Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    The upcoming “2010 FIFA World Cup” in South Africa is one of the most highly anticipated events in sports history today. As expected, cybercriminals have been using this event as another means for their endless string of profiteering schemes.

    TrendLabsSM engineers discovered two separate spam runs leveraging the said event. The first spam sample (see Figure 1) had a .DOC file attachment that informs recipients of a supposed new contest called “Final Draw” organized in part by the FIFA Organizing Committee. It also tells the recipient of a US$550,000 prize. To claim this, however, the “winner” must immediately coordinate with the releasing agent via the contact information indicated in the email. The email also asks the recipient to give out personal information.

    Click for larger view Click for larger view

    Another sample (see Figure 2) related to this scam is a poorly written email with an equally poorly worded letter attachment in PDF. This asks recipients to divulge specific information in relation to a fund transfer transaction amounting to a whopping US$10.5 million. Upon agreeing to the proposal, the recipient should supposedly get 30 percent of the said amount.

    Note that this tactic is reminiscent of the infamous 419 or Nigerian scam, which persuaded users to send cash by promising them a large amount of money in return for their cooperation.

    Click for larger view Click for larger view

    A typical 419 or Nigerian scam is a type of fraud wherein victims are promised a sum of money such as lottery prizes, inheritances, etc. in exchange for something minor like giving out information or a small donation via spam (see Figure 3). The letter starts off by (1) introducing the sender from a supposedly reputable organization. It then implores help from the email recipient. The FIFA-themed spam we obtained (see Figure 4) uses the same technique—(2) promising the recipient a sum of money.

    Both scams do not directly ask for cash. Instead, they request for information or for the recipients to (3) coordinate with a fake contact accompanied by a (4) call to action to send in their contact details. Simply put, the cybercriminals behind these scams are malicious users that use the Internet to commit crimes such as identity theft, spamming, phishing, and other types of fraud. In fact, FIFA sternly warned fans of similar online scams such as those featured in the following blog posts:

    Trend Micro is committed to always being a step ahead of internal and external threats to digital information and reputation. As such, Trend Micro™ Smart Protection Network™ protects product users from this kind of attack by blocking the spammed messages even before they reach inboxes via the email reputation service.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • http://2010F.I.F.A.WorldCuoSouthAfrica Terrell Winn

      Here is the same old scam with a bit of a twist. The logos are authentic and seemingly legitimate but the key to discovering the fraudulent act is in the grammar and punctuation of the congrdulatory letter. If this is an official lottery one must ask: would a repetuable organization allow so many spelling, grammar, and puncuation errors in a communique? Doubtful. The other clue to a scam is the obvious; the personal information needed to secure the funds for release. I receive scores of these spam emails and they vary in presentation but are similar in their errors in the letter content red flagging a warning to the unaware and innocent personage ( caveat emptor ). No one gets my ID info but me!

    • Pingback: Spammers Trying to Score Off FIFA World Cup 2010 | Recent Inside()


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice