Not even "Mist of Pandaria," the latest expansion for the massively multiplayer online role-playing game, is exempt from phishers.
Security vendor Trend Micro said it started seeing increased phishing in "World of Warcraft" after its maker Blizzard started closed-beta testing in March.
"In these new rounds of phishing attempts, scammers are trying to abuse the WoW’s in-game mail system. In this phishing attempt, the malicious URLs are sent via in-game mail and are received by players in their in-game mailboxes," it said in a blog post.
Under the new racket, a scammer encourages victims to join the "Mist of Pandaria" beta testing and get an exclusive in-game item, the Dragon Turtle Mount.
However, the victim would have to visit and register at their so-called "website," which closely resembles the real Battle.net website.
"If unsuspecting users input their Battle.net credentials it will definitely result to Battle.net account theft. Battle.net is the central account management for all Blizzard games like World of Warcraft, Starcraft 2, and Diablo III," Trend Micro said.
Trend Micro also noted recent scamming attempts appeared to target lower-level characters and not high-level or level-capped ones.
It theorized this may be an attempt to avoid detection.
On the other hand, Trend Micro said Blizzard had stepped up its security measures, publishing a dedicated security page to help users understand their security commitment.
Blizzard also promoted its authenticator, available as an iOS or Android app, as a keychain fob. — TJD, GMA News
source: gmanetwork.com
