The World Cup is just around the corner, but hackers and scammers aren’t waiting for the games to begin. They’re playing their own games; more accurately, they’re playing the people looking for the real games.
Social engineers are using the hype surrounding one of the world’s largest sporting events to trick thousands of unsuspecting people. Their tools of choice? Phishing scams, spoofed websites, fake giveaways, malware, you name it. We’ll be taking a look at some of the most devious and dangerous scams so far, and we’ll give you some advice to stay safe this World Cup.
Follow the birdie
Avid EA fans may have received tweets from @EASP0RTSF1IFA (note the use of the numbers 0 and 1), which posed as the legitimate @EASPORTSFIFA. This fake account attempted to get fans to click on bitly links in order to claim an apology package for alleged Web site downtime. The links directed victims to spoofs of EA’s Web site and prompted them to log in with their EA email, password, and security question.
The fake account has since been suspended, but it generated at least 500 link clicks before it was shut down.
Free tickets and cash with purchase of malware
Unsurprisingly, phishers immediately seized the opportunity to send World Cup scams to millions of people. The exact enticement varies from phish to phish; some offer a free ticket to the opening game, others offer lottery prizes, and still others offer expenses paid vacations straight to the World Cup. Often, these scams come with downloadable .zip or .exe attachments that install malware like the DarkComet remote administration tool or digitally-signed banking Trojans.
One of the most notable scams claimed to award recipients three million pounds sterling and two tickets to watch the opening and final matches. Of course, claiming these “prizes” means providing your full name, city, country, cell number, age, sex, email, and occupation.
Additionally, scammers are using easy-to-obtain SSL certificates and consumer information from compromised databases to launch surprisingly realistic-looking phishing scams.
“There’s an app for that”
Even the app stores aren’t safe. Many computer and information security giants like Avast and Kapersky have been scanning the World Cup 2014 app releases for suspicious activity. Several apps are either information gatherers or points of entry for malware.
PC Mag notes in a short article that even “trusted” developers like Top Game Kingdom LLS are under scrutiny. The app “FIFA 2014 Free — World Cup” requests access to information it shouldn’t realistically need.
Players inducted into McAfee Red Card Club
Hackers have been busily stealing and spoofing the Web sites of popular World Cup-bound players to deliver malware to visitors’ devices. McAfee has been running experimental searches to determine the risk of infection from soccer (or football, if you prefer) players’ pages, and they put together a ranked list of the most dangerous searches.
Now that you’re sufficiently scared, what do you do to stay safe? Well, Fabio Assolini of Kapersky Labs has published a few articles about phishing and malware, and about the general threats so far. We at UD have some of our own tips:
- Don’t trust third-party or unverifiable sites. Many of these sites claim to be fan pages or news sources, but they might not tell you about their special deal on malware. In particular,
- If you intend to stream the World Cup, don’t just search for random streaming sites. ESPN will be running a live stream on its own website, which is safe to use.
- Don’t automatically trust https:// sites. One of the most disconcerting facts about World Cup scams is that fraudsters are now obtaining SSL certificates in order to trick even careful netizens.
- Check the URL. Many spoof sites are replicating the appearance and URLs of legitimate sites in order to deliver malware or harvest personal information.
- Check the permissions of apps. Fraudulent or suspicious World Cup apps either install malware, harvest your personal information, or request access to parts of your system they have no legitimate need to access.
- Update your system and install antivirus software. It’s an old piece of advice in the computer security world, but it’s perfectly reasonable and sensible.