A new type of item scam lures players into trap.
Theft and sale of in-game items as well as currency has been a topic in the World of Warcraft community for a long time. Re-cently, a new type of gold/item scam made the rounds. A previously undocumented function of the LUA script framework on which the WoW interface is based, allows a thief to take control over a victim’s game interface without having to rely on any installed add-ons. The attacker initially uses a social engineering approach: to receive a high value in-game items, all the future victim supposedly needs to do is enter a snippet of script code into his chat window. By doing so, the victim effectively hands off control over his own interface and the attackers can literally rob the game character without the player being able to do anything about it.