Online gamers are often targeted with phishing schemes set up by crooks who are after users' in-game items and money, and the latest one to be spotted is aimed at Steam users.

The phishing page is a spoof of the official Steam Community webpage, sporting an "exclusive offer": a free Valve game.

All the users have to do is enter their Steam username, password, email address, and choose the wanted game (click on the screenshot to enlarge it):



In order to see just how far down the rabbit hole goes, GFI's Jovi Umawing inserted fake information and chose a game.

"I was then taken to a page where I was asked for more details, particularly my email address and password, instead of sending me the confirmation email it had promised earlier," he shared.

So, not only will the victims end up with their Steam account compromised, but also their email accounts. Depending on the additional information gathered by the crooks, they might become victims of identity theft.

"Be wary of free games and offers that would cost you more than you want to bargain for, especially if they’re hosted on dubious sites that use familiar strings in URLs you’d normally see in legitimate sites," he warns. "To be safe, visit Steam directly to double-check if they indeed have free offers."

This particular one is hosted on hxxp://days.steamgamesgift.yzi.me, and has fortunately been blocked by most browsers that show the warning of it being a phishing site. Still, the page can easily be moved to another address, so the aforementioned advice is always appropriate.