/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsMUMBAI, INDIA: Football fans in Asia have it hard during the 2010 World Cup tournament — late night telecasts of the matches occurring in Africa are keeping viewers awake well into the night and sleep deprivation is every football fan’s worst enemy. Cybercriminals too are keeping late nights but for different reasons altogether.
Watch out when 25 per cent of global spam is related to football keywords. MessageLabs Intelligence has found that in the build-up to the FIFA World Cup, the percentage of spam related to football and soccer keywords since March 2010, has contributed to almost 25 percent of all global spam. Spammers tend to re-send the same spam campaigns but mask the spam attempt by including the latest news headlines either in subject line or somewhere in the body to grab the recipient’s attention. This method also increases the chances of the message being opened.
“Right now, spammers are reliant on the massive wave of excitement and expectation that typically surrounds an event like the FIFA World Cup,” said MessageLabs Intelligence Senior Analyst, Paul Wood.
Much of the spam intercepted by MessageLabs Intelligence recently had football related subjects with a random word at the end of each subject. Most of the subjects were in fact headlines copied off numerous news sites. Usually the emails contain an image which links to well-known pharmaceutical spam advertising drugs such as Viagra and Cialis. These spam emails usually lead to a website that allows users to purchase these drugs without a prescription. The Cutwail botnet, has been found to be responsible for sending the largest amount of spam; it sends up to 3.8 million spam emails globally every minute, using 490-730 thousand infected PCs or bots.
Talking of Asia Spam and Virus Rates, Singapore’s virus rate in June decreased from 1 in 464.7 emails to 1 in 744.5 emails. Singapore’s spam rates only decreased marginally. In Asia, Hong Kong had the highest spam rates at 91.0 per cent with Malaysia having the highest virus rates (1 in 554.2).
Symantec Corp. today announced the publication of its June 2010 MessageLabs Intelligence Report. Analysis reveals that the percentage of spam related to football and soccer keywords since March 2010 has approached 25 percent of all global spam in the build-up to the FIFA World Cup. The FIFA World Cup is the latest newsworthy world event to be exploited in this way.
“Right now, spammers are reliant on the massive wave of excitement and expectation that typically surrounds an event like the FIFA World Cup,” said MessageLabs Intelligence Senior Analyst, Paul Wood. “Riding this wave, spammers get the attention of their victims by offering products for sale or enticing them to click on a link. It is not uncommon for the event to appear in the subject line of an email but for the body of the same email to be completely unrelated.”
Earlier this month, MessageLabs Intelligence reported on additional FIFA World Cup-related attacks. Beginning on June 2, MessageLabs Intelligence intercepted a run of 45 targeted malware emails en route to executives and managers at Brazilian companies, including those in the chemical, manufacturing and finance sectors. These attacks were designed to rely on social engineering tactics and World Cup excitement to compromise corporate systems and gain access to corporate information via the recipients.
The attack used dual attack modes — a PDF attachment and a malicious link — to increase the chances of success reasoning that if the PDF attachment is removed by the anti-virus gateway, the malicious link will remain in the cleaned email which many email filtering systems would then deliver to the recipient.
Also in June, MessageLabs Intelligence intercepted pharmaceutical spam using obfuscated JavaScript in the attachment. The World Cup-related subject line is designed to pique the recipient’s curiosity driving them to open the html attachment. The obfuscated JavaScript within the attachment contains code to redirect the recipient's browser to a different and disguised location.
“Skilled and calculating spammers have gone to great lengths to disguise what the JavaScript actually does,” Wood said. “Deceiving recipients into opening a message that contains unrelated content is an approach commonly used with malware. We expect to see more of these attacks as the football tournament continues.”