Malware browser extensions have become very frequent in the past month, with customers installing extensions on their browsers that claim the extension will “help them get better deals” or “check if the item is safe to trade.” THESE ARE SCAMS, AND YOU WILL LOSE ALL YOUR ITEMS IF YOU DOWNLOAD THEM!
Picture this scenario: while playing on Steam, a random user contacts you saying that he’s interested in that M9 Doppler or those other six valuable skins in your inventory. He asks you to install a plugin on your browser that checks to see if the items in your inventory were stolen. You follow his instructions because, why not?
But you realize that after you “sold” your item after listing it on OPSkins via the extension, you don’t have any funds from the sale. The plugin that you installed on your browser was malware that allowed the user to take all your skins.
These extensions have full control over the OPSkins website on your computer, so they can do malicious things like intercepting requests to our servers to send you a trade offer, which they can replace with a request to their own server. In turn, this causes a fake bot to send a trade offer, which looks identical to a real OPSkins trade offer.
Just because an extension is on the official Chrome store doesn’t always mean it’s safe; anyone has the ability to submit an extension to the Chrome store. Only install established, trusted extensions, and never install anything that someone on Steam asks you to install before they will trade with you.
Some examples of names used by these malware extensions are:
- OPSHelper Update
- OPSkins Helper
- Phishing Inventory Checker
- External Prices
- Opskins Inventory Checker
- Items Guardian
- Skins Status Helper
- Item Stolen Checker
(This isn’t an extensive list by any means, it just serves as an example of some of the names of the malicious extensions we’ve found in the past.)
This malware extension is just one of a few common scams out there targeting OPSkins users, which are detailed on this stickied Reddit post (which is also linked to on our homepage).
You should never run any form of software, whether it be an executable file or a browser extension, from an untrusted source. Last but not least, if someone is offering you something that sounds too good to be true, it’s probably too good to be true.
If you know of any other extensions that you think could be used for scams, post them on our comments and we will look into them. We want to protect our customers as best we can from fraud and one of the best ways to do it is by identifying the different ways scammers go about tricking our customers, banning and reporting them.