Football season is definitely upon us as football fanatics worldwide are all set to cheer for their teams and to proudly display their colours.
Even the players are intensifying their training and solidifying their strategies. With just days left before the highly anticipated opening of the “Fédération Internationale de Football Association (FIFA) 2010 World Cup,” the world can expect that even cybercriminals will step up their game.
Cybercriminals have long been leveraging sports events for their profiteering schemes. The list of such attacks include those related to the “2008 European Soccer Championships”; the Pacquiao-Clottey boxing match; the “2010 Vancouver Winter Olympics”; and the upcoming “2012 London Olympics,” spam for which made the inbox rounds four years before the actual event is even set to take place.
Riding on the popularity of sports events is a tried-and-tested technique that cybercriminals continue to use even now. The “2010 FIFA World Cup” is no exception. In January 2009, an early 2010 FIFA spam tried to trick recipients into believing they won an online sweepstakes draw. More recently, TrendLabsSM engineers encountered two separate spam runs leveraging the upcoming “2010 FIFA World Cup.”
The first spam sample instructed users to open and view a .DOC file attachment to learn more about the supposed FIFA-organised “Final Draw” contest’s prizes. The second spam sample arrived with a .PDF file attachment, a poorly worded letter asking the recipients to divulge specific information in relation to a supposed fund transfer transaction worth $10.5 million.
Over the years, spammers have been refining their techniques and been resorting to a variety of social engineering tactics in order to trick users into clicking malicious links or into downloading malicious files. The most popular spamming techniques include sending out medical or pharmaceutical ads, holiday-related messages, bogus email notifications, and messages leveraging timely newsworthy events. Despite ever-evolving tactics, however, spammed messages exist for one reason alone, that is, to further cybercriminals’ malicious schemes. The arrival of spammed messages in users’ inboxes alongside legitimate email messages increases the probability that the recipients would open even the malicious mail. Furthermore, the varying techniques spammers use to create malicious messages is an added challenge to users and security experts alike when classifying messages.
Trend Micro Smart Protection Network infrastructure delivers security that is smarter than conventional approaches. Leveraged across Trend Micro’s solutions and services, Smart Protection Network combines in-the-cloud reputation technologies with patent-pending threat correlation technology to immediately and automatically protect your information wherever you connect. In this attack, Smart Protection Network’s email reputation technology blocks all emails related to the spam runs.