Description: This phishing (possibly) website appears to use a “points” system in which the user gives this link to their Steam friends. Should that friend then proceed to click on the link, this will add a point. On first glance, it doesn’t appear to hold a threat. But since this website logs IP addresses, the owner of the website, provided they have malicious intentions could hack the user’s computer.
This site is unconfirmed, so if I have made an error and this website is completely harmless, please let me know.
Ok. So what this does is initiate a download. Using Google Translate (With it’s 60.3% accuracy rate.) gave me the name for this download: Besplatnye_akkaunty_steam.exe
Besplatnye_akkaunty_steam.exe is probably a cracked version of Steam. Now, what are cracked exes likely to hold? Viruses. This “virus” is probably not a virus at all. More like spyware/keyloggers. Probably a badly-coded one that runs around in circles around my drive like a little child if I downloaded this.
Well. They tried. Horribly.
Site 3: http://mrjevvazquez.wix.com/1keyadayandsave?_escaped_fragment_=#!home|mainPage
Name In Browser: 1keyadayandsave | Wix.com
Hmph. A phishing site based around TF2. What are the odds?
Ok. So. At first glance, this looks convincing. It looks like “Hey, these guys are trying to help us out.” Right? WRONG. If you continue to analyse the page a bit more, it asks you for your account name, email and email password. Now, they’ve done an error in the fact that if one keeps scrolling down the page, there is no Email/Acc. name/Email password prompt. If you turn your attention to the heel, the website ends abruptly there by the host, advertising a free site. Above it is images and posters of items that one can buy from the store. Save the earbuds.
This website logs your IP address though (They kindly clarify this in small text under the key image.), so if one does visit this page, be careful.
Credit goes to marccost3, R4D_GUY and d0k3r # FREEEPLE SHOT (The latter probably being the creator of the download site. His comment is about seizing accounts. Wow. Failure.) for reporting these sites.