Goal! Spam Campaigns Capitalize on the World Cup Craze
** This blog post was written with IBM X-Force researcher Dirk Harz **
When it comes to online fraud lures, scammers and spammers
gear up to send massive campaigns of malicious email messages to recipients who
may or may not open them. To increase their chances, ne’er-do-wells ride the
tides of current news and events — and global sporting events are opportunities
not to be missed.
Like the Olympic games in 2016, the 2018 World Cup attracts
a lot of attention from fans, travelers, vendors and advertisers. This makes it
an especially risky time to open unsolicited emails or click suspicious online
advertisements.
IBM X-Force research maps spam campaigns and trends that
emerge from billions of unsolicited email messages sent worldwide. Trending
World Cup buzz did not leave our spam traps empty — and IBM X-Force identified
several ongoing spam campaigns tied to the World Cup. Many of these campaigns
also used branding from major sponsors to increase the credibility of their
fake messages.
Let’s look at are some examples of malicious emails worth a
double-delete.
Congratulations, You’ve Been Phished!
A staple of online scams, phishing attacks are part of every
fraudster’s arsenal, designed to rob email recipients of their account
credentials, payment card data and actual payments.
X-Force is seeing a popular scheme leveraging the World Cup
theme that attempts to convince email recipients that they have won a lottery.
In one example, our researchers examined a congratulatory message for a fake
lottery win that aimed to lure recipients to a phishing page that prompts the
victim for his or her financial information to prepay a fee to receive the
prize money. The victim will clearly not receive anything, and the fraudsters
will simply make off with the money.
To lend credibility to the scam, the email features the
logos of a major sponsor, leading potential victims to believe they are the
winners of $1 million.
Want to see some of the real examples we captured in our spam traps? Check out the original posting here.
One of the best blogs to learn about cyber security I've come across. I really appreciate the author's efforts in writing these educational articles. Keep sharing your valuable knowledge. Great blog, looking forward to learn more. Cyber security consultant
ReplyDelete