Lavasoft warned computer users to be aware of stealthy online traps set by cybercriminals to leverage public interest surrounding the 2010 FIFA World Cup – and issued advice to follow to make sure people enjoy the month-long tournament without becoming the target or victim of an attack.
The World Cup, which begins in only one week and lasts throughout mid July, is known to be the most widely-viewed sporting event in the world. Events that draw such pervasive and ongoing public interest will, without a doubt, be used to propagate socially-engineered crimes – where users are manipulated into performing certain actions or disclosing confidential information.
Lavasoft analysts anticipate that the following five online security risks will be most prevalent leading up to and during the World Cup – and offers specific steps to take to avoid becoming a victim.
1. Spam with malicious attachments. Be wary of unsolicited World Cup-related messages with an attachment, particularly if the attached file is a PDF. One of the latest PDF attacks took advantage of an Adobe Reader vulnerability that was recently patched. Check that all applications and programs are patched and up-to-date. Turn on Windows automatic updates and make sure to have the latest security patches from Microsoft installed.
2. Targeted phishing ploys. Malware Labs expects to see a deluge of the following themes in World Cup-related phishing messages: refunds, tickets sales and lotteries, accommodations, travel, and team merchandise. If you receive an unsolicited message, delete it without opening.
3. SEO poisoning. Cyber scammers will likely poison search engine results using World Cup-related headlines and videos to lead to malicious sites in an attempt to push rogue (fake) security software and other types of malware. Check all URLs carefully before clicking on them, and be especially mindful of only using trusted sites during this time.
4. Application downloads. With so many viewers planning to watch the games online, malware purveyors are sure to capitalize on ways to infect users looking to download media players. Vet any applications that allow you to stream World Cup content.
5. Legitimate sites serving malware. Malicious code can be hacked into vulnerable, legitimate websites in order to infect users. Legitimate World Cup-related sites will be attractive targets for cybercriminals. Make sure that you have core protection on your PC (anti-virus, anti-spyware, and firewall). Consider using an alternate browser, like Google Chrome or Mozilla Firefox, rather than Internet Explorer. If you use Firefox, install the NoScript plug-in for Firefox to intercept potentially malicious scripts.