Bizarre Phishing Attempt via Steam

[Zaire]

It may seem an unorthodox question at first but please bear with me. This is the only community I trust enough to get if not an answer a good theory.

System: Win 7, running Malwarebytes and Avast with the default windows firewall.

Recently I had a bizarre encounter with what I assume was a phishing attempt via Steam. I have gone through Steam help channels, but no help yet. First off my account wasn't stolen or hacked as I still retain control over it. I’m simply trying to get an idea what this could have been.

This is what occured:

I'd downloaded and played a bit of Deus Ex: Human Revolution. Upon exiting the game, the area within the Steam application (under the Store tab) normally displaying the games on sale was replaced by a strange "Account Warning" page. It was blue, white, and displayed worryingly enough the name on the credit card I'd last used to buy something. It was asking me to call or contact steam about my account. Having been a member since 2004 I'd never seen or heard of a page like this let alone such a warning. I didn’t click on anything within this strange page and my account does not currently have a credit card linked to it. Refreshing the Store tab got rid of this "warning" after about 2 quick attempts.

I've not seen this warning since or been able to reproduce it. I'd looked around online and on the Steam forums but can find nothing about anything remotely like this.

I SHOULD have got a screengrab, but I wasn't thinking clear enough to do that. I was in too much of a "WTF?" confusion about it all. I've since made necessary account changes as preventative measures. I’ve run Malwarebytes and Avast system scans with nothing malicious coming up. I can also access Steam without issue. It seems all is well, but I’m still perplexed and curious about anything like this given the nature of the program.

My main question is - Has anyone experienced something like this? Be it with Steam or similar programs? What could cause this to happen?

My theories are the following:

1. I’d put the entire Steam directory on an exclusion list inside Avast after the last Steam update. Like many Avast was preventing Steam from updating and running. Unfortunately I’d forgotten about this. Since Steam is essentially a bit of a browser I assume something malicious snuck in causing what I saw. I’ve since removed it from exclusion within Avast.
   

1. In testing out a mod for Shogun 2, maybe something malicious was in that mod exe.? I ran a scan of that exe. with nothing malicious coming up. It’s a pretty popular mod with many users and found nothing in regards to user complaints/issues.
   

I know this is an odd question, but I really can’t think of another community able to give me an answer about something this bizarre. I'm keeping a watchful eye on my system but it's hard not to feel one is missing something.

Thanks for any help.

Someone on the Steam forum suggested that I may be a victim of dns poisoning. That I should check my dns settings and hosts file to see if there are any manual redirects.

Worth a shot but how would I know exactly what to look for and would it be a good idea to flush my DNS cache?

[screen317]

Hi again,

Is this the same computer as the other topic you have open?? If so, please only continue in that topic.

[Maurice Naggar]

@ Zaire

You have two threads open.

Are you still with us? Have you resolved your issue ?

If we do not hear back from you soon, this thread will be closed.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!