World of Warcraft phishing scams
Posted on 29 September 2010.
Blizzard's MMORPG World of Warcraft is one of the most popular games out there, and its players are among the most targeted by online scammers.

It is common knowledge that login credentials for WoW accounts are very much sought after by phishers, so TrendLabs warns about a couple of scams currently going around.

The in-game chat/whisper system is often used to lure players to phishing sites. The phishers usually pose as Blizzard employees or unknown players and "whisper" to the victim that they have been selected for receiving a free gift or that their account has been flagged as hazardous:

In both cases, the victims are urged to follow the offered link that will take them to a phishing page where they are supposed to register with their account credentials in order to receive the gift/prevent the suspension of their account.

Recently, WoW's in-game mail system has also been employed to deliver similar malicious messages to players:

To add to the credibility of the message, the text and the offered phishing URL make many references to WoW and other Blizzard games. Just as a side note - the phishing website domain is registered and hosted in China. The website in itself resembles very closely the official site, making it easy for some people to fall for the scam.

Blizzard is aware of these phishing attempts, and has made it their business to intensify its efforts when it comes to informing the players about them on’s security page. They have also made it possible to report scammers from within the game (see, for example, the "Report Spam" button in the in-game mail system).


DMARC: The time is right for email authentication

Posted on 23 January 2015.  |  The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Jan 27th