Phishing is here to stay. No matter what, thereâ€™s always a way to trick people into thinking that in fact they are talking to a different person than a bunch of attackers on the lookout for illegitimate gains. This week saw an interesting phishing wave aiming at players of World Of Warcraftâ„¢, worldâ€™s most famous MMORPG.
Fig. 1. Phishing message – Note the misspelled senderâ€™s name and fake domain name you should log into.
And this is the bait, and the probability that you are soo likely to get your account terminated might make you miss all the signs spelling PHISHING SCHEME: misspelled company name (Blizzard Entertainmen instead of Blizzard EntertainmentÂ®) or the forged domain name hosting the so-called login page.
Fig. 2. Fake login page hosted on a Chinese web server. It is the exact copy of the genuine one.
All you are asked to do is visit a given webpage that looks and feels like the one youâ€™re using regularly, and then log in so as to save your account from banishment. Once youâ€™ve successfully complied with the attackerâ€™s request, your account and password will be added to a database and your character will most probably be sold to another eager player, or will be stripped off of its valuables and ditched. Shortly put, your account will be sold and tradedâ€¦..exactly what you were told it had happened.
BitDefender Antiphishing intelligence reveals that, since the beginning of the year, phishing attacks targeting World of Warcraft customers rank third, immediately after PayPalâ„¢ and eBayÂ®.
In order to keep your account information safe and shielded from any kind of web-based attacks, we have developed TrafficLight, a free, lightweight, stand-alone & cross-browser security application based on the BitDefenderÂ® scanning technology.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.