'Scammers paradise' and how to be safe!

Defnite

4 min read
'Scammers paradise' and how to be safe!

With it’s immense market for virtual items which have real cash value, Counter Strike: Global Offensive unfortunately attracts numerous scammers. Most scams are pretty easy to foresee, however, appearances are deceptive. That’s exactly what the currently most used scam is about. It’s all about deception!

Previous scams were all focused on user ignorance; people logging onto ‘gambling sites’, ‘legit trading sites’ and ‘free skin’ websites. Without hesitation, most users would just login with their Steam credentials, exposing themselves to massive security threats. Once account credentials were entered and recorded by the fraudulent websites, bots would login to ‘legitimate’ gambling sites & virtual marketplaces and send all balances & on-site items to their own accounts. To counter scammers, fraudulent sites, and to shut down the CS:GO gambling community, Valve introduced a 7 day trade hold on all CS:GO items on March 29th 2018.

Fortunately, most gambling sites shut down, and with this, most scammers left the scene as well. For a short while atleast…

‘New’ scamming method & how it works

With the Valve 7 day trade ban on CS:GO items in place, and with old scamming methods brushed aside, scammers had to come up with new ways to illegitimately rob people of their items. And they did.

The elaborate and complex scam that’s currently dominating the CS:GO trading community is definitely one to be aware of. On a daily basis, legitimate sites get reports in about people getting robbed of their items by their own service. Having been in the CS:GO trading scene for years myself, this scam caught my attention pretty quickly after the first reports came in. And I investigated.

I came up with a pretty clear vision of how this scam takes place and how it could be prevented for most people. Please thoroughly read the explanation below to prevent you from being robbed of your items by this elaborate scam.

To thoroughly explain the scam, I will be using our service, swap.gg as an example.

Once you request a trade offer from our site, with both your- and bot items selected, a trade offer will be sent to the correlating Steam account. After a few seconds, you will receive the trade offer in your trade inbox on Steam. After checking the items in the trade offer, the next step will be for you to accept the trade on the Steam platform. Once you think you’re accepting the legitimate and correct trade offer, the scammer(s) will automatically send you a duplicate of the trade you request on swap.gg. The only difference with the legitimate trade and the trade the scammer sent you, will be that the scammer will always leave out bot items. The trade offer you receive from the scammer will always only contain your items in the trade offer!

Before you proceed to accept any incoming trade offer from our service, the scammer(s) will always decline the legitimate trade you initially received from swap.gg. If you aren’t aware of the scam, you will probably confirm the trade offer with your mobile authenticator, resulting in you being left without any items.

The cause(s)

  • You have one or/multiple malicious browser extensions installed that could be gaining access to your Steam API key, allowing the scammer to manage incoming- and outgoing trade offers.
  • You’ve clicked (or downloaded a file) from a malicious link that was sent to you. This could go as far as receiving a legitimate looking link from one of your friends on Facebook, for example. The file that was either automatically or manually downloaded, could’ve contained a Trojan virus or keylogger that managed to gain access to your personal Steam account and/or trade offers.
  • Someone has gained access to your browser cache and cookies or you’ve previously logged onto a malicious site, giving them access to your Steam API key.

The Steam API key grants the person that owns it, free rein to manage incoming- and outgoing trades, enabling them to scam you this way!

The solution(s)

  • Double check all browser extensions you currently have installed on your device(s). Make sure to remove those which you think might oppose you to security threats. It’s also recommended to remove any extensions you don’t regularly use.

  • Always make sure you have an updated antivirus software or malware scanner installed. These programs will protect you from any obvious security threats.

If you don’t have a use for a Steam API key (i.e you do not own a service related to CS:GO and Steam item trading), immediately revoke it here.

  • Always make sure you are dealing with one of our actual bots before accepting a trade offer! There’s multiple ways to check if a bot belongs to our service or if it’s an impersonator;

    • Make sure the bot is in fact Moderator in our Steam group. If the account
    you’re trading with is not, you are dealing with an impersonator. All our bots
    are Moderators in our group!

    • Make sure the bot you’re dealing with is Steam friends with atleast one of
    our staff members. All our bots are befriended with atleast one of us!

    • Make sure the bot you’re dealing with hasn’t changed their Steam username
    in the past. Our bots have only ever had one name; the name(s) they currently
    have (i.e BOT #4 - SWAP.GG). If you come across an account with multiple
    names claiming to be one of our bots, you’re dealing with an impersonator!

Impersonating bot!

As much as I'm hoping nobody else will become the victim of this elaborate scam due to this explanation, I'm certain not everybody will be able to read this post. Please share this blog post with your friends to raise awareness for this scam!

Sign the petition to convince Valve to add verification before requesting Steam Web API keys, which would put a halt to this scam, here!

Also, please don't hesitate to ask me anything regarding this scam, and please express your thoughts.

For now, trade safe!

~ Deƒnite