The soccer/football World Cup currently going on in South Africa is being followed by hundreds of millions of people around the world. We have seen Twitter having trouble keeping up with the incredible flow of messages related to the event, but trouble more serious than an overloaded Web site is roaming, as cyber criminals take advantage of people's passion.
According to Cisco ScanSafe, 257 million spam messages related to the World Cup were sent every hour on June 11th, the first day of the competition. These accounted for four percent of the world's total spam that day. Spencer Parker, product manager at Cisco, says that "although the level of malware around the World Cup is still relatively low at this point, these early signs should act as a caution to users." Cyber criminals are using various schemes for tricking users into downloading malware, paying for streaming live matches (which is available for free) or falling for other frauds.
Paul Ducklin of security firm Sophos shared on his blog his discovery of a spam message for an advance fee fraud that uses the World Cup as an excuse for extorting money out of vulnerable people's pockets. As with most frauds of this type, a bit of common sense is enough to understand that the email is spam, but this particular one is even more laughable. Judging by the screenshot on Ducklin's blog and his explanations, it seems the email was based on a previous template where a person referred to in the email was named Johannes, and that named has been changed for Thomas. So the South African city of Johannesburg has had its name changed for Thomasburg, which does not exist! Not much credibility here.
However, some cyber criminals may be brighter than those who wrote that email, and could use the World Cup for doing more damage. It has been seen in the past, during the 1998, 2002 and 2006 World Cups, as Ducklin reminds us in another post. ZMK-J, Chick-F and Zasran-D were the malware to look for during the last three tournaments. This last one, F-Secure called it Banwarum. It was distributed as an email attachment that was presented as a way to get free tickets for the World Cup. In fact, it was a worm and probably gave people nothing more than headaches.
People are advised to be careful as usual and remember that, as Ducklin says, "if it looks wrong, it is!"
|
