Online fraudsters have been actively creating
sophisticated websites imitating authentic domains of the World Cup, its
sponsors, and partners – including well-known brands – trying to lure users to
share their private data, such as usernames, passwords and credit card numbers.
Fabio Assolini, Kaspersky Lab’s
Senior Security Researcher with its Global Research and Analysis Team, said:
“We detect 50-60 new phishing domains every day in Brazil alone, and they are
often highly sophisticated and very skillfully designed. In fact, for an
ordinary user it’s far from easy to distinguish a fraudulent domain from a real one.”
Some phishing websites appear to be safe. For
example, their URLs may start with ‘https’, where the ‘s’ stands for ‘secure’,
as the cybercriminals manage to purchase valid SSL certificates from
certification authorities. Phishing domains also sometimes have mobile versions
with an authentic look and feel aimed at users of smartphones and tablets.
Criminals use legitimate SSL certificates also
to infect users’ computers with malware. In one scam, users in Brazil would
receive a message telling them they had won a World Cup game ticket. If a user
clicked on the link to print the ticket, it led to a digitally signed Trojan banker.
Another attack used an
apparent customer database breach. Scammers would send personalized e-mails
informing recipients that they had won a World Cup ticket. The messages – which
included the full name of the recipient, his or her date of birth, and full
address taken from an unknown database – had a PDF attached purporting to be a
winning ticket, but which was in fact also a Trojan banker.
Cybercrime leveraging the huge interest in the
World Cup is not limited to Brazil; it’s global. It’s also not so new: Kaspersky
Lab’s experts were
reporting on other World Cup-themed spam and Nigerian letter scam campaigns
back in February.
Here are some tips to stay secure against phishing
schemes and malware that use a World Cup context to
stage their attacks:
double-check the webpage before entering any of your credentials or
confidential information. Phishing sites are deliberately designed to look
websites with the ‘https’ prefix are more secure than those with ‘http’, this
does not mean such websites can be fully trusted. Cybercriminals are
successfully obtaining legitimate SSL certificates.
wary of messages you receive from unknown senders. Specifically, avoid clicking
on links in e-mails from sources you are not absolutely sure about, and do not
download and open attachments received from untrusted sources.
Make sure you
have up-to-date anti-malware protection installed that blacklists phishing
You can find a more detailed description of
World Cup-related phishing scams and malware on Securelist.
Kaspersky Lab Kaspersky Lab is the world’s largest
privately held vendor of endpoint protection solutions. The company is ranked
among the world’s top four vendors of security solutions for endpoint users*.
Throughout its more than 16-year history Kaspersky Lab has remained an
innovator in IT security and provides effective digital security solutions for
large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company
registered in the United Kingdom, currently operates in almost 200 countries
and territories across the globe, providing protection for over 300 million
users worldwide. Learn more at www.kaspersky.com.
the latest in-depth information on security threat issues and trends, please
* The company was rated
fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012.
The rating was published in the IDC report "Worldwide Endpoint Security
2013–2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The