
    br0kenrabbit: Look, I don’t know how you go this MSN account name, don’t really care, either.
    br0kenrabbit: Unlike you, I DO work for Valve. Trace my ip and you’ll see.
    Greg_ValveOLS: huh?
    Greg_ValveOLS: bs
    br0kenrabbit: Trace it.
    Greg_ValveOLS: how
    br0kenrabbit: Start/run/cmd type Tracert and then my IP address and hit enter.
    Greg_ValveOLS: oh k
    br0kenrabbit: As an employee, I know that Valve employees will NEVER contact users over MSN. I also know a valve employee will NEVER ask a user for his/her username and password.
    br0kenrabbit: I’m putting a temporary hold on your Steam account.
    Greg_ValveOLS: why?
    br0kenrabbit: Have you read the ToS?
    Greg_ValveOLS: Tod?
    Greg_ValveOLS: tos
    br0kenrabbit: terms of service
    Greg_ValveOLS: were?
    br0kenrabbit: Greg, this is a serious infraction against the Tos. You are at risk of losing your account.
    Greg_ValveOLS: why
    br0kenrabbit: I just told you why
    Greg_ValveOLS: Frowning smiley
    br0kenrabbit: I need some information from you if you want me to unlock you account. I’m going to write you up but I will only suspend you account for three days, since this is your first infraction, okay?
    Greg_ValveOLS: k
    br0kenrabbit: First, what is the name the account is registered to. Not the user name, the persons real name who created the account. This is for verification purposes.
    Greg_ValveOLS: xxxxx xxxxxxx
    br0kenrabbit: Is this you?
    Greg_ValveOLS: ya
    br0kenrabbit: Are you the only user of this account?
    Greg_ValveOLS: ya
    br0kenrabbit: Okay, and what is the username
    Greg_ValveOLS: xxxxxxxx
    br0kenrabbit: Okay.
    br0kenrabbit: I see you have purchased a few of our games, thank you. Smiley
    Greg_ValveOLS: some. dude
    br0kenrabbit: Do you always log on from the same IP?
    Greg_ValveOLS: ya
    br0kenrabbit: And who is your internet providers, your ISP?
    Greg_ValveOLS: xxxxxxx
    br0kenrabbit: Thank you. One moment, please, let me verify this information.
    Greg_ValveOLS: am i gonna be bale to play 2nite?
    br0kenrabbit: What is your city of residence?
    br0kenrabbit: That depends on if you cooperate. You’re doing fine so far.
    Greg_ValveOLS: xxxxxx
    br0kenrabbit: Illinios?
    Greg_ValveOLS: yes
    br0kenrabbit: Okay. And what is the password associated with this account?
    Greg_ValveOLS: xxxxxxx
    br0kenrabbit: Okay. Do not try to log into steam. If you are connected now you need to log off.
    Greg_ValveOLS: why
    br0kenrabbit: So I can update your account.
    Greg_ValveOLS: can I play 2 nite
    Greg_ValveOLS: clan fight
    Greg_ValveOLS: wont win without me heh
    br0kenrabbit: Heh. You’ll have to wait a few minutes. Are you logged off?
    Greg_ValveOLS: ya
    br0kenrabbit: Okay. Give me just a moment.
    br0kenrabbit: Try to log in now.
    Greg_ValveOLS: k
    Greg_ValveOLS: It says login failed wtf wtf!!@?
    br0kenrabbit: Greg
    Greg_ValveOLS: did u ban me???????????>WHY
    br0kenrabbit: Greg
    Greg_ValveOLS: what
    br0kenrabbit: Valve will never ask for your username and password.
    Greg_ValveOLS: what????
    br0kenrabbit: I don’t work for Valve dude, but you just got pwnt.
    Greg_ValveOLS: omg dude wtf why?
    br0kenrabbit: Why were you trying to steal my account?
    Greg_ValveOLS: i wanst
    br0kenrabbit: Then why were you asking for my information?
    Greg_ValveOLS: i was just making a joke but not cerious honest dude just give
    my acount back pllllleeease i’m only 13 and save d up for like a year to buy it
    br0kenrabbit: Greg
    Greg_ValveOLS: dude pleas
    Greg_ValveOLS: what
    br0kenrabbit: Go mow some yards, bitch.

  14. ilves says:

    i’m confused. since the games are keyed into the acocunt that they are bought in and cannot be gifted unless you have extra copies, couldn’t the original owner of the account get their account back eventually from Steam (assuming customer service works, of course) with all the games intact? It’s not like the thief can run off with the account and sell off the games….

    • Xerloq says:

      @ilves: Be careful of the extra copies. They’re only available for a few games:

      Extra copies are a special promotion for users who:

      1. Purchase the “Left 4 Dead Four Pack” on Steam
      2. Own “Half-Life 2” and/or “Half-Life 2: Episode One” and then go on to purchase “The Orange Box” or the “Valve Complete Pack”
      3. Own “Half-Life 2: Episode One” and/or “Half-Life 2: Episode Two” and then go on to purchase the “Half-Life 2: Episode Pack”


      Remember this when you buy a pack of games. Steam won’t check to see if you already own a copy, though it will check to see if you already purchased the same title, e.g. if you buy Rome:Total War, then try to buy the Total War pack, Steam won’t tell you, nor will it give you an extra copy to re-gift, but it will stop you if you try to buy Rome:Total War again.

      Also, you cannot do charge backs, or Steam will shut down your account.

  15. Broadcaster says:

    I think the Zestner bit is a ruse. Do a pipl search for the e-mail address and you’ll find the owner has several postings on a digital forum.. that forum account is banned and it’s username is ‘Malapu’.

    One of the earlier posts of “Malapu” points to his personal weblog of []

    Ahh! now we’re getting somewhere. DNS info pulls up:

    herdion cahyo (
    Tamanan, Tamanmartani, Kalasan, Sleman
    Tel. +62.85228979552

    I’m about to busy with work, but I’d be willing to bet a search on the above gmail address will provide even more insight into who this villian is.

  16. [DFX] Deimos says:

    Here is a link to the reverse WHOIS data on the IP address:


    I called the number associated with the ISP and reported the IP, URL, and told him what was going on. He sounded *PISSED*. He said he was a steam gamer and that he “hated these assholes”.

    They are going to be looking into it I am sure.

  17. trujunglist says:

    In regards to Mr. Scott’s post above, I also cannot do a “reply” and it is not browser-related.

  18. Andrew Mussey says:

    Yep, I’ve already been hit by this. One of my friends forwarded me to a video. I thought “hey, I didn’t know Steam did videos!” Glanced at the URL as I was punching in my login to find a really random string of characters.

    Changed my info to stay on the safe side. However, the guy who got phished and sent the video link to me doesn’t seem to have been as lucky :/

  19. Matthew Richardson says:

    Whois Information

    Domain Name: STEAMGIFT.COM

    Steve Zestner (
    4163 Mesa Drive
    Lake Mead
    Tel. +458.4751124

    Creation Date: 28-Feb-2009
    Expiration Date: 28-Feb-2010

    Domain servers in listed order:

  20. thomasuwoo says:

    I dunno about the security being not being too high. Recently I was accused of trying to “hi-jack” another users account. For weeks I’ve been leaving messages on the STEAM support forums claiming my innocence in the matter and over 3 weeks this is all they’ve told me:

    We have found activity in your Steam account related to the hijacking of another user’s Steam account.

    Per the Steam Subscriber Agreement, we have disabled your account and any games contained in it. Your account will not be reactivated.

    The Steam Subscriber Agreement can be found at:

    In addition to violation of contract, activities on your account may violate federal law and state law. If such activities persist, Valve reserves the right to refer the matter to authorities.

    The dispute is not whether the accounts belong to you.

    We have found activity in your Steam account related to the hijacking of another user’s Steam account.

    The account will not be enabled and I cannot release any information.

    If you’re interested in more info on this it’s been documented on the Penny Arcade forums here: []

    I find it odd they can shut my account down like that wen I haven’t done anything and someone like Greg_ValveOLS needs to get beaten at his own game.