We were alerted to a spam run that banked on the craze surrounding the highly anticipated worldwide release (except in Japan) of Grand Theft Auto IV (GTA IV) on 29 April 2008.
Below is a screenshot of the sample spammed email message:
It appears to be offering a free PlayStation 3 along with a copy of GTA IV. And the ironic (or appropriate?) come-on: “Enter the Criminal Underworld.” Clicking on the link leads the user to the following site:
Given the immense popularity of this online game, its reception by the online gaming community is no longer just hype. The days before the release provided great opportunities for spammers to trick online users into clicking the links in the spammed email messages. Users who did so were asked to provide their email addresses — instead of the supposed free version of GTA IV, affected users received more spam. This is a common technique used by spammers to check whether the email accounts they have gathered are indeed active. Users who click on links are therefore unwittingly signaling spammers that their email addresses are indeed working accounts.
Fans — in the millions no doubt — proved to be most vulnerable to this spamming operation. And who says “no” to the doubly irresistible promise of being able to play the game before everyone else — and for free, too!
Interestingly, last year’s release of another famous online game, Halo 3, was relatively quiet when it came to online security issues. Both of these games were heavily promoted and marketed, which doesn’t explain why we see the spamming just now. Maybe last year’s media-documented campaign by a Florida lawyer against the game creators makes the game controversial enough to warrant spammers’ time and attention.
As usual, users are advised to refrain from clicking on links regardless of how attractive the offers are.
Thanks to Trina Baetiong of Content Security for details regarding this spam run.