csgohouse.fun

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag

Example of an extremely realistic CS:GO phishing site I came across this site today and wanted to share it with you all. As a foreword, I want to say that I will link the site at the bottom of this post, but **do not enter ANY information on this site.** I am sharing it because it is *extremely* realistic, so please don't fall for it. This site imitates the Steam OAuth login page and steals user credentials. The "Sign in through Steam" button seems legitimate enough, but when it is clicked it opens a new overlay `div` on the page. The contents of the `div` look nearly *exactly* like the normal Steam OAuth login page. The links in the `div` show a convincing-enough error to seem a little more legitimate. The "window" is even draggable. It also seems that the site checks your credentials since it rejected my fake ones. I entered the credentials to a dummy account, and it just returned me to the main page, with no change. The site has no other function than to steal accounts. Let's walk through where it is detectable, to consider how these methods can identify other phishing sites. 1. OAuth2 should completely redirect to the authenticating site, not open a new window. Although it is possible that a legitimate site could open it in a new window instead, I would be wary of a site that does not redirect. 2. I should be able to drag the "window" around my desktop, including outside the host site. This one is pretty obvious, but impossible to replicate without actually creating a new window (which would defeat their "imitation" anyway). 3. The "Secure Connection lock" on whatever browser you use (I use Firefox) should be a button, not selectable text. Give that lock a click, and see if it opens up a new widget. Make sure the information there looks normal if it opens one. Make sure the icons match your browser's (the phishing window was missing my DNT indicator). 4. An OAuth site that contains links to its own site (like the Steam logo on the top left of Steam's pag