Hackers emailing spam with the FIFA World Cup subject line to spread malware and steal money or personal information from computer users.
The FIFA World Cup is the world's most popular sporting event, and money-hungry cybercrooks have already taken advantage of the event in more ways than one. Cyber criminal activity and the amount of spam messages have risen about 27% as a result of the recent World Cup as hackers use this popular sporting event as an outlet.
Cybercriminals have repeatedly proved that their cyber attacks can be successful through use of a popular event or news story. Common social engineering attacks capitalize on events through social networking, email based spam (containing malicious links/attachments) and search engine optimization (SEO) based attacks. SEO attacks work by getting popular search engines to rank malicious websites among a list of the top set of returned results following a gaming related keyword search.
One attack uses an email which claims legitimacy by purporting to come from a well known sportswear manufacturer, and includes a malicious PDF attachment and a link back to the server which can result in downloaded malware. This tactic effectively doubles the chance of success for the cyber criminals.
Cyber security experts also found an interesting attack apparently not related to money. The attack was on the Indonesian government Web server. The gang behind the attack put up a defacement on the hacked Web server clearly related to World Cup activities as shown in the image below.
If a computer user visits the hacked website, they will be greeted by the official World Cup song. Experts have reported cases when Web servers were hacked based on political, racial and other motivations, but sport related motivations are now influencing cyber criminals to launch offensive campaigns such as in the case of the recent World Cup soccer events.
Computer users are urged to pay special attention to World Cup related spam messages. Don't become a victim, follow these security tips and stay safe:
- Keep your security software updated whether it be an anti-spyware or anti-virus application.
- Don't click on any related tweets or status updates with shortened URLs if you are unsure of the source.
- If you receive a suspicious email related to the World Cup 2010, don't click on embedded links and don't open any attachments it may contain.
- If you want to follow World Cup news, use your preferred and trusted News agency website. Don't try to visit unknown or suspicious websites that you found while searching the Internet.
- Don't click on any suspicious links in instant messages you may receive, even if they are from your friends or colleagues.
Have you encountered any World Cup related email messages? Did you identify them as Spam messages? If so, what did the spam message say?