[Dave Birch] Phishing hit an all-time high in March, with the number of reports of online fraud reaching 18,480, according to the Anti-Phishing Working Group. By way of contrast, the number of phishing reports -- each of which concerns a unique online attack that ,ay involve zillions of e-mails -- recorded in March 2005 was 12,883, indicating a 43% year-on-year increase. I've posted about the dynamics of phishing before, so I won't go into all again except repeat that because it costs so little to launch phishing attacks they will continue to increase. I'm sure banks have this under control, so there's no need to panic. Phishing isn't just about banks, though. In fact, it isn't just about the real world.
The online security for World of Warcraft is a bad as it is for internet banking, and World of Warcraft has six million subscribers (more than many banks have Internet banking customers). It's just passwords. So now the phishers have provided yet another confirmation that World of Warcraft gold is a real as Sterling by launching yet another wave of phishing attacks! Now, phishing attacks on virtual worlds are hardly new, but the scale and sophistication are growing all the time. Incidentally, if you've no clue about World of Warcraft and are curious to know what on earth is going on, have a look at this clip that Richard Bartle alterted me to: it's probably the most famous World of Warcraft video clip out on the net.
This round of attacks uses a password-stealing Trojan and the perpetrators hope to make money off secondary sales of virtual goods. So, basically, I get your password then I log when you're not around and sell all of your stuff and then transfer the money to another avatar controlled me or an accomplice. It's virtual burglary.
Now that you can withdraw virtual money from real ATMs, this is only going to get worse. I'll just replay that part: now that you can withdraw virtual money from real ATMs... The first cards are going to be issued for Project Entropia. Players may now exchange their virtual world currency with real world cash using Versatel-compatible ATMs, according to Entropia developer MindArk. The cards are available exclusively through MindArk and bridge a player's in-game PED (Project Entropia Dollars) with their real (whatever that means!) bank account. The rate of exchange (10 PEDs to $1 USD), according to MindArk, is fixed.