World of Warcraft phishing scams
Posted on 29 September 2010.
Blizzard's MMORPG World of Warcraft is one of the most popular games out there, and its players are among the most targeted by online scammers.

It is common knowledge that login credentials for WoW accounts are very much sought after by phishers, so TrendLabs warns about a couple of scams currently going around.

The in-game chat/whisper system is often used to lure players to phishing sites. The phishers usually pose as Blizzard employees or unknown players and "whisper" to the victim that they have been selected for receiving a free gift or that their account has been flagged as hazardous:

In both cases, the victims are urged to follow the offered link that will take them to a phishing page where they are supposed to register with their account credentials in order to receive the gift/prevent the suspension of their account.

Recently, WoW's in-game mail system has also been employed to deliver similar malicious messages to players:

To add to the credibility of the message, the text and the offered phishing URL make many references to WoW and other Blizzard games. Just as a side note - the phishing website domain is registered and hosted in China. The website in itself resembles very closely the official site, making it easy for some people to fall for the scam.

Blizzard is aware of these phishing attempts, and has made it their business to intensify its efforts when it comes to informing the players about them on Battle.netís security page. They have also made it possible to report scammers from within the game (see, for example, the "Report Spam" button in the in-game mail system).


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th