Gaming the security – Beware of fake Diablo III beta invitations!

The long and eagerly awaited closed beta run of Diablo 3 has finally begun and Blizzard has sent out the first set of invitations to registered gamers all over the world. In order to have a chance to be among the lucky ones who can play it, you have to have a Battle.Net account and opt in for the closed beta run in the first place.

We have seen huge amounts of fraud mails in the area of gaming in the past, scaring the potential victims with disabling gaming accounts due to allegedly suspicous acitivities or security issues, luring with free bonus items and – you guessed it – invitations for a closed beta of a long awaited game or add-on of an existing – popular – game. The scheme works the same way in almost all cases: the recipient gets lured to click a given link and to type in the login credentials on the landing page – which is a replica of the original webpage of the targeted game. As a consequence, your beloved and well cared for account gets stolen!

Screenshot of legitimate invitation by Blizzard

Important note: the original invitation mail doesn’t ask you to click a link! It only tells you to log in to your Battle.Net account and visit the “Account” section to proceed. The only links given in the real mail lead to the forums, FAQ and support sections on

Phishing has come a long way by now and the quality of design and text has improved a lot over the years. Even experienced users have a hard time nowadays to identify phishing mails as such. Here’s how you can stay safe:

  • never click links in emails, always type the url manually into the address bar of your browser or use bookmarks
  • use an effective anti-spam solution to filter out phishing mails
  • if you receive an inviations mail and opted in for the beta test: try to keep cool and check if you got accepted directly in your Blizzard account – don’t trust e-mails

Aside from fake invitations, we are already seeing the first scams floating around, luring you with cracked beta versions – don’t believe them! The cyber criminals behind these scams are trying to make money with ads and surveys – the actual downloads are very likely to include malware!

And now – keep your fingers crossed to get a legitimate inviation and to beat up the skeleton king in the beta!

Gaming the security – Beware of fake Diablo III beta invitations!

Your email address will not be published. Required fields are marked *



APT trends report Q2 2021

This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc.

LuminousMoth APT: Sweeping attacks for the chosen few

We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.

WildPressure targets the macOS platform

We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS.

Ferocious Kitten: 6 years of covert surveillance in Iran

Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings.

Subscribe to our weekly e-mails

The hottest research right in your inbox