Security researchers say a new phishing campaign has been targeting World of Warcraft users with the promise of free in-game pets. According to security firm Malwarebytes, two variants of the email scam have been detected that are purportedly sent by the popular MMORPG's developer Blizzard Entertainment.
The emails claim a friend has purchased an in-game pet and offers WoW players the chance to get one of their own for free as well. While one version of the email scam claims to offer players the chance to grab the purple glowing in-game pet Brightpaw, the second claims gamers will receive a free Mystic Runesaber mount.
Both creatures are available for purchase in WoW's in-game store.
The email also mentions Blizzard Entertainment and Battle.net, but include question marks following each of them, something that should alert users.
In September last year, Blizzard announced plans to retire and "transition away from" its iconic Battle.net name when referring to its online gaming service. Last week, a new update for the company's launcher app did away with the classic Battle.net branding and renamed it the Blizzard app.
However, the link featured in the scam emails lead to the same, lengthy phishing URL that includes the Battle.net name and asks users to enter their Blizzard account credentials to claim their gift.
Once provided, scammers can use these gaming credentials to access a victim's account and swipe other available data.
"Feel free to ignore this one and send it straight to your trash folder, there's no free pets at the end of this path, just headaches and calls to customer support," Malwarebyes' malware intelligence analyst Christopher Boyd writes.
He also notes that there may be other similar phishing scams besides the two identified by the security firm.
Security expert Graham Cluley cautions gamers to protect against phishing emails by watching out for suspicious indicators in such emails, such as the question marks in this case. Users should also check the sender email and links included in the email for suspicious locations, he adds.
"Doing so will help reveal whether a friendly companion or tech support frustration await on the other end of a URL," Clulely wrote in a blog post.