Advertisment

Game of Thrones Phishing Scams and How to Avoid Them

Game of Thrones fans can finally come in from the cold and, like a starving dragon, start devouring the latest and final season of massively popular TV show

author-image
CIOL Bureau
New Update
Game of Thrones Phishing Scams

The long night has finally ended. Game of Thrones fans can finally come in from the cold and, like a starving dragon, start devouring the latest and final season of the massively popular TV show. But unlike the fantasy series, what is far more real is the plethora of phishing scams facing enthusiasts.

Advertisment

While there have been many such deceptions, from malware via pirate torrent sites to phishing scams, Check Point Research recently came across the latest in this line of malicious activities bent on taking advantage of unsuspecting fans. Below is an example of such a site that uses the official branding of the show to poses as a legitimate competition for fans to win a special gift pack of GoT merchandise. There is however, no such prize and the site instead collects as many email and mobile phone details as possible that could possibly be used in future spamming campaign.

Game of Thrones Phishing Scams and How to Avoid Them

Fig 1: example of Game of Thrones phishing site – gameofthronesratings<.>com

Advertisment

Another example, that aims to dishonestly collect credit card details of users by posing as an official Game of Thrones merchandise store, can be seen below.

Advertisment
Game of Thrones Phishing Scams and How to Avoid Them

Fig 2: example of a site disguised as Game of Thrones official online store – gameofthronesofficalshop<.>com

While many may claim to be able to tell the difference between a real site and a fake site, the use of well recognized and trusted brands, like Game of Thrones, is the preferred method for encouraging the user that the impersonated email or website is trustworthy.

Advertisment

Understanding the threat

The websites we observed using the Game of Thrones brand could be split into two main categories- Legitimate or fraudulent websites. While both categories use the popularity of the brand to lure users in, their motivation is different. The legitimate websites include fan pages, online games or small shopping sites, looking for potential customers or new community members, as seen below.

Game of Thrones Phishing Scams and How to Avoid Them
Advertisment

Fig 3: gameofthronesgifts.com- Shopping site

Game of Thrones Phishing Scams and How to Avoid Them

Fig 4: gameofthronesgifts.com- Fan site

Advertisment
Game of Thrones Phishing Scams and How to Avoid Them

Fig5 realgameofthrones.com- Online game

The fraudulent websites on the other hand, exploit the popularity of the brand to display ads, acquire personal information or convince the user to install an unwanted program.

Advertisment

These fraudulent websites mostly include sites requesting personal information for marketing opportunities, and fake streaming sites, requesting the user to download a browser add-on and provide personal information, while no streaming content is displayed at the end of the process.

Game of Thrones Phishing Scams and How to Avoid Them

Fig 6: gameofthronesof.com- Fake streaming site

Game of Thrones Phishing Scams and How to Avoid Them

Fig 7: gameofthronesratings.com – Website requesting personal information

How ThreatGuard Can Help

ThreatGuard is a SaaS product that scans an organization’s assets on the web and notifies them when threats such as lookalike domains, exposed accounts, detected CVEs and open risky ports are detected. In the examples provided above, to find sites exploiting the popularity of Game of Thrones, we used the lookalike domains functionality.

ThreatGuard allowed us to locate lookalike domains in a very short amount of time and focus our research on the deeper threat analysis. We initially added a ‘gameofthrones’ query into ThreatGuard and got tens of results. After expending the search to more common words related to the Game of Thrones series, such as names of characters and known quotes, we found a lot of other related domains.

Game of Thrones Phishing Scams and How to Avoid Them

Fig 8: The ThreatGuard main dashboard

ThreatGuard also allowed us to focus our research on a specific word, the severity of the domain, live domains and more. For domains that were deemed more interesting, we conducted safe browsing via the ThreatGuard solution and inspected the history of the domain. This permitted us to inspect the suspicious domains without harming our hosts and understanding more about the domain we investigated. When we found a malicious domain, we automatically asked for it to be taken down by the domain registrar.

Game of Thrones Phishing Scams and How to Avoid Them

Fig 9: Focus on a specific lookalike domain

Game of Thrones Phishing Scams and How to Avoid Them

Fig10: take down the domain by contacting the domain registrar and update all of the major web browsers

How to Avoid Being a Phishing Victim

There are ways, of course, to prevent being the next victim of a phishing attack. These include:

  1. Think before you click. Clicking on links on trusted sites should be totally fine. Links that appear in random emails and instant messages, however, isn’t going to end well. Hovering over links that you are unsure of before clicking on them will tell you if they lead to where you’re expecting.
  2. Make sure a site’s URL begins with “https” and there is a closed lock icon near the address bar.
  3. Check the site’s domain name is the site you are expecting to visit and trust. If it is not then you could be about to become the next victim of a phishing scam.
  4. Make sure you have an advanced threat prevention solution such as Check Point’s SandBlast Agent zero-phishing protection

The full list of sites found by Check Point to use the Game of Thrones brand, based on our analyst’s categorization can be found below:

Malicious:

gameofthrones.pro

Fraud:

gameofthronesgamer.com

gameofthronesof.com

gameofthronesseason8online.net

gameofthronessaison8stream.com

gameofthronesratings.com

gameofthronesconquesthacked.top

Inactive:

gameofthrones-live.com

gameofthronescast.com

gameofthronesbingo.com

gameofthronesfinale.shop

gameofthronesseason6-online.com

gameofthronesstudiotours.com

gameofthronesslotscasino.com

gameofthroneslegacytours.com

gameofthronesseason7livestreaming.com

gameofthronescollectibles.com

gameofthronesseason7watchonline.com

watchgameofthronesepisodes.com

Streaming:

Gameofthroness.club

Watchgameofthrones.info

Gameofthronesstreamingita.com

Shopping:

gameofthronesil.com

gameofthroneszone.com

gameofthronesneon.com

gameofthronesgifts.com

gameofthronescastle.com

gameofthronesfandom.com

shopatgameofthrones.com

idolovegameofthrones.com

gameofthronesapparel.com

thegameofthronesparty.com

gameofthroneskeychains.com

gameofthronesofficalshop.com

gameofthronestreasureshop.com

Gaming:

realgameofthrones.com

officialgameofthrones.com

Blog/News:

gameofthronesblog.com

gameofthroneseason8episodes.com

gameofthronesseason8hbo.com

hbogameofthronesseason7.net

gameofthronespredict.com