Phishing with Wimbledon tickets
Today I came across a phishing mail that is tied to the current Wimbledon Tennis Championships that are taking place. The scammer informs their potential victim that they have won two tickets to this year’s Wimbledon Championships, and all they need to do is login to their online banking account and complete the required fields. Of course in reality there is no free tickets to Wimbledon and the recipient will end up being a victim of fraud where the scammer will empty their bank account.
A quick glance at the email confirms the suspicious nature of this due to the poor grammar in the body of the mail. Even the subject contains a grammatical error – “Your way to Wimbledon , claim your tickets now!” The mail displays a link to a well known worldwide banking corporation, but the link hidden behind this in the source of the mail shows that the phishing link is located on a hosting site in Russia.
At this current time the phishing website is still up, but all of Symantec.cloud client’s will be protected against this phishing mail. Having visited the link the phishing site asks the user to confirm all of their online banking details which bank’s will never ask for! After the scammers have harvested the victims account details the phishing site then redirects to the home page of the legitimate bank’s website.