Pokemon GO users targeted it phishing scam that demands money to keep playing the game
Augmented reality game Pokemon GO has been an unprecedented success, but where ever there is something highly successful cybercriminals are sure to follow and sadly a new phishing scam is doing just that.
The new Pokemon GO phishing scam involves users receiving an email pretending to be from game developer Niantic, Inc. and demands players pay $12.99 a month to use a full version of the game to compensate for the “overwhelming response” and “the need for more powerful servers.”
In the event players do not pay up the email claims that their account will be frozen within 24 hours.
Users who do fall for the phishing scam are delivered to a page which is designed to steal their passwords and credit card account information.
Niantic Labs does offer purchases of virtual goods within the game itself but the app is completely free and users are able to use it that way indefinitely.
In an email to SiliconANGLE Minecast, Inc. cybersecurity strategist Orlando Scott-Cowley explained the modus operandi behind the scam.
“We see these scams all the time, usually on Facebook, and sadly people fall for them every time, so I can’t say I’m shocked,” Scott-Cowley said.
“Cyber criminals are very, very good at issues-jumps. They’re able to turn their campaigns around on a dime, and often much quicker than the market can respond. Any good opportunity to make some cash and they’ll capitalize on it. This is similar to how they’re able to influence SEO results within a few hours of a large event, to trick people into heading to their websites instead of real ones. They’re so good they put most of the corporate worlds’ marketing campaigns to shame.”
“I suppose it’s a kind of extortion in a way, but only if you’re really gullible. This game’s popularity in particular, though, does raise more concerns that this phishing scam may just be the beginning of these extortion attempts. With the amount of people who are obsessing over this game, we might see more victims than we would normally think. And, since the app does actually offer in-app purchases, there is a chance that this phishing scheme may seem more legitimate to users.”
It probably goes without saying at this point but if you do receive an email asking you to pay for Pokemon GO report it as spam, then delete it, and under no circumstances should you click any link in the email.
Image credit: iphonedigital/Flickr/CC by 2.0
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We are holding our third cloud startup showcase on Sept. 22. Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.