Lavasoft News Lavasoft News

2010 FIFA World Cup Kicks Off Summer Scams

Some call it soccer. Some call it football. No matter what you term the game, the effects of the 2010 FIFA World Cup, the most widely-viewed sporting event across the globe, can be seen all around the world — and around the Web — following the kickoff in June.

A growing trend seen by online security experts is for scammers to take advantage of the latest breaking news and major worldwide events to distribute malware and, unfortunately, the World Cup, which will be in full swing until mid July, is a prime opportunity for cyber criminals to do just that.

Since the games began this summer, the cyber scams have been kicking off in full force, with reports of sophisticated World Cup-related malware scams, increases in spam themed around to games, and other malicious online ploys.

“Cyber criminals know that they can exploit popular international events to lure victims through various types of social engineering tactics. The World Cup is a prime target due to its prestige and the amount of interest it draws from fans around the world,” says Andrew Browne, head of Lavasoft Malware Labs.

How can you avoid becoming a victim of an attack? Lavasoft Malware Labs' analysts have compiled a list of five eminent online security risks surrounding the World Cup — and specific steps you can take to stay safe. Read on to learn more.

  1. Spam with malicious attachments. Be wary of unsolicited World Cup-related messages with an attachment, particularly if the attached file is a PDF. One of the latest PDF attacks took advantage of an Adobe Reader vulnerability that was recently patched. “Check that all applications and programs are patched and up-to-date. Turn on Windows automatic updates and make sure to have the latest security patches from Microsoft installed,” Malware Labs says.
  2. Targeted phishing ploys. There has been a deluge of the following themes in World Cup-related phishing messages: refunds, tickets sales and lotteries, accommodations, travel, and team merchandise. “If you receive an unsolicited message, delete it without opening,” Malware Labs says.
  3. SEO poisoning. Cyber scammers are poisoning search engine results using World Cup-related headlines and videos to lead to malicious sites in an attempt to push rogue (fake) security software and other types of malware. “Check all URL's carefully before clicking on them, and be especially mindful of only using trusted sites during this time,” Malware Labs says.
  4. Application downloads. With so many viewers planning to watch the games online, malware purveyors can be expected to capitalize on ways to infect users looking to download media players. “Vet any applications that allow you to stream World Cup content,” Malware Labs says.
  5. Legitimate sites serving malware. Malicious code can be hacked into vulnerable, legitimate websites in order to infect users. Legitimate World Cup-related sites are attractive targets for cybercriminals. “Make sure that you have core protection on your PC (anti-virus, anti-spyware, and firewall). Consider using an alternate browser, like Google Chrome or Mozilla Firefox, rather than Internet Explorer. If you use Firefox, install the NoScript plug-in for Firefox to intercept potentially malicious scripts (http://noscript.net),” Malware Labs says.

“The target of these types of social engineering attacks is the computer user, where infection occurs by the person making an interactive choice. We hope that sports fan watching the games online from their home or office — in addition to having anti-malware protection on their PC's — pay close attention to the types of threats that we anticipate will be prevalent so they have a better understanding of what not to click, download, or respond to,” Browne says.

Share Home
Pro for the price of Plus
BY THE NUMBERS
In the past 12 months, only 27% of teachers taught about the safe use of social networks, only 18% taught about online scams, fraud and social engineering, and only 19% taught about safe passwords.
Source: National Cyber Security Industry Alliance 2010 “The State of K-12 Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey”
TIPS & TACTICS
Concerned about your privacy on Facebook? ReclaimPrivacy.org — dedicated to promote privacy awareness on Facebook and elsewhere — has a simple tool available to help you and your family. Learn more on the ReclaimPrivacy.org website.
WHAT PEOPLE ARE SAYING
“We don't teach children to drive by giving them the keys to the car and expecting them to be 'self-taught'. Similarly, we shouldn't let them sit down at the computer and surf away without training and supervision.”
- StaySafeOnline.Org website
FOLLOW US
Find us on
Facebook
Contact us on
LinkedIn
Follow us on
Twitter
Watch us on
YouTube
SEND TO A FRIEND
Pass on the news, tips and offers in this issue - e-mail Lavasoft News to a friend.
Lavasoft Newsletter

Lavasoft AB Odinsgatan 10, 411 03 Gothenburg, Sweden | www.lavasoft.com | editor@lavasoft.com

Add lavasoft@member.lavasoft.com to your address book to ensure we reach your inbox.

You have received this message because you have registered to get information about Lavasoft and its products. If you would like to update your details or would like to unsubscribe, please click here.

For information on Lavasoft‘s Privacy Policy, please click here.

PLEASE DO NOT REPLY TO THIS MESSAGE. If you require Technical Support, please check the Lavasoft Support Center for information.

Copyright © 2010 Lavasoft AB. All rights reserved.