14 DAY TRIAL // World of Warcraft fans are eagerly waiting for Blizzard to release the Warlords of Draenor expansion pack. In the meantime, cybercriminals are trying to trick WoW players into handing over their accounts.
We’ve come across a phishing email that promises recipients a lot of free gifts in the new game. The malicious World of Warcraft: Warlords of Draenor pre-purchase emails come with a game key that can allegedly be used to unlock the gifts, which include gold and various upgrades.
The fake Blizzard emails read something like this (click on the header image to see what the emails look like):
“When you successfully get the serial number, you can pre-install the game files. So, at 12:00 on December 20, 2014, when the game is released, you can enjoy these gifts.
(1) will receive the upgrade equipment matching specialization (item level 483).
(2) upgrading the role of class 60 or more, their main professional skills and first aid will rise to 600. If the name of 60 roles yet to learn professional skills, will depend on the role of body armor is automatically selected professional skills.”
When users click on the links contained in the emails, they’re taken to a legitimate-looking phishing page hosted on the battle.net subdomain of blizzardentertainmentfreeactivitiese.com. The website might look like it belongs to Blizzard, but it doesn’t. In fact, Chrome has already flagged it as being part of a phishing scam.
The phishing page is well designed. An analysis of the page’s source code shows that most of the content is taken directly from battle.net, Blizzard’s official Battle.Net website. A piece of JavaScript is designed to collect the credentials entered by the victim and send it back to the attackers.
If you come across these emails, delete them. If you’re already a victim, change your Battle.Net password as soon as possible. If you’ve been using the same password for other websites, change those as well.
There are a lot of World of Warcraft players who are probably anxious to start playing Warlords of Draenor.
The expansion set can be pre-purchased on Blizzard’s website and you do get some benefits if you buy the game before it’s released. However, any website or unsolicited email promising downloads or any other offers should be disregarded since they’re likely part of some cybercriminal scheme.