Hackers are now using Steam chat rooms to phish for financial information from unwary users who click on a hyperlink titled “WTF?????”. To the average user, the hyperlink seems like it may open up an image or even a video to glance at, but this far from the truth. The hyperlink launches a ‘.SCR’ Microsoft file extension for screen savers.
When a user clicks on the “WTF?????” hyperlink, an executable .SCR file will download and install on the user’s computer. The malware will then steal the log-in credentials and financial information from the Steam account that is stored on the local computer.
At the very least it will steal the user’s friends list and then disseminate the hyperlink to everyone on that friend list. To those users, the hyperlink seems to come from a trusted friend, causing the malware to spread like wild fire.
Tips to protect yourself
1. If you come across the “WTF?????” hyperlink – do not click on it. Raise your awareness of other copycat methods of deploying malware to your computer that use chat rooms.
2. Change your log-in credentials even if you did not click on the hyperlink. It is a good practice to change your passwords at least every 90 days and use a complex method – a mix of capital and lower case letters, numbers and special characters, 8 to 12 characters long.
3. Download the free Emsisoft Emergency Kit to scan and clean your computer.
4. Invest in Emsisoft Anti-Malware for maximum protection for USD$39.95.