Call Of Duty: Mobile (CODM) Free CP Scam – MacSources

by | Jun 26, 2024 | SSL Certificate News | 0 comments

Buyer beware when it comes to ‘free’ CODM offers in-game. You might lose your account to a scam.

I’ve been a dedicated player of Call of Duty: Mobile for several years and I’ve seen a lot of scams be publicized in the media. Fortunately, I’ve never been a victim of one directly, and up until yesterday, neither had any of my friends. When I got online yesterday to play, I received a message from one of my ‘clanmates’ claiming to have the option for free CP available. I knew right away from the structure of the message that it wasn’t my friend, but decided to play out the scam to see where it led. Plus, I thought that any information I got from this digital adventure might help my friend get access to his account back. Here’s how the event played out.

CODM Free CP ScamCODM Free CP Scam
The scammer’s first message to me. I continued talking with him throughout this process.

Discovering the Scam

Not long after I logged on to play, I received this message: Hey Bro Go to website Activisioncodm.org Get 10800 Free CP For New Season

First of all, none of my friends (and not many native English speakers for that matter) start a phrase with “Hey Bro.” Second, I knew from studying the game that Activision does not give out free CP. Third, the sentence structure was not correct. I knew that my friend didn’t speak that way and it was immediately suspect considering the phrase was written in broken English.

As soon as I read this message, I sent a text message (not an in-game message) to my friend who owned this account. He let me know that he had indeed been hacked. Fortunately, he immediately changed his password and email on the account and the real Activision provided account recovery assistance quickly. He noticed that when he played earlier in the day he was being logged out every time. This is a dead giveaway that someone else has access to your account.

CODM Free CP ScamCODM Free CP Scam
Text messages with my friend to let him know the account was hacked.

There are many different types of scams out there but with this one, I believe that the scammers were just looking to collect account information so that they could log in to someone’s account and take control of it. Why would they want to do that? To sell it. I’ve talked with some people who resell accounts and it’s a lucrative business. The sellers will get the account information, change it so that they have control over it, and let the account sit for several months before trying to sell it. If you act quickly enough, you can regain control of your account before it’s lost for good. I’ll discuss that more in a moment, but first, let’s look closer at this scam.

Checking Out the Phishing Site

Before I go into this any further, I want to strongly recommend against clicking on or visiting any links that you aren’t familiar with. I took some precautions to safeguard myself so I could investigate this particular scam, but it’s not something I would usually do. It is possible that just by clicking on a link and letting a site like this load, your system could be injected with certain cookies that could continually pull information from your system.

As it turns out, this particular scam was one that seems to only trying to collect login and password information. When you look at the site, they did a pretty good job of mimicking Activision’s real login page, but there are some pretty big red flags here.

  1. The URL ‘activisioncodm.org’ would not be a URL structure that Activision would use. It would be something like activision.com/xxxx where the main URL would still be “activision.com”
  2. Activision would not use a trademarked icon like Donny Darko on a page like this.
  3. Even though this site has a valid SSL, it’s only registered for three months. And, it was first registered on June 17, 2024. If a site is that new, it’s something to be very cautious about. (You can check out a site’s SSL certificate by clicking on the lock in the address bar.)
  4. The copyright at the bottom of the page shows 2023 and Activision’s real site shows 2024.
  5. The information presented on this page is written in broken English and these elements aren’t present on the real login page.
    • “Your Account Should Saved on Activision”
    • “Dont Send Spam Request”
    • “Fill Below Box”
  6. Activision’s real login page has a Privacy Certified box at the bottom.
CODM Free CP ScamCODM Free CP Scam
When I tested the ‘sign in’ function, I used fake information. I let the scammer know that it didn’t work and they quickly logged off the game.

Something else I noticed right away, was that all the menu items point back to the real Activision site. This was a pretty smart move on the part of the scammers because someone is not likely to notice that right off the bat — especially if they think that they are on a legit Activision site. This site’s creator even added the legal pages at the bottom of the page. As I just pointed out, these all just link back to the Activision site, but someone who was just excited about getting free CP might overlook that. Plus, these are direct links and not redirections. That means that a user is less likely to notice how long the page takes to load whereas a redirect might take longer.

Site Analysis

After looking at the SSL certificate, I got curious about the rest of the site structure. So, I looked at the source code of the webpage. You can do this easily by right-clicking on any page and then selecting ‘view source code’ or ‘inspect element.’ I actually checked out the entire HTML code of the homepage and saved it to a TXT file. Then, I used ChatGPT to do some analysis. While I have extensive knowledge of how phishing sites and scams are designed to work, I wanted to look for specific code that might indicate malicious intent on this homepage. So, I uploaded the TXT file to ChatGPT and asked it to analyze the document to see if it could detect phishing code. This is the response I got:

The document contains several