By Dan Bleaken, Senior Malware Analyst, Symantec Hosted Services
As we approach the semi-final stage of the 2010 World Cup, Symantec’s MessageLabs Intelligence has recorded a great variety of online threats relating to the event.
We’ve seen 419-style scams, including e-mails offering tickets to games; fake accommodation providers; offers of contracts to supply clothing and boots; offers of free mobile phones; scams looking for companies to provide additional electricity/power for the World Cup; and more.
All the above are designed to ultimately obtain the recipient’s personal details, and/or money by means of deception and fraud.
Worryingly, as demand for tickets for the final matches skyrockets, Symantec Hosted Services has identified fake World Cup tickets advertised for sale on well known auction websites, as well as advertisements offering “tickets” that are unlikely to give the buyer access to any games.
In addition, we’ve seen a huge volume of spam that contains World Cup-related content, but actually has no relevance to the event at all. A common example is a spam e-mail advertising male enhancement products, which contains randomised subject lines relating to football.
Spammers are known to automatically lift text from hundreds of websites (including news sites) and spray random lines of this text into their messages. By doing this they attempt to make each message unique and confuse some of the more basic spam detection techniques.
Most concerning of all perhaps is the significant increase in targeted attacks. Probably the most damaging type of Internet threat, a targeted attack takes place via e-mail and is designed to target a specific individual or organisation. (For more information check out Targeted Attacks).
All the above are very common during global events of the magnitude of the World Cup. Football fans should remain on the lookout for scams and keep their security software updated. Remember, if something appears to be too good to be true, it probably is.