Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    July 2012
    S M T W T F S
    « Jun   Aug »
  • Email Subscription

  • About Us

    Archive for July 25th, 2012

    The much-anticipated 2012 London Olympics is set to kick off this Friday.

    As the event draws nearer, we expect to see online attacks riding on different Olympics-related activities. Sure enough, we saw this interesting Facebook wall post regarding the said event:

    The site, hosted on the domain liveolympictickets(dot)com, appears to offer tickets for sale. Moreover, the site uses the colors and look and feel of the official site:

    Exploring the site, I found that clicking on the blue tab Olympic Tickets – Buy Tickets for the London 2012 Olympics leads to other pages within the site that mimics normal online transaction pages, such as details about the items to be purchased. In this case, if the user proceeds with the transaction, he/she can choose which games to watch:

    However, towards the end, the user is asked for their personal details:

    After this, the site asks the user to continue with the payment by entering credit card details or choosing another payment method:

    The final page shows that the user’s order has been “confirmed.”

    We checked the official website of the London Olympics, where it was possible to check if the ticket vendor was legitimate. However, the site was not recognized and therefore unauthorized to sell tickets. The rest of our investigation shows that it is indeed a phishing page set up to capture user information.

    Additionally, we also saw a lot of newly created domains related to this event that included keywords like “2012 london summer games,” “2012 olympic ticket,” “britain olympics 2012,” “olympic 2012 ticket” and other variations thereof.

    We already block all malicious URLs involved via the Web Reputation Service; therefore Trend Micro customers are now protected via Trend Micro Smart Protection Network.

    For complete information on the latest Olympic-themed threats—including quizzes and safety guides, you can visit Race to Security, the Trend Micro security guide to major sporting events such as the Olympics, by clicking the banner below:

    Related posts:

    Posted in Bad Sites, Social | Comments Off on Bogus London Olympics 2012 Ticket Site Spotted

    Over time, attackers continuously update their tactics to respond to security experts’ countermeasures. In a constant game of cat and mouse, attackers shifted tactics using several notable tools and techniques alongside the usual. The security roundup for the second quarter presents key highlights and developing trends in the security landscape.

    Trend Micro research in the second quarter shows that attackers carefully selected their targets albeit sticking to time-tested tactics and going after the same end goals. The bad guys moved away from launching large-scale attacks and instead focused on more specific and somewhat “personal” targets.

    The security roundup brings to light various threats Trend Micro encountered in the second quarter. Using more advanced tools like automatic transfer systems (ATSs)—the latest addition to widely used cybercrime toolkits—attackers streamlined their list of targets to only online banking customers in countries like Germany, the United Kingdom, and Italy.

    Carefully choosing targets was also evidenced by Trend Micro research findings on advanced persistent threat (APT) campaigns like IXESHE. Trend Micro also protected small and medium-sized businesses (SMBs) against more than 142 million threats in the first half of 2012 alone. Android malware like fake spying tool apps continue to increase in number due most likely to the continued rise in the OS’s popularity for more than 400 million active Android-based devices. Lastly, true to the quarter’s theme, Pinterest took the spotlight as its users were lured to take part in several survey scams due to its steady rise in popularity.

    To take a closer look at the security landscape in the second quarter, read our comprehensive report, “It’s Big Business… and It’s Getting Personal.”

    Posted in Bad Sites, Malware | Comments Off on Attacks Get Personal in Q2


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice