It should not be a surprise that when Blizzard announced closed beta testing for Mists of Pandaria – the fourth expansion pack for the massively popular World of Warcraft online RPG – scammers were ready to take advantage of the news in a matter of days.
Trend Micro researchers warn that players have begun receiving in-game phishing emails supposedly sent by Blizzard and inviting them to participate in the testing:
The offered link takes them to a spoofed Battle.net login page. If they enter and submit their login credentials, they are automatically sent to the phishers and used to hijack the users’ account.
The researchers say that the scammers are seemingly currently targeting only users with low level characters.
“This may be part of the scam detection avoidance strategy of the bad guys, as high level characters may have more awareness to this security issue as they have spent more time in the game,” they hypothesize.
By analyzing the domain in question and the server it hosts it, they also discovered a number of other phishing sites targeting World of Warcraft players, and that some of these were registered just days after the new WoW expansion pack was announced.
“This clearly shows that the bad guys are up to date and are always in the lookout for events and opportunities to expand their nefarious schemes,” they concluded.