Playing online browser games becomes more and more popular. Especially Facebook offers a wide range of different mini games, developed by the most popular “social-game company of the moment” (Time.com): Zynga. We discovered an increasing number of Zynga Poker related phishing sites during the last days – mainly hosted on t35.com servers.
What is popular for gamers might also be popular for fraudsters – and especially if the games are a part of Facebook, whose accounts are valuable in manifold ways. And the game accounts are valuable in the sense of their possible stock of virtual in-game currency that can only be bought with real money.
Some copies of Facebook fan pages appeared in our scanners, which suggest that you can enter your log-in information directly on the fake page to become a fan of the game. Compare the screenshot of the <media 7246 _blank>real Facebook fan page</media>, which you can only visit after a successful log-in to Facebook, to the phishing site:
The two most prominent Facebook look-a-like sites in the scanning tool:
But it is not only the imitation of the social network giant that caught our attention. There is a wave of Zynga Poker phishing websites coming in. So let’s have a look at them as well:
The look and feel is the same on each and every site, but the fraudsters try to get your attention with different claims:
A small selection of recently found websites
... and they keep floating in.