Phishing on a Digital Binary Warning Abstract

World of Warcraft phish campaign lures victims with free pet

A phishing campaign currently in circulation is attempting to bait World of Warcraft with the promise of free in-game pets. We’ve seen two variations on this so far, and it’s possible there’s more. Both of the below examples lead to the same phishing URL. As great as the promise of some free content is, this is nothing more than an attempt at stealing your gaming credentials.

fake pet
blizzard phish 2

One of the emails read as follows:

You are receiving this e-mail because Your friend has purchased World of Warcraft In-Game Pet: Brightpaw for you as a gift! Claim Your Gift To claim your gift, enter your Gift Key on the Battle.net? Account Management. You’ll be sent to the download page afterwards, if needed.

The second mail claims a “WoW mount mystic rune sabre” is up for grabs.

Keen Warcraft players will notice the email is branded with Battle(dot)net, the name of Blizzard’s online gaming service – but this name has just been retired, which may well set off a few alarm bells.

Both emails lead to a phish located at (deep breath):

us(dot)battle(dot)net(dot)login(dot)login(dot)xml(dot)account(dot)support(dot)password-verify(dot)html(dot)legion-game(dot)xyz/login/en/login(dot)html

fake pet login

The phish again touts the Battle(dot)net name and asks for an email and password.

Feel free to ignore this one and send it straight to your trash folder, there’s no free pets at the end of this path, just headaches and calls to customer support.

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.