Security experts are warning of several new attempts by cyber criminals to defraud users and steal sensitive information, this time using FIFA World Cup 2010 and ‘soccer’ sports sites to do their dirty work.
Analysts at Symantec Hosted Services warned users yesterday of two new scams. The first is a new strategy taken by 419 scammers whereby they use the ‘Send this page to a friend’ service provided on the ESPN Soccernet site to insert their rambling pleas for money.
“As is the case with webmail, the scammers have been using this technique to add legitimacy to their mails, and hide their identity,” wrote malware data analyst Dan Bleaken.
“It’s likely that spammers are abusing other legitimate websites in a similar way.”
The second is a targeted attack spotted by Symantec analysts which uses the FIFA World Cup 2010 to encourage the recipient to open a malicious PDF attachment.
The targeted email encourages the recipient to open the attachment by pretending it is a “comprehensive and highly informative World Cup Travel Guide” sent from legitimate African Safari organiser, Greenlife.
Symantec Hosted Services warned that opening this attachment, could allow the attacker to steal sensitive information, or “use the victim’s credentials and social engineering to try and access individuals deeper within the organisation”.
The attack makes use of the recently disclosed critical flaw in Adobe Reader, according to the analysts.
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
