Phishing scam invades Star Wars online game
Cyber-scammers are trying to invade the world of “Star Wars” with a phishing try on gamers playing “Star Wars: The Old Republic,” a security vendor said Wednesday.
GFI Labs said the scam will subject prospective victims to several so-called verification checks, asking them to enter their online credentials.
“The site uses elements from the real thing and the login page is almost identical, save for the fact that the genuine login screen says ‘Email address or trial account display name’ – the fake misses the trial account reference altogether,” it said.
It said the scam tells prospective victims their accounts have “unusual activity,” and they should “confirm” their accounts by entering their security answers.
Security answers may be used to verify accounts, including possibly resetting passwords.
GFI said the scammers will even prompt for “backup” security answers, having the victims pick a security question from the drop down menu above and continue.
But it stressed the danger lies in the possibility of the victim using the same set of email addresses, usernames and passwords in their other accounts, including social networking and banking.
“Given the amount of secret question answers handed over, it’s quite possible that the scammers here will be able to use some of that stolen data in combination with the entered Email address and break into that account too,” GFI said.
“If that email is used to password reset additional accounts such as social networks, internet banking and blogs then we might feel a great disturbance in the Force, as if lots of accounts suddenly cried out in terror and were suddenly silenced,” it added.
GFI advised those who may have encountered the scam to change their passwords “before some serious damage is done.” — TJD, GMA News
Talk of the web