Blizzard’s announcement today that they will begin a closed beta-test for the latest expansion pack is likely to generate a lot of excitement among that particularly low breed of online criminals who steal the fruits of other people’s entertainment when they commandeer passwords for other players.
While it’s hard to believe that most players of online games aren’t aware of the profusion of phishing sites attempting to steal logins, the problem clearly isn’t going away, so the warnings remain the same: Keep a close eye on your browser’s Address Bar, and make sure you’re really logging into Blizzard’s Web site, and not some phishing creep’s trap.
If history serves, they’ll try to lure you with false promises of getting access to the beta. Don’t fall for the trap.
(Tip ‘o the hat to Threat Research Analyst Curtis Fechner for the breaking news tip.)
Thanks for this information but this is already happening and phishers have stepped up their activity, as shown on my blog. I get regular phish e-mails trying to steal my account information using any ploy going. The phishers (pretending to be Gamemasters) are also active ingame by whispering players that their account is going to be suspended and to ammend their details on a phish link.
It is amazing that anyone would fall for this but obviously many do 🙁 Blizzard are aware of the increase in phish/spam activity and do try to make gamers aware but many seem to lack common sense.
As we’ve written before, phishers have been using the Cataclysm beta as a hook for more than a year. Now that Blizzard is actually going ahead with a beta, I agree with your point: it’s likely we’ll see this ongoing activity ramp up.
Thanks for your reply Andrew. This is one area I have taken a very active interest in with the hope that any site or e-mail I identify as a phishing scam will help stop another person becoming a victim. I quickly learnt that there are thousands of these sites which are out to steal gamers data. So many that it is impossible to keep track of them all. Thankfully we have many groups combatting them however users generally do not get to see these sites identified unless they use some sort of browser advisor or visit phish tanks and the like. Due to the increasing amount of scams we are seeing daily, I feel that more could be done by Domains registras, hosting companies, SEOs and ISP’s to remove these parasites more quickly.
There are a lot of gamers in the Threat Research group, so this is near and dear to our hearts as well. We’re sick of seeing our friends and adversaries in the gaming world getting nailed by this stuff.
And you have my warmest thanks for the effort you put into helping combat these phisher and making their scams more public. Keep up the good work.