Scammers often find new ways to target gamers. Their latest tactic is to lure them into a phishing scheme driven by Browser-in-the-Browser attacks that are carefully crafted to steal your Steam credentials, leading to you permanently losing your account.
CS2 is not just a game, it has a wide range of business ecosystems that are thriving off it. From gambling sites to analytic tools, the web has many websites catering to different aspects of the game. What’s common in all these websites is that it requires you to log in with your Steam profile, and this is what the scammers use to kick off the Browser-in-the-Browser attacks.
Logging into these websites almost always requires Steam and these scammers are carefully designing fake Steam Login pages that lead to the users giving away their credentials without knowing.
What happens to the stolen accounts?
Goes without saying that the scammers will now use your credentials to steal your account and later sell them off to Steam Grey markets. CS2 items and accounts appreciate over time, so the longer your account has been active, the higher value they can get for it. Items like skins, medals and in-game rankings in Premier, Faceit, and ESEA also play a major role in appreciating the value of the account, which is why the scammers can sell it off for huge profits.
Even if you do own the first email, getting your access back is uncertain, to say the least. This scam has lately taken over the internet, and many experienced community members have also been falling for it, which goes to show how craftily these phishing websites are developed.
The only way to stay safe is to keep your account locked with Steam authenticator and to avoid any and all unknown websites which are not popular in the CS2 community at all cost.