Fake Steam Skin Giveaway Site Steals Your Login Credentials (Dec 1, 2019)
Recommendation: In situations like this and to ensure that a user is protected, you must only login directly to the legitimate website and for Steam. The authentic domain for Steam is “steampowered.com”. Sometimes using a search engine to assist in locating the domain can be useful in helping your employees avoid potentially malicious websites.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.