Check Point has identified a phishing campaign linked to the start of the FIFA World Cup where cyber-criminals attempt to lure would-be victims into downloading a schedule of fixtures and a result tracker. When opened, the attachment uses a malware variant called ‘DownloaderGuide,’ a known downloader of potentially unwanted programs (PUPs) that is most commonly used as an installer for applications such as toolbars, adware or system optimizers. IT security experts commented below.
Tim Helming, Director Of Product Management at DomainTools:
“There is no limit to the creativity cybercriminals will employ to further their malicious aims. The World Cup wall planner, which has been a staple of competitions in the UK for years, is yet another pitch perfect campaign; it aims to exploit the passions of the general population in order to spread this malware, potentially including adware, which downloads unwanted applications onto devices. This could pose a risk to both individuals and organizations, as employees may be tempted to think that no harm can possibly come of downloading a World Cup wall planner onto a work network! This serves as simply the latest reminder that people should be 100% sure of the authenticity of any link before clicking on or downloading anything.”
Andy Norton, Director of Threat Intelligence at Lastline:
“83% of cybersecurity professionals believe that the FIFA World Cup does not pose a risk to their organization. According to a recent survey conducted at Infosecurity Europe, this malspam campaign ma be validation of that lack of concern. Installing a World Cupscheduler on a corporate device is an unlikely occurrence, as is allowing a well known PUP like downloader guide to escape anti-malware checks.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.