Facebook Ad Scam Targets Gamers with Fake Witcher 4 Beta Invite to Steal Steam Accounts

Gamers beware! A new phishing campaign uncovered by Bitdefender cybersecurity researcher Ionuț Baltariu uses The Witcher 4 hype and Facebook’s ad platform to lure players into giving up their Steam credentials.

According to Bitdefender analysis, the fraudulent ads mainly target males across Meta-owned platforms, including Facebook, Instagram, Messenger and Threads. The threat actors behind the campaign appear to focus on gaming fans who are more likely to fall for beta test lures.

About the Scam

It all starts with fake Facebook ads that have been active since June 30, claiming to offer early access to The Witcher IV beta. The ads promote a limited-time opportunity: “Register on the website and get access to the beta version of The Witcher right now! The first 50,000 users to sign up will receive gifts from Steam and CD Projekt.”

The ad links to a malicious domain — witcherdemo[.]club — that mimics the style of a legitimate gaming promo page, complete with cinematic visuals and a glowing "Get Beta Test" call-to-action.

Once users click to “join the beta,” they’re redirected to a lookalike Steam login page hosted at login.witcherdemo[.]club. It’s visually indistinguishable from the real thing — but entirely fake.

Victims who enter their Steam credentials are handing them to cybercriminals. With these login details, attackers can:

• Hijack your Steam account and change the email/password
• Sell rare items and skins from your inventory
• Use your profile to run more scams or phish your friends

How Bitdefender Caught It

Bitdefender’s Ionuț Baltariu identified this campaign as part of a broader trend where threat actors exploit popular game releases to weaponize curiosity and urgency.

This isn’t the first time Bitdefender has uncovered scams disguised as beta invites for popular upcoming game releases to steal login credentials or infect users with credentials-stealing trojans.  

How to Stay Safe from Gaming Scams Like This

Gamers are prime targets — especially when high-profile titles are involved. Here's how to protect yourself:

1. Never Trust Ads Blindly

Even sponsored ads on Meta platforms can be malicious. Always verify links before clicking — official betas are announced through trusted sources, not fly-by-night domains.

2. Use Bitdefender Scamio (Free!)

Bitdefender Scamio is a free AI scam detector that can quickly assess suspicious ads, messages, or websites. Just send it the link or description and get instant feedback.

3. Enable Two-Factor Authentication (2FA)

Make sure your Steam account is protected with 2FA via Steam Guard Mobile Authenticator. It adds an extra layer even if your credentials are compromised.

4. Check URLs Carefully

Legitimate Steam URLs will always be on steampowered.com or steamcommunity.com. If a login page appears on a different domain — it’s a scam.

 5. Use Bitdefender's Link Checker (Free!)

 Bitdefender Link Checker scans URLs in real time and alerts you to suspicious or malicious pages — ideal for detecting fake login screens like the one above.

Bitdefender Has Your Back

From giveaway scams and crypto phishing to malware-laced downloads and phony gaming websites, Bitdefender is constantly monitoring threat actors' latest tricks. Our security solutions with top notch anti-malware and anti-phishing technology, research, and free tools like Scamio ensure you're protected at every click.

Don’t get caught in the hype — get the facts and get protected.