Steam Security Alert: Elden Ring Nightreign Scam Compromises User Accounts
Malicious actors exploit gaming community’s anticipation through fake playtest invitations on Steam platform.
A new security threat has emerged on Steam as cybercriminals exploit the anticipation surrounding Elden Ring Nightreign to compromise user accounts. The scam involves fraudulent messages masquerading as official playtest invitations, targeting fans eagerly awaiting the upcoming multiplayer spin-off of the popular FromSoftware title.
The deceptive campaign utilizes official-looking Elden Ring Nightreign artwork and banners within Steam’s messaging system. User Nikoheart documented the scam, sharing screenshots of messages containing suspicious links that deviate from Steam’s standard URL format. These links, when accessed, trigger unauthorized account access and compromise Steam Guard two-factor authentication systems.
Impact on Steam Users and Account Security
Affected users report their accounts being hijacked to propagate the scam further, with compromised profiles automatically sending malicious links to their entire friend lists. Several victims have experienced communication blockages and complete loss of account access. While some users have successfully recovered their accounts through Steam support, the incident highlights significant security vulnerabilities in how users interact with unsolicited gaming invitations.
Official Playtest Information
Bandai Namco, the game’s publisher, has confirmed that legitimate Elden Ring Nightreign Network Test registrations are exclusively managed through their official website. The upcoming playtest, scheduled for February 14, 2025, is currently limited to PlayStation 5 and Xbox Series X|S platforms, with no PC testing phase announced yet.
The multiplayer-focused spin-off will feature three-player cooperative gameplay in the Lands Between, incorporating both familiar and new boss encounters, alongside a distinctive day-night survival system. This innovative approach to the franchise has generated substantial community interest, which scammers are now attempting to exploit.
This incident follows a pattern of similar security breaches on Steam, including recent cases where developers renamed their products to mimic popular titles like Helldivers 2. Security experts advise users to verify all gaming invitations through official channels and exercise caution with unexpected messages, regardless of their apparent authenticity.