According to Symantec, the potential victim is told in an email that he/she needs to log in in order to get some details checked. The message conveniently include a masked link that would eventually lead to a spoofed site: “http://wow-europe.good*******.eu/servicehttps3A2F2Fwwwwoweuropecom2Faccount2F.html”.

The page, which looks genuine enough (ironically, it even includes the anti-phishing warning one would usually see on a real WoW page), ask the user to input the name of the account and the password.

Some might not notice the fake URL and do as asked, but the next step in the scam should wake them up: another page asks them to provide even more personal information. After filling this one up too, the user is then redirected to the official WoW main page. In the mean time, his WoW account is being cleaned up by the scammer: goodbye gold and farewell items!

In case you have forgotten, here’s a short list from Blizzard,r reminding everyone where exactly they should type their passwords:

There are only four places where you should EVER type your password:
– The World of Warcraft game login screen.
– The Account Management page on the official site (http://www.worldofwarcraft.com/account/)
– The World of Warcraft Armory page (https://www.wowarmory.com/login.xml).
– The official World of Warcraft forums (http://forums.worldofwarcraft.com)