Cyber-criminals Exploiting 2014 Soccer Fever for Phishing Activities
Kaspersky, the Russia-based provider of cyber-security solutions has warned about cyber-criminals who, while exploiting the public's excitement for the currently played soccer World Cup, recently floated one web-page, which resembles one from the real FIFA site, for executing phishing operations.
It maybe noted that phishing represents Internet fraud wherein crooks set up one bogus replica of some widely accessed website, like a social media channel, an online banking site or an e-mail facility, to entice end-users onto those fake sites so they may unwittingly submit their login credentials.
The security company observed that the cyber-crooks utilized the prohibition, which FIFA issued against contentious Luis Suarez the forward footballer from Uruguay, to carry out their phishing operations. The prohibition on Suarez followed since he bit Giorgio Chiellini the Italian defender.
After mimicking the real FIFA site, the phishing website encourages visitors for approving one petition that will defend Suarez. That will require them for submitting their name, e-mail id, cell-phone number and the country they reside in, says the website.
Nadezhda Demidova, Lab Researcher at Kaspersky elaborated that the phishing site was designed to look like the real FIFA site, while every web-link on it diverted surfers onto fifa.com, the authorized FIFA website. Infosecurity-magazine.com published this, July 8, 2014.
Demidova further elaborated that the details users submitted could help criminals distribute phishing, SMS and junk e-mails along with malware-laden applications. In particular, the cell-phone numbers and e-mail ids collected could help in carrying out targeted assaults against mobile gadgets and computers, while involving bank info-stealing Trojans. That way the two-factor validation applied during Internet-banking could be bypassed, especially if a single use password was transmitted through SMS, Demidova said.
When any victimized user signed the petition, there would be a prompt for him for sending the web-link leading onto the petition to his Facebook friends, so the scam could disseminate further. From one only e-mail phenomenon, phishing had currently become a social media tactic with social networks undermining e-mail like key technique for communicating among acquaintances/friends. According to Demidova, web-links taking end-users onto the petition were observed within other places too. Threatpost.com published this, July 8, 2014.
» SPAMfighter News - 17-07-2014