Cyber Criminals are Kicking Internet Users, and the World Cup

image I’m a huge fan of the World Cup, but I have to admit, I’m totally annoyed that France eliminated Ireland on an illegal hand ball earlier this year. I’m Irish, by cultural extraction, so I get to feel this way.

By allowing this tainted win to stand, FIFA did nothing to enhance the perception of fairness in the “beautiful” game.

But, I’m digressing – this article is supposed to be about how cyber crooks are capitalizing on the World Cup, and screwing Internet users in the process.

Aware internet users know, that if an event is newsworthy, cyber criminals will exploit it to their own advantage. It’s no surprise then, that cyber criminals have jumped on the World Cup, and are already exploiting this enormously significant event.

Cybercriminals are experts at exploiting our curiosity surrounding current events, and by focusing on this aspect of social engineering (using a shotgun approach), they are increasingly creating opportunities designed to drop malicious code on our computers. Most of this activity is designed to separate unwitting victims from their money.

Cybercriminals can be much more direct though, in their attempts to separate victims from their money. The bad guys are now using specifically targeted email attacks against high profile officials in inter-governmental organizations, world wide.

Symantec Hosted Services has just reported they “first intercepted a FIFA World Cup related attack at the end of March 2010”, and additional targeted attacks have been uncovered since then. The attack emails are crafted in such a way that recipients are encouraged to open an attached, malicious, World Cup match schedule.

According to Symantec, “should the recipient become lured in, an open excel file will drop an executable on the compromised PC, creating a “backdoor” that bypasses normal authentication, connecting to the hacker’s machine.”

The following graphic is illustrative of the type of emails used by these cyber criminals.

image

You can learn more about these targeted attacks online at the MessageLabs Intelligence blog.

Additional information in the blog report includes:

What type of file do targeted attacks use the most in their attachments?

How are legitimate websites used in targeted attacks?

What other targeted attacks have arisen during the World Cup?

How can targeted attacks be detected?

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Malware Advisories, MessageLabs, Online Safety, spam, Symantec, Windows Tips and Tools

7 responses to “Cyber Criminals are Kicking Internet Users, and the World Cup

  1. Hi Bill,

    When ever I read this type of news, I just say myself, what if those guys use their brain for good purpose. They really understand readers mind; they can be a great email marketer or security expert but the fact is they are spammer and hacker. A thin but strong line differentiate this two type of guys.

    Arafat

    • Bill Mullins

      You’re right Arafat, it’s a thin line. I guess there’s more money in being a crook.

      Bill

  2. Pingback: Tweets that mention Cyber Criminals are Kicking Internet Users, and the World Cup « Bill Mullins' Weblog – Tech Thoughts -- Topsy.com

  3. Hi Bill,
    Great post and a reminder to all of the threat of event driven social engineering. Regardless of the topic, if you get a email about some current event I’d just delete it.
    To underline the situation we find ourselves in today an article on ZDnet by Adrian Kingsley-Hughes talks about a guy who accessed his bank account from his wife’s computer, he doesn’t maintain the security on it and he paid, $100,000 in this case for his lack of attention.
    A real world horror story about the threats going on out there.
    Mark

    • Bill Mullins

      Hi Mark,

      I missed it until you pointed it out. Thanks for that.

      This story illustrates perfectly, why I will not do my banking online. Besides I need the walk. 🙂

      Have a great weekend.

      Bill

  4. Adrian

    Looks quite real, the email. But I won’t fall for it 😉