Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Let the Games Begin!

Created: 09 May 2011 21:05:55 GMT • Updated: 23 Jan 2014 18:21:16 GMT • Translations available: 日本語
Mathew Maniyara's picture
+1 1 Vote
Login to vote

Gone are the days when phishing targeted financial brands alone. Phishers today are eyeing several other sectors to steal users’ confidential information. For the past few months, the gaming sector has increasingly been a target for phishers. Symantec is actively keeping track of these phishing sites that spoof gaming brands.

So what’s so lucrative about phishing for gaming site credentials? Gaming sites are popular with young generations who are passionate about playing and winning more and more games. Many of these gaming sites have a section for paid members that contain members’ exclusive games and added features. The primary motive of phishers is to lure users with the hopes of stealing their credentials to gain access to the members’ section. Since these credentials are in high demand, phishers also intend to sell stolen usernames and passwords on the Internet.

The following are some noteworthy statistics of phishing on gaming sites for April 2011:

·         61 percent of the phishing on gaming sites were hosted on free Web hosting sites.

·         About 17 percent of the phishing on gaming sites utilized typosquatting domains (Typosquatting refers to the practice of registering domain names that are typo variations of popular Web sites).

·         There were several phishing sites in non-English languages including Swedish, Spanish, Italian, Russian, Portuguese, Dutch, and French.

Internet users are advised to follow best practices to avoid phishing attacks:
•    Do not click on suspicious links in email messages.
•    Avoid providing any personal information when answering an email.
•    Never enter personal information in a pop-up screen.
•    Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.