It's Thanksgiving Day so with some much needed downtime, I decided to login to my fire mage and play a little WoW (World of Warcraft). No sooner had I done so that I was greeted with the following message:

"Blizzor: Hello, Christmas is approaching. Blizzard released Christmas gifts players can receive free of charge. Please login: wwww.Blizz-Christmas.com."

Now, Blizzard does actually give free Christmas gifts to players - but it's done in-game, with all major cities sporting a huge tree and lots of presents to open. But the Blizzor message is a scam, www.Blizz-Christmas.com is a phishing site that masquerades as a Battle.net lookalike. The intent is to steal your game login credentials. The site uses all Blizzard links in its source code - except for the actual login button. This could trick some naive gamers into believing it's legit. But it's not. Logging in via Blizz-Christmas.com won't net you free gifts - but it will give the attackers your account for free.

The domain currently resolves to 210.72.225.118, an IP hosted in China.

Phishing scams can be difficult to stop. But it seems to me that Blizzard should simply ban any toon names with "Blizzard", "Blizz" or any similar derivative to reduce the likelihood of anyone falling for the scam.

Trend Micro is celebrating 'black Friday' a bit earlier. From now through November 30th, the security vendor is offering 50% off on in the Trend Micro online store. For example, if you've been considering a purchase of Trend Micro Internet Security Suite Pro 2010, you can get it now for $34.95 as opposed to the normal retail price of $69.95.

McAfee AVERT Labs has posted a humorous (but cautionary) tale of a scam targeting Brazilian users. The scam involves a promise of cheap $1 airfare, but delivers a password stealing trojan that  could wipe out your bank account. For details, see: Fly for $1 or Your Money Back!

In Can Adobe Beat Back the Hackers, BusinessWeek claims "as Microsoft has toughened up its security, Adobe has become a more tempting prey."

In reality, it has little to do with improvements in Microsoft security - attackers moved to Adobe because attacks moved to the Web. Adobe Flash and Adobe Reader (PDF) are ubiquitous Web-enabling apps and Adobe's lack of security in their product line has made it painfully easy for these attacks to succeed.