Cyber criminals are known as opportunists. They will take advantage of anything newsworthy and craft their schemes around (for example) sporting events like FIFA and the Olympics. As the London 2012 Olympics opening event draws near, Trend Micro Researchers have spotted some spammed messages using the 2012 Olympics as bait, one involved an email that says “winning notification”, another message asks for personal details in exchange for a prize, and another that asks users to notify a specific contact person. Users who fall for any of these traps are at risk of having their information stolen or their machines infected with malware. Some spam may even lead to monetary loss.
Prize, Free Tickets in Exchange for Your Information
The first Olympic-related spam that has been seen is an email that asks for personal information. For users to willingly give these details, the message informs recipients that they won free tickets. However to claim their prizes, users must divulge personal information such as home address/location, marital status, and even occupation. The message also stretches the truth further by informing users they won a big amount of cash prize.
The scammers behind this spam may use the gathered information in their future malicious schemes. They may also sell data to other cybercriminal groups.
Amit Nath Country Manager India and SAARC Trend Micro stated that, attackers are still using these because these scams are still giving them successful margins. Social engineering has worked for years and there are little signs of that changing.
Malware Disguised as Prize Notification
Trend Micro Researchers have also encountered several messages supposedly related to London Olympics 2012 that arrive with attachments disguised as “winning notifications” and contain the details of the prize. Curious users who download and open the attachments are actually executing malicious files.
In a different spam run, researchers noticed a message with an attached file that is actually a Trojan (detected as TROJ_ARTIEF.ZIGS) that exploits RTF Stack Buffer Overflow Vulnerability (CVE-2010-3333). Once exploit is successful, the malware drops the backdoor BKDR_CYSXL.A. Based on our analysis, this backdoor connects to remote user who may perform commands onto the infected system. What’s more alarming is that systems infected with backdoors are vulnerable to other threats, which may include malware that steal online banking credentials (passwords, usernames etc.).
Spam Asking Users to Contact Specific People
The third type of spam may look legitimate at first. To look authentic, the messages may spoof well-known entities like Visa and contain contact details of a supposed coordinator or contact person affiliated with the fake promo.
In the message, recipients are instructed to contact the supposed “coordinator” indicated in these messages. Once users send replies to the addresses, they will receive a reply from the scammer with instructions on how to claim their prizes. Eventually, users would be asked to disclose personal information. The scammers behind this threat may ask users for account details or deposit money to specific bank accounts, in order to get their prize.
Why These Spam Remain
These types of scams are nothing new. Some of its previous incarnations include spam claiming to be associated with the Beijing Olympics 2008 and the Torino Winter Games. So why is this still a threat to users? Cybercriminals are still earning money from this threat.
SapphireIMS, one of the leading providers of end-to-end IT Service Management solution, has recorded 90% CAGR and looks forward to maintain the same in the current financial year. Major businesses hav...
According to a latest source, WatchGuard is excited to announce the general release of Fireware XTM v11.6.3 and WatchGuard System Manager v11.6.3. This release demonstrates our continuing commitment t...
According to latest update, ASUS Technology announced the launch of its fifth exclusive retail store in Burdwan, West Bengal. The outlet will feature the entire range of Notebooks and Netbooks that ha...
Cisco has announced the recipients of its Smart Service Awards at theCisco Partner-Led Network Conference in Bangkok. The awards recognize business partners and customers for exceptionally forward-thi...
With rapid growth and phenomenal expansion plans underway, AppsDaily Solutions Private Limited, market leaders in the retail space for mobile applications have brought on board Peshwa Acharya, erstwhi...
Information provided on this page has been independently obtained from sources believed to be reliable. However, such information may include inaccuracies, errors or omissions.ITVoir.com, and its affiliates, information providers or content providers, shall have no liability to you or third parties for the accuracy, completeness, timeliness or correct sequencing of information available on this page, or for any decision made or action taken by you in reliance upon such information, or for the delay or interruption of such information. ITVoir.com,its affiliates, information providers and content providers shall have no liability for investment decisions or other actions taken or made by you based on the information provided.