Recently, criminals have been using the image of the Steam platform to carry out a dangerous attack using the browser-in-the-browser technique. They create a fake website that, when opened as a pop-up window, pretends to be Steam. This allows them to create the illusion of originality by presenting the real URL in the address bar. The victim, unaware of the threat, is tricked into providing his login and password, which end up in the hands of criminals.

In this case, to protect yourself, it is worth turning on two-step verification in the Steam mobile application. This way, even if your password is stolen, attackers won't be able to access your account.

Source: ppe.pl