As cricket crazy fans wait for their favourite sporting event – the cricket World Cup 2011 – cybercriminals are preparing their wicket to make money off innocent Indians. Cyber criminals are customizing their tricks with cricket-related offers to lure victims into parting with their money and personal information, a report from Symantec states.
With cricket stadiums around the subcontinent running full and tickets for most matches selling like hot cakes, many fans are looking for other alternatives to experience the matches live and this fact is being taken advantage of by the cyber criminals.
One scam detected involves a message inviting users to attend the final game of the World Cup 2011 in Mumbai. The invite offers multiple executive club facilities like a private table, a gourmet champagne brunch, and many more, for 10 guests. This may sound like an attractive deal; however, it is simply bait for cricket fans keen experience the thrill of the World Cup Final.
Below are some examples of the spam messages:
Subject: 2011 Cricket World Cup Final
Subject: Experience Cricket World Cup Final
In the past, it has been observed that spam and phishing attacks targeting cricket events such as the Indian Premier League and T20 World Cup. The countdown to the biggest cricketing spectacle has begun and it is expected that more sophisticated spam and phishing attacks related to the World Cup will be witnessed. It’s possible that during the course of the tournament, spam attacks will contain attachments that intend to distribute malware using fake video files purportedly showing highlights of the games.
Although World Cup tickets are in high demand, the supply should always be from a legitimate source. Users are advised to refrain from clicking on such mails and opening attachments unless they are from authorized or official sources. The offers like these entice users to join the 2011 World Cup games where Spammer is the only winner.
It has been further observed that phishing attacks offering tickets to the World Cup as early as July 2010. One phishing site spoofed a legitimate social networking site, claiming that entering login details would give users a chance to obtain free tickets. In the run-up to the actual event, expect cybercriminals to employ sneakier and more deceitful methods to steal your money, your identity and reputation – from phony emails and fraudulent websites to malicious email attachments and online ads.
Guidelines against cyber crime
Don’t respond to emails that offers you attractive and free deals, unless you are confident that the offer is from an authentic source and well-known brand
Never respond to emails that announce prizes you supposedly won in sweepstakes and other competitions you never participated in
Never give out your personal information and bank account credentials in response to any mail
Don’t open suspicious emails or attachments
Use an up-to-date security solution, legitimate and paid security solution such as Norton Internet Security 2011, which contains the latest reputation technology
Do not click on suspicious links in email messages.
Type the domain name of your brand’s website directly into your browser’s address bar rather than following any link.