Wednesday, September 28, 2005

Scams Targeting Online Games: Old Phish With Fresh Bait

Via Netcraft.

Are phishing crews paying more attention to virtual worlds? Phishing attacks on massively multiplayer online role-playing games (MMORPGs) have been around since at least 2002, and perhaps earlier. But some observers of online games say the growing market for virtual currency and player accounts may be attracting fresh attention from phishing scams, which are mass-mailing "bait" e-mails seeking to capture gamers' account logins.

Phishing attacks most commonly target banks, credit card companies and payment sites such as Paypal. This year phishers have expanded their target list to include smaller regional banks and credit unions. While phishing attacks on online games aren't new, they may represent a logical area of expansion for these scams, given the growing value of player accounts, the youthful demographics of online gaming, and a recent influx of new players due to the popularity of World of Warcraft.

A recent phishing attack targeting users of EVE Online was reported by Terra Nova, a blog that follows trends in virtual worlds. The bait email purports to be from the game's security team, investigating unusual account activity and sending victims to a spoof site at a server in Spain.

Early phishes on MMORPGs date to 2002, when Dark Age of Camelot began warning users about bait emails, while other early efforts targeted Everquest. In January Netcraft received reports of a phishing attack seeking to steal user account details for Runescape, a free virtual world popular with younger gamers.

0 Comments:

Post a Comment

<< Home