In less than 10 days, 32 national teams and thousands of football fans will descend on Brazil for the 2014 FIFA World Cup. For a month the whole world will be watching arguably the biggest sporting event on the planet.
Right now the players and coaches are fine-tuning their tactics, game plans and strategies in order to outwit their opponents. And so are the cybercriminals 🙂 . while everybody gets ready for kick off, cyber criminals have already started preying on soccer fans all over the world.
Few weeks ago anti-virus specialists and malware hunters at Kaspersky Labs described some attacks that were exploiting the World Cup theme. They included fraudulent domains selling fake tickets, fake giveaways, and several phishing and malware campaigns that targeted users’ credit cards.
Brazilian phishers are now registering domains with names of well-known local brands, usually credit card companies, banks, online stores, etc. All the phishing sites have obviously been designed by a professional, such as this one using the name of Cielo, a representative of Visa in Brazil:
Here’s another one using the image of Brazilian TV host Rodrigo Faro:
All the phishing domains had a very professional look and feel:
In Brazil alone, we’re detecting and blocking on average about 50-60 domains like this per day says Kaspersky Labs expert.
Further research shows that the phishers have not stopped there: they have also registered domains and started buying SSL certificates from Certification Authorities such as Comodo, EssentialSSL, Starfield, Register.com and others. This results in phishing domains with a ‘verified’ SSL certificate
The cyber-attacks have continued as the tournament approaches (just less than 10days). To help you stay protected and avoid world cup-related scams, below is a few tip I have for internet users.
- Always double-check the webpage before entering any of your credentials or confidential information. Phishing sites are deliberately designed to look authentic.
- Although websites with the ‘https’ prefix are more secure than those with ‘http’, this does not mean such websites can be fully trusted. Cybercriminals are successfully obtaining legitimate SSL certificates.
- Generally, be wary of messages you receive from unknown senders. Avoid clicking on links in e-mails from sources you are not absolutely sure about, and do not download and open attachments received from untrusted sources.
- Make sure you have up-to-date anti-malware protection installed that blacklists phishing websites.
A common scam you may come across is one where a personalised email is sent to you to inform you that you have won tickets to the World Cup. The messages – which include your full name, date of birth, and full address taken from an unknown database – have a PDF attached purporting to be a winning ticket, but are actually Trojan bankers
Kindly note that Brazilian cyber-criminals aren’t the only ones exploiting the theme of the World Cup, these attacks are appearing elsewhere in different languages and with different targets. (The images above are the few ones i was able to capture from SECURELIST/Kaspersky)
If you are planning to travel to Brazil for the World Cup or following it online, be secure – don’t trust any messages you receive, and double-check before clicking links.
Hope this little article post helps, Kindly make use of the comment form below to share your view/voice about this world cup scam and Do not forget To Subscribe to OLAMOSH.Net by Email so as not to miss new interesting articles. you are also free to share this article with your friends & famliy on social network, making use of the buttons below.