Check Point Software Technologies Ltd., a leading provider of
cybersecurity solutions globally, has identified a phishing campaign linked to
the start of the FIFA World Cup where cyber-criminals attempt to lure would-be
victims into downloading a schedule of fixtures and a result tracker.
When opened, the attachment uses a malware variant called
‘DownloaderGuide,' a known downloader of potentially unwanted programs (PUPs)
that is most commonly used as an installer for applications such as toolbars,
adware or system optimizers. Check Point researchers have found that in
total the campaign includes nine different executable files, all of which were
sent in emails using the subject:
"World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager."
The campaign was first identified on May 30 2018, peaking on
June 5, however during the past week it has gained new momentum with new
instances emerging as the competition starts.
"Events that attract huge amounts of popular interest are
seen by cyber-criminals as a golden opportunity to launch new campaigns," said
Check Point's Threat Intelligence Group Manager, Maya Horowitz. "With so much
anticipation and hype around the World Cup, cyber-criminals are banking on
employees being less vigilant in opening unsolicited emails and
attachments. As such, it is critical that organizations take steps to
remind their employees of security best practices to help prevent these attacks
being successful.
"In addition to this, organizations should also take steps to
ensure that phishing campaigns don't reach inboxes in the first place. This
should include employing a multi-layered cybersecurity strategy that protects
against both established malware families' cyber-attacks and brand new threats
and prevents it from spreading across the network in the result of the initial
campaign being successful."
With Check Point anticipating a further range of online scams
and phishing attacks during the month-long tournament, it has also issued
the following guidance for individuals to protect themselves from cyber threats
during the 2018 FIFA World Cup:
- Keep software updated - Ensure that your PC or device's operating system, security
software, apps and web browsers are all updated with the latest versions
as this will form an effective defense against malware, viruses and other
online threats.
- Beware of fake websites - At previous large public events, cyber-criminals have
created fake websites and domains, covering everything from merchandising
to news and live streaming, which appear to be official but can be used to
deliver malware to, or capture sensitive information from unsuspecting
visitors.
- Beware of emails from unknown
senders - Cyber-criminals will likely send a variety
of phishing emails during the tournament, offering a range of free offers
or entries into draws for match tickets. This could be in the form of
hyperlinks or attachments that will either download malware onto machines
or attempt to steal your personal data. It is best to avoid opening
emails or attachments from an unrecognized sender.
- Beware of public
Wi-Fi hotspots - With matches taking place throughout the day, many will be tempted to
use public Wi-Fi hotspots to watch games on mobile devices. However, insecure
hotspots are easy targets for hackers to compromise and intercept personal data
such as emails and passwords, or plant malware on mobile devices.