Expect more malicious World Cup-related spam, warns Symantec

News

Expect more malicious World Cup-related spam, warns Symantec

Warwick Ashford

A quarter of global spam was related to football in the run up to the FIFA World Cup, according to Symantec's June MessageLabs Intelligence report.

Spammers are exploiting the massive wave of excitement and expectation that typically surrounds an event like the World Cup, said Paul Wood, senior analyst at MessageLabs Intelligence.

"Spammers get the attention of their victims by offering products for sale or enticing them to click on a link," he said.

On 2 June, MessageLabs Intelligence intercepted a run of 45 targeted malware e-mails sent to executives and managers at Brazilian companies, according to the report.

The attacks relied on social engineering tactics and World Cup excitement to compromise corporate systems and gain access to corporate information.

The attack used dual attack modes, a PDF attachment and a malicious link, to increase the chances of success.

If the PDF attachment is removed by the anti-virus gateway, the malicious link will remain in the cleaned e-mail, which many e-mail filtering systems would then deliver to the recipient, the report said.

MessageLabs Intelligence also intercepted pharmaceutical spam with a World Cup-related subject line that used obfuscated Javascript in the attachment.

The subject line is designed to pique the recipient's curiosity to open the HTML attachment, the report said.

The obfuscated Javascript within the attachment contains code to redirect the recipient's browser to a different and disguised location.

"Skilled and calculating spammers have gone to great lengths to disguise what the Javascript actually does," said Wood.

"Deceiving recipients into opening a message that contains unrelated content is an approach commonly used with malware. We expect to see more of these attacks as the football tournament continues."


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy