Didn’t we warn you about Pokemon Go? [UPDATE]

Just a few weeks ago, we warned our readers about the potential dangers of the new hit video game, Pokemon Go. Our original warnings were about opening up permissions to give the game access to your Google account which may contain sensitive information. Now, a phishing site is taking down players of the massive mobile movement.

The website, Pokemonpromo.com (CLICK AT YOUR OWN RISK), has been identified as a phishing scam by various sources, including CloudFlare. The site baits users in by promising a slew of legendary items to help enhance your game and show off to your friends. Among these items are legendary Pokemon, legendary lures, and legendary dust to upgrade your Pokemon. Once users complete their haul and go to add the items to their game, they are prompted with an all to familiar set of surveys. Pokemonpromo.com claims the surveys are in place to make sure no bots are using the site. In reality, the surveys harvest valuable information that should not be given out on the Internet. Prompts asking for names, addresses, emails, phone numbers, and even credit card numbers are prominent on the site’s surveys.

Pokemon Go is no stranger to phishing scams or warnings of them. Recently, a scam claiming that Niantic, the company responsible for the game, was going to be charging a $12.99 per month fee for the game was ousted as being false. This warning came from the Better Business Bureau (BBB); reporting scams like this are possible on their site.

Niantic made a statement claiming that the legendary items promised by Pokemonpromo.com were illegitimate and that these types of items and characters would become available once the game went completely global. A date for that is still unknown.

Remember PhishTrain’s five steps to avoid being phished over email, and hopefully you can recognize threats before they can harm you or your organization.

  • Be skeptical of all emails and be sure to examine them closely before opening any attachments.
  • Be extra careful with messages that ask you for personal information- such as passwords.
  • Take caution in downloading smartphone or desktop apps and granting these apps special permissions.
  • Keep all browsers on your device updated as companies implement anti-phishing and security software.
  • If you are unsure about the legitimacy of a message, contact the message’s source directly.

-Team PhishTrain

Like what you read? Give PhishTrain a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.