Game of Thrones Season 8 Launch Opportunity for Phishing ScammersByBill Toulas-April 17 2019.1023 Several well-crafted fake websites threaten Game of Thrones fans with merchandise and event tickets. The websites look like the real thing but in reality they are forums for phishing or spamming. It is the way they treat fan groups that differentiates real sites from fake ones. As we warned at the beginning of the monthGame of Thrones season 8, scammers have just been working long hours to drive their phishing campaigns out there baiting on their malicious hooks unsuspected viewers. According to post-phishing websites of a CheckPoint researchers following Game of Thrones are springing up like mushrooms after the rain with many of them trying to trick people into believing they’ve earned something important. As it is all about the Game of Thrones series specific merchandise and special gift packs are often used to make up the bait which encourages people to enter the fake competition by filling out a basic form. After entering the name email phone number and company, the participants receive a “winning letter” demanding even more sensitive information that is ostensibly appropriate to claim the prize. Many sites collect the data to use in spamming campaigns and simply announce on the competition page a fake winner. Legit sites are constantly curating their group and fan pages, and coordinating their layout to help them succeed. Fake websites don’t maintain fan groups while it’s easy to distinguish paid likes and followers. This shows that seeing a “https” and a padlock icon with a valid certificate does not necessarily mean you’ve landed on a secure website. Confirm the domain search that the social networks read the terms and look everywhere you can for signs of scamming. Here’s a complete list of the sites CheckPoint confirms as fraudulent: gameofthrones.pro gameofthronesgamer.com gameofthronesof.com gameofthronesseason8online.net gameofthronessaison8stream.com gameofthronesratings.com gameofthronesconquesthacked.top gameofthroness.club Watchgameofthrones.info gameofthronesstreamingita.com gameofthronesil.com gameofthroneszone.com gaameofthroneszone.com gameofthroneszone.com gafthroness.Figure 3 image credits: Mimecast The research team at the Mimecast Threat Center told the Microsoft Security Response team and provided the related proof of concept code, but at this point the latter chose not to fix the issue. Alternatively, they advise people to use a Group Policy that blocks all external data links or by using the Office Trust center to achieve the same results. Microsoft has also released a guide on how to open Dde that includes documents that are already securely Mimecast’s threat security solution. Meni Farjon Chief Scientist at Mimecast told us that there are no known cases of exploitation of the vulnerability posed in the wild. In addition to our question as to why Microsoft chose the direction of proposing mitigation rather than plugging the security flaw, the researcher answered the following: “Since using Power Query alone does not deliver malware instantly, it needs to be combined with Dde to achieve full code execution. Since 2017, Microsoft has decided not to patch or disable Dde in Excel. Their response to this since 2017 remains the same. “