World Cup fans are the latest to be targeted by cyber criminals

Jul 11, 2014 by Nik Thompson
We’re most at risk from cyber scams when distracted by events such as the World Cup. Credit: Flickr/Nelson Oliveira, CC BY-NC

As rival football teams have been battling it out in this year's World Cup, cyber criminals have had their eye on a different goal – to cash in on this global distraction at any opportunity.

Among the legitimate marketing campaigns, these cyber criminals have been trying to exploit the public's enthusiasm for the most watched and most profitable sporting event in the world, attracting 400 million views per match.

In the run up to the 2014 FIFA World Cup, as many as 50 fraudulent websites were shut down daily in Brazil alone.

Links to these fraudulent websites are spread by massive spam campaigns sending billions of daily to dupe unwitting fans into opening links which lead to fake ticket websites, cash giveaways and attempts to steal personal data.

Some of these are so convincing that even Brazil's own Ministry of External Relations has been caught out. Hackers even managed to take down the official websites of the Sao Paulo Military Police and the official World Cup 2014 Brazil.

Are you part of the spam scam?

It takes just one momentary lapse in judgement to become a victim of some online scam. Worse still, your computer could be silently taken over, turning you into an unwitting spammer.

Latest figures from the security firm Kaspersky show 69.8% of the world's total email traffic is spam. The public have grown so accustomed to ignoring the problem that few actually understand where spam originates, or realise that they themselves might be spammers.

But how do underground criminals successfully operate a computer network large enough to send out 200 billion email messages per day?Well, this is where you come in.

A botnet (short for robot network) is a collection of thousands of malware (malicious software) infected computers that are under the control of criminals.

Botnets are assigned tasks by the operator, including sending spam, or distributing even more malware to increase the size of the botnet. They are also used for spying, stealing banking details, holding your computer to ransom and more.

A large botnet might contain tens of millions of infected computers, whose owners are entirely oblivious to the situation. Infection spreads via spam campaigns or compromised websites and visitors may become part of the botnet without ever knowing.

An online petition made to look like an official FIFA website but revealed as a phishing scam.

World Cup scams

Scammers are always on the lookout for new tactics to lure in their victims. For instance, right after the Uruguay vs Italy match an online petition appeared for fans to register their support against the disqualification of Uruguayan striker Luis Suarez.

Fans flocked to the website, sharing it with friends and across social media, although the "petition" was in fact yet another scam to harvest personal information.

Upfront payment or money transfer scams are another favourite used by scammers. Often known as "Nigerian Scams", these advise potential victims by email that they are entitled to a large sum of money, but that the victim may need to send personal details or a cash advance to cover "administration costs".

One such scam is doing the rounds informing recipients that they have won UK £3 million from the FIFA World Cup organising committee.

The most striking thing about these emails is that they are usually poorly worded, full of grammatical errors and often look extremely suspicious.A question that springs to mind is why don't the scammers try to be a bit more convincing?

Research from Microsoft on Nigerian scams provides an answer – the scams are deliberately made as obvious as possible so that they entice only the most gullible people to reply.

An email with tales of fabulous amounts of money and West African corruption will strike all but the most gullible as bizarre. It will be recognized and ignored by anyone who has been using the Internet long enough to have seen it several times […] Those who remain are the scammers ideal targets.

Spam botnets make light work of contacting millions of potential victims, but the crooks don't want to waste their time talking to people who are likely to see through the scam.

In the words of the the report's author, Micosoft researcher Cormac Herley: "Anybody who doesn't fall off their chair laughing is exactly who they want to talk to."

It's not all bad

Computer security begins with an appreciation of the risks present in our online environment. Unlike business users who have advice on hand and the benefit of IT support, home users often simply fend for themselves.

Fortunately, resources such as the Australian Government's ScamWatch and Stay Smart Online provide security advice for home users with many other excellent resources just a web search away.

If you suspect that your computer might already have been infected by malware, then free tools from vendors such as Sophos or Kaspersky can find these threats.

A valuable tip is to not rely on one security software to detect everything. Certain tools are better at finding particular threats, so scanning with multiple tools can be beneficial.

The World Cup will soon be over but the scams will continue as the simply find another event or campaign with which to trap the gullible.

So it's wise to heed words of warning from the networking giant Cisco Systems in its 2014 Annual Security Report:

[…] there should be an assumption by all users, perhaps, that nothing in the cyber world can or should be trusted.

Explore further: Cyber thieves blamed for Bitcoin heist: researchers

add to favorites email to friend print save as pdf

Related Stories

'Phishing' scams explode worldwide, researchers shows

Jun 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Microsoft busts spam network

Sep 27, 2011

Microsoft on Tuesday said it struck another blow in its battle against cyber crooks by busting a spam-sending network of virus-infected computers.

Scammers fleece Australians out of $90 mln

Jun 17, 2013

Australians were fleeced out of more than Aus$93 million (US$90 million) last year by scammers, and officials on Monday said they believe it was just the tip of the iceberg.

Recommended for you

Twitter admits to diversity problem in workforce

2 hours ago

(AP)—Twitter acknowledged Wednesday that it has been hiring too many white and Asian men to fill high-paying technology jobs, just like several other major companies in Silicon Valley.

Social Security spent $300M on 'IT boondoggle'

13 hours ago

(AP)—Six years ago the Social Security Administration embarked on an aggressive plan to replace outdated computer systems overwhelmed by a growing flood of disability claims.

Six charged in global e-ticket hacking scheme

14 hours ago

Criminal charges were filed Wednesday against six people in what authorities said was a global cyber-crime ring that created fraudulent e-tickets for major concerts and sporting events.

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

someone11235813
not rated yet Jul 11, 2014
This is just a modern day electronic form of Darwinism which will gradually part fools and their money sending them bankrupt so that they do not have adequate funds to breed.