Posted on behalf of Nicholas Johnston, Senior Software Engineer, Symantec Hosted Services
This year's soccer FIFA World Cup in South Africa, enjoyed by millions, was also used by both 419/advance fee fraud scammers and malware authors to lure unsuspecting victims into handing over money or installing malware. World Cup interest has been briefly re-ignited by FIFA's recent announcement of the host nations for the 2018 and 2022 tournaments.
However, the host for the 2014 tournament, Brazil, had already been decided. Even though the tournament is over 1,200 days away and many of the stadiums are that will be used to stage matches are being redeveloped, 419/advance fee fraud lottery scams have already started using this event to try to trick victims into handing over money to claim fake lottery winnings.
MessageLabs Intelligence recently saw two examples of this. Both contain attachments claiming that the recipient has won a fake lottery supposedly connected with the tournament. The email body of the first sample doesn't mention the 2014 World Cup. It is only mentioned briefly in the attached image, which does also feature the tournament's logo as a watermark:
The attachment in the second sample features the tournament's logo prominently, and claims that the recipient has won $1.2 Million:
Although these messages, like most 419/advance fee fraud scams, are sent in low volumes, there are many variations, and are a nuisance. The second sample was blocked automatically for a wide variety of recipients.
It will be interesting to see how 419/advance fee fraud scams continue to take advantage of this and other high-profile events.