Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Phishing Scam Is Targeting League of Legends Players

    League_of_LegendsA phishing scam is using fake login pages to target League of Legends players, according to Avast Blog. At the moment, the attacks are taking place primarily in western Europe, mainly targeting France, Germany, and Spain. You can expect them in the UK and US after the scammers debug their beta campaigns. The sites are nearly identical to the legitimate login pages and are professional credentials phishing attacks. 

    League of Legends is a free-to-play online game owned by Riot Games that averages 12 million daily players and sees over 100 million players during peak times. Its massive fanbase makes it an attractive target for phishing scams. Although the game is free, Dark Reading reports that three out of five people reuse the same password across multiple services. As a result, if an attacker steals a password to someone’s League of Legends account, there’s a good chance that he or she can use that password to access other accounts belonging to the victim.

    These particular phishing sites impersonate the League of Legends login page almost perfectly. However, there are several red flags. The most obvious is the URL, which is similar to the legitimate ‘leagueoflegends[.]com’ but replaces the ‘O’ with a zero and appends extra characters at the end. You should check out KnowBe4's new Domain Doppelgänger tool to check out look-alike domains that could be used to attack your own users. 

    The sites are also hosted on 000webhost, a free hosting provider. According to Avast, the most common free hosting providers are ‘bravenet,’ ‘weebly,’ ‘000webhost,’ ‘x10hosting,’ ‘awardspace,’ ‘5gbfree,’ ‘freehostia,’ ‘freewebhostingarea,’ ‘godaddysites.’ While many legitimate smaller websites use these providers, large companies like Riot Games almost always use paid services.

    You should also be suspicious if something looks out of place on the webpage itself. Attackers often leave phishing pages unfinished. Before you enter any information, test different options on the page and see if its user interface behaves strangely. In the League of Legends scam, the ‘region’ option was stuck on ‘EU west’ and the ‘Remember me’ box was not functioning. While this can be an easy way to identify a fraudulent site, it’s not always sufficient; many phishing sites are very thorough and will contain links that redirect victims to the legitimate website.

    These details may seem obvious once they’re pointed out, but many users would still be fall for this phishing scheme. In order to spot these scams in the real world, people need to see real, interactive examples. To be sure, it’s unlikely that an organization would want its employees playing games on company time, but there are breaks, and there are BYOD shops, so the specific risk isn’t one that an organization can be entirely confident it’s avoiding. And of course the principles of security awareness carry over from online games to other areas of online live. New-school, interactive awareness training can give your employees the knowledge necessary to recognize phishing sites.

    Security Boulevard has the story: https://securityboulevard.com/2018/10/league-of-legends-gamers-targeted-by-phishing-scam-avast/

    Find out if your own domain has an evil twin with the brand-new Domain Doppelgänger tool

    Phishing is still the most widely used cyber attack vector, and criminal attack campaigns often use spoofed websites to deceive your users so they simply allow the bad guys to take over your network.

    Since look-alike domains are a dangerous vector for phishing and other social engineering attacks, it’s a top priority that you monitor for potentially harmful domains that can spoof your domain.

    Our NEW Domain Doppelgänger tool makes it easy for you to identify your potential “evil domain twins” and combines the search, discovery, reporting, and risk indicators, so you can take action now.

    Better yet, with these results you can now generate an online assessment test to see what your users are able to Domain Doppelgangerrecognize as “safe” domains for your organization. You then receive a summary of the test results to understand how security-aware your users are when it comes to identifying potentially fraudulent or phishy domains.

    With Domain Doppelgänger, you can:
    Search for existing and potential look-alike domains
    • Get a report with aggregated results that includes risk indicators, and
    • Generate an online “domain safety” quiz based on the results to administer to your end users

    This is a complimentary tool and will take only a few minutes. Domain Doppelgänger helps you find the threat before it is used against you.

    Find your look-alike domains here:

     Find Your Look-Alike Domains!

    Don't like to click on redirected buttons? Copy & paste this link into your browser: 

    https://www.knowbe4.com/domain-doppelganger

     

    Return To KnowBe4 Security Blog

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews