World of Warcraft Hit by New Phishing Scam

World of Warcraft Hit by New Phishing Scam

Hackers target world's most popular multiplayer online
role-playing game with promise of a new mount.

World of Warcraft players desperate for a new mount to
traverse the online role-playing game's fantasy world are
getting a reality check from hackers who have devised a clever
pop-up phishing scam to spread malware.

Security technicians at F-Secure Security Lab on Tuesday
posted a blog entry Tuesday detailing the latest scam making
its way through the world's most popular massively multiplayer
online role-playing game (MMORPG).

With more than 11.5 million monthly subscribers, Blizzard
Entertainment's World of Warcraft is not only the most
successful MMORPG in history, but also a very popular
environment for hackers, phishers and assorted click-fraud
scam artists.

This latest hoax preys on players' desire to add mounts for
their online avatars to ride. After clicking on a link to get
a new trial mount, players are redirected to a malicious
phishing Web site that mimics an official WoW page.

Those players who are still hard up for a mount are then
prompted to enter their WoW log-in details.

"Apart from losing all the gold and items saved,
a compromised account could also be used to send out the
malicious messages to other victims, adding insult to injury
," the researchers warned in their blog post.
"An interesting detail about this particular site is that
a reverse-IP check on its IP address turned up over a dozen
other WoW phishing sites."


F-Secure officials remind players that phishing sites like
the one identified today are blocked by the security firm's
browser protection software.

World of Warcraft holds an estimated 62 percent of the MMORPG
market. The third expansion set, Cataclysm, was announced at
the BlizzCon conference earlier this year.