World of Warcraft players are often targeted by phishers whose goal is to get the login credentials to as many accounts possible and bleed them dry.
It is all designed in a way that will make some users miss the fact that there are many spelling errors in the email – including the very name of the company that supposedly sends it – and ignore the fact that the given URL doesn’t look like a legitimate URL belonging a Blizzard domain.
Instead of the legitimate login page, the victim is taken to a spoofed one that looks exactly the same:
According to BitDefender, the spoofed page is hosted on a Chinese web server. Once the victim enters its login credentials, he is redirected to the legitimate page. The information he entered is recorded and misused to strip his accounts of valuables or sold to another player.
Users are urged to remember that emails that try to create a sense of urgency by threatening the user with sanctions are often the work of scammers.