All the latest UK technology news, reviews and analysis
|
|
|
29 Mar 2010
More proof emerged today that phishing attacks are not solely confined to the financial services space, as Panda Security revealed several new campaigns targeting World of Warcraft players.
In a blog post today, the vendor's technical director Luis Corrons highlighted the phishing emails designed to lure users into clicking on a malicious link. This link takes the user to a fake log-in page where they are asked to enter their username and password.
"As you have seen, the attack could be considered pretty good, both the message and the web site looked as if they were real, so we can assume that these are smart cyber criminals with high skills," he explained.
"But we know there are a lot of phishing kits out there, and that there are easy ways to accomplish these kind of attacks, so anyone could be able to do this."
These kinds of attacks are particularly dangerous given that many computer users use the same user name and passwords for multiple accounts, potentially giving the phishers access to online banking and other accounts.
Corrons added that the criminals, it turned out, were not so smart as they allowed the Panda research team to access their own database of stolen credentials.
Apparently, most of the scammed WoW players were using their email addresses as user names.
"I bet that the password used for WoW is the same one they are using for each and every online service (mail, Facebook etc)," wrote Corrons.
"And what's the moral of this story? Well, if such a moron is able to steal thousands of credentials, imagine what a smart cyber criminal could achieve."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Preview of the forthcoming handheld projectors with DLP technology
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Contract length: 6 months + Start date: ASAP. Location...
Senior Marketing Executive - Food and Drink industry...
BI Solutions Architect - 3 Months, to £350pd, London...
Junior Drupal Developer - Drupal - Chesterfield - To...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
<p>As a World of Warcraft player, I just want to point out that you HAVE to use your email address as your username. That's Blizzard's new policy instituted with their battle.net program. It's not so much carelessness as it is obligation.</p>
Posted by: Anonymous 07 Aug 2010