Major sporting events and phishing scams seem to go hand in hand, and this year’s football World Cup in Brazil is no exception. A recent report on Threat Post notes that even though the FIFA World Cup is four months away, "attackers already are ramping up their efforts to defraud fans. As with most major events, such as the Super Bowl, the Olympics and others, attackers are using fans’ enthusiasm for the event as a lure to separate them from their money."
The scammers work by registering many domain names that appear related to an event that the unsuspecting or unaware sports fan may be tricked into believing is related to the event.
For the FIFA World Cup, scammers have targeted Brazilian fans eager for tickets. Unfortunately, Brazilians, with low disposable incomes have been priced out of the second biggest sporting event in the world, behind the Summer Olympics. So, attractive offers have a high traction rate. Kaspersky Lab researchers "have been tracking these schemes and identified a number of fraudulent domains attackers are using to entice victims to cough up their personal data and some money in exchange for cheap or free tickets, which of course don’t exist," reported Threat Post.
"The attacks start when a user does a simple search on Google, looking for websites selling World Cup tickets. Bad guys registered the fraudulent domain fifabr.com that is displayed among the first results as a sponsored link," Fabio Assolini, a Kaspersky Lab researcher in Brazil wrote in an analysis of some recent attacks he's tracking.
The phishing attacks often take the form of emails offering prizes for tickets where unsuspecting users click on a link and register their details for fraudulent prizes that include fake tickets, meeting of players and other "related" events. There might even be fake endorsements from players who fans idolise. The domain names for the "competitions" often host websites with malware that also record credit and debit card and banking details the victims often hand over.
The scammers are also using other tactics including a number banking trojans that appear to have the endorsement of football stars, which eager football fans click on but are actually malicious files or links to malicious websites.
Spam Fighter notes that some of the stars the scammers use include "the most recent champion of Brazil Neymar, whose image appears in a phishing website; the celebrity actor and TV host named Rodrigo Faro who's being used in a phishing email; and the football event's mascot Fuleco whose image appears in yet another phishing email."
In other words, it's a case of caveat emptor, or let the buyer beware! Your computer security, and your credit card, could depend on it. Remember, if it looks too good to be true, it is likely to be false!
Written by David Goldstein, Online Researcher and Consultant.