What is The ‘Ultracup’ CS:GO Scam And How Can Users Avoid it
- A new phishing scam called 'Ultracup' is running rampant within the CS:GO community.
- User's receive a message on Steam requesting them to vote for their CS:GO team with a link redirecting them to the scam website.
- The message is usually received from a dead account or that of a friend's which has already been hacked.
A new phishing scam called ‘Ultracup’ seems to be running rampant across the CS:GO community. Already a lot of users seem to have fallen for this scam as multiple discussion threads have popped up on both Reddit and Steam, with users actively warning others not to click on the following web address ‘www.ultracup.fun’.
Note: Please do not try to open the above web address as it is being reported as a potential scam website.
What Is The ‘Ultracup' Scam?
A lot of CS:GO users have reported receiving messages on Steam with a link asking them to visit ‘Ultracup.fun’ to vote for their CS:GO team. Upon clicking the link a website opens up which at first glance may look completely legit but it is actually a classic ‘Phishing Scam’.
The website is beautifully made giving a false pretense to many users that it might be a legit website but the facade falls away when the user clicks on ‘Sign in through Steam’.
The scam was attempted on almost all the users via Steam message which they received from either dead or their friend’s accounts, asking them to click on the above mentioned link in order to vote for their CS:GO team. Though most of them were able to figure out what was going on a few have fallen for the scam.
How To Avoid It
The best way to avoid getting scammed is to not click on the link and visit the website obviously, but apart from this the user can also protect others by reporting the dead accounts from which they have received such a message.
Steam will be able to take action against such dead accounts once they are reported, preventing them from scamming other unaware users. Less the number of users who fall for this scam the better, as every hacked account repeats the same process of spamming the message to all of their friends and the same keeps on continuing over and over again.
Though the two-step verification has been bypassed in some cases it is for the best to keep it activated, reducing the chances of getting scammed even if your personal information gets out. If in case a user’s account has been compromised they can quickly do the following in order to regain control and flush the hacker out of their Steam account,
- First and foremost the user should change their password.
- Remove any Steam/CS:GO related browser extensions.
- Deauthorize all devices from using the Steam account.
- Check to see if any API keys were generated from the account if anything suspicious is observed then proceed to click on 'Revoke My Steam Web API Key'.
- Reset your Steam trading URL so that the hacker is not able to spam you with trade offers.
Do keep an eye out for the ‘Ultracup’ scam which is on the rise as more users are falling for it, prevent getting scammed by following the above mentioned steps, share this information with other users to keep informed, and let’s try to keep the CS:GO community safe from such largescale scams.