# steam-tools-landing.pages.dev — SUSPICIOUS > PhishDestroy identifies steam-tools-landing.pages.dev as a credential theft phishing site mimicking Steam tools, detected by 0/95 VirusTotal engines. ## Summary PhishDestroy has identified steam-tools-landing.pages.dev as an active credential theft phishing campaign targeting Steam users under seed 4f22f6. This malicious landing page impersonates legitimate Steam tools to trick users into surrendering their Steam credentials. The domain uses Cloudflare’s DNS and resolves to IP 188.114.97.3, secured only by a Let’s Encrypt certificate which does not guarantee safety. As of this analysis, the domain remains undetected by all 95 VirusTotal engines, indicating a fast-evolving threat slipping through initial screening. This credential theft campaign was registered through Cloudflare, Inc. and is hosted on a dynamic Cloudflare Pages platform. The domain was created recently and actively mimics official Steam tooling to harvest login details. Independent analysis shows zero detections across multiple antivirus and threat intelligence platforms, suggesting this threat is still in early propagation. Security teams recommend proactive blocking and heightened scrutiny of any Steam tool domain not originating from Valve’s official sources. If you visited steam-tools-landing.pages.dev or entered any Steam credentials: immediately change your Steam password on the official site, enable Steam Guard 2FA, revoke any unknown sessions in Account Details, and scan your device for malware. Do not reuse the same password elsewhere. Report the domain to Steam Support and your organization’s security team to help block further abuse. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8f75fad0-4d3f-4c0f-8ff0-a02a3381a766 - PhishDestroy: https://phishdestroy.io/domain/steam-tools-landing.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/steam-tools-landing.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/steam-tools-landing.pages.dev/ Last updated: 2026-03-22