Olympic Games Kick Off – So Do Cybercriminals

image

If an event is newsworthy, you can be sure cybercriminals are exploiting it to their own advantage. Cybercriminals have jumped (as expected), on the 2010 Olympic Games which open tomorrow, February 12, 2010, in Vancouver, Canada.

In the continuing battle against cybercriminals, and their attempts to separate unwitting victims from their money, the MessageLabs Intelligence research and response team “have identified emails from cyber criminals attempting to use the Olympics to spread malware and stage targeted attacks”.

According to MessageLabs Intelligence, which is a part of Symantec Hosted Services, we need to be on the lookout for the following type of email attacks.

First, an email with the subject, “Information and resources to help you travel during the Vancouver 2010 Winter Games. TravelSmart 2010.htm”, which includes legitimate links to genuine sites. But, a hidden iframe embedded in the email itself, can be used to drop almost anything on the victim’s computer.

Second, an Olympic-themed targeted attack with the subject, “How to make Olympics more interesting?” While the body of the email is simple, there is an attached presentation program file which is malicious and attempts to use an exploit to install malware on the target machine.

According to Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services:

“We have seen three instances of this attack so far in February, which is a very small number in terms of global malware, but by its nature it is not designed to be widespread. As a targeted attack it is meant to attempt to gain access to a small number of specific users’ machines. If just one gets through, the damage to the victim could be substantial.”

To avoid becoming a victim during the 2010 Games, Symantec urges you to follow these best practices:

Purchasing Official Olympic Tickets – When buying tickets online, even from an auction site, be sure it is a reputable online source.  For instance, Vancouver2010.com is offering fan-to-fan tickets on a first come, first-served basis.

If it sounds too good to be true, it probably is – Many cybercriminals use extravagant promises such as “exclusive” Olympic pins and merchandise to lure victims into clicking through to malicious sites and divulging personal information.

Use caution when clicking links from within emails or IM messages – Links can contain viruses or Trojans, or lead users to infected websites.  Never click a link in a suspicious email.  Instead, make it a habit to type the full website URL into your Web browser.

Never fill out forms in messages – Legitimate 2010 Winter Games organizers/sponsors will never ask for personal, financial or password information through an email message.

Update your computer – Have a hacker –free Olympic experience, by  ensuring that all personal and work computers are protected with up-to-date antivirus software and the latest operating system and application patches.

I’ll go one step further; in dealing with anything having to do with the 2010 Olympics, on the Internet, exercise extreme caution.

About Symantec: Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, email scams, internet scams, Internet Security Alerts, Malware Advisories, MessageLabs, Symantec, Windows Tips and Tools

8 responses to “Olympic Games Kick Off – So Do Cybercriminals

  1. Liam O' Moulain

    Bill,

    Don’t these guys EVER quit.

    Liam

  2. kingpin

    Hi Bill,
    Is Symantec’s Norton 2010 version better than their previous version?Heard that it’s much lighter and better than previous version’s.How does this fare against GData2010 which was adjudged best security with 99.98% detection rate.Also what do you think of this new Defence Wall Hips v3 ,they claim there is better than any AV’s!Here there link
    http://www.softsphere.com

    • Bill Mullins

      Hey Kingpin,

      I haven’t tested any of these applications and so I can’t comment.

      I checked out your link on Defence Wall Hips v3, and I can’t see where they claim to be better than any AV. Instead they simple point out it works alongside AVs. It seems to me that it essentially the same type of protection as GeSWall which offers a free version.

      Bill

  3. kingpin

    Hi Bill,
    These two freeware claim to be really good,Your insight on this will help me to decide whether I should D/L this or not:

    http://www.spywareterminator.com/

    http://www.websecurityguard.com/

    • Bill Mullins

      Hey Kingpin,

      I run Spyware Terminator on an XP machine and I find it quite good. Incidentally, it has been downloaded through my site well over 10,000 times.

      I much prefer WOT to Web Security Guard.

      Bill

  4. Is there is any security software to stop all this

    • Bill Mullins

      Hey Alex,

      In this case, software really isn’t the answer. User education, and an understanding of malware distribution, is.

      Thanks for dropping by.

      Bill