Gone are the days when phishing targeted financial brands alone. Phishers today are eyeing several other sectors to steal users’ confidential information. For the past few months, the gaming sector has increasingly been a target for phishers. Symantec is actively keeping track of these phishing sites that spoof gaming brands.
So what’s so lucrative about phishing for gaming site credentials? Gaming sites are popular with young generations who are passionate about playing and winning more and more games. Many of these gaming sites have a section for paid members that contain members’ exclusive games and added features. The primary motive of phishers is to lure users with the hopes of stealing their credentials to gain access to the members’ section. Since these credentials are in high demand, phishers also intend to sell stolen usernames and passwords on the Internet.
The following are some noteworthy statistics of phishing on gaming sites for April 2011:
· 61 percent of the phishing on gaming sites were hosted on free Web hosting sites.
· About 17 percent of the phishing on gaming sites utilized typosquatting domains (Typosquatting refers to the practice of registering domain names that are typo variations of popular Web sites).
· There were several phishing sites in non-English languages including Swedish, Spanish, Italian, Russian, Portuguese, Dutch, and French.
Internet users are advised to follow best practices to avoid phishing attacks:
• Do not click on suspicious links in email messages.
• Avoid providing any personal information when answering an email.
• Never enter personal information in a pop-up screen.
• Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.