Gaming the security – Beware of fake Diablo III beta invitations!

The long and eagerly awaited closed beta run of Diablo 3 has finally begun and Blizzard has sent out the first set of invitations to registered gamers all over the world. In order to have a chance to be among the lucky ones who can play it, you have to have a Battle.Net account and opt in for the closed beta run in the first place.

We have seen huge amounts of fraud mails in the area of gaming in the past, scaring the potential victims with disabling gaming accounts due to allegedly suspicous acitivities or security issues, luring with free bonus items and – you guessed it – invitations for a closed beta of a long awaited game or add-on of an existing – popular – game. The scheme works the same way in almost all cases: the recipient gets lured to click a given link and to type in the login credentials on the landing page – which is a replica of the original webpage of the targeted game. As a consequence, your beloved and well cared for account gets stolen!

Screenshot of legitimate invitation by Blizzard

Important note: the original invitation mail doesn’t ask you to click a link! It only tells you to log in to your Battle.Net account and visit the “Account” section to proceed. The only links given in the real mail lead to the forums, FAQ and support sections on

Phishing has come a long way by now and the quality of design and text has improved a lot over the years. Even experienced users have a hard time nowadays to identify phishing mails as such. Here’s how you can stay safe:

  • never click links in emails, always type the url manually into the address bar of your browser or use bookmarks
  • use an effective anti-spam solution to filter out phishing mails
  • if you receive an inviations mail and opted in for the beta test: try to keep cool and check if you got accepted directly in your Blizzard account – don’t trust e-mails

Aside from fake invitations, we are already seeing the first scams floating around, luring you with cracked beta versions – don’t believe them! The cyber criminals behind these scams are trying to make money with ads and surveys – the actual downloads are very likely to include malware!

And now – keep your fingers crossed to get a legitimate inviation and to beat up the skeleton king in the beta!

Gaming the security – Beware of fake Diablo III beta invitations!

Your email address will not be published. Required fields are marked *



APT trends report Q3 2021

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021.

Lyceum group reborn

According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

GhostEmperor: From ProxyLogon to kernel mode

While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. With a long-standing operation, high profile victims, advanced toolset and no affinity to a known threat actor, we decided to dub the cluster GhostEmperor.

Subscribe to our weekly e-mails

The hottest research right in your inbox