Check Point Software Technologies recently reported a phishing campaign where individuals are prompted to download a schedule of games and a results tracker. However, the unsuspecting user would actually download a malware variant called ‘DownloaderGuide’, a known downloader of potentially unwanted programs (PUPs) such as toolbars and adware. The campaign was first reported late May, peaking in June, however, it has recently faced a resurgence as the tournament starts.
Check Point Threat Intelligence Group Manager Maya Horowitz says:
“Events that attract huge amounts of popular interest are seen by cyber-criminals as a golden opportunity to launch new campaigns… With so much anticipation and hype around the World Cup, cyber-criminals are banking on employees being less vigilant in opening unsolicited emails and attachments. As such, it is critical that organizations take steps to remind their employees of security best practices to help prevent these attacks being successful.”
A similar phishing attack was seen earlier this year during the Winter Olympics in PyeongChang. McAfee Advanced Threat Research reported that a document was sent around with the file name ‘Organized by Ministry of Agriculture and Forestry and PyeongChang Winter Olymocs.doc’
The attackers cast a wide net with this phishing attempt, by contacting many organizations that had a supporting role with the Olympics. Once opened, the document would request the user to enable macros which would launch the PowerShell script and infect the device.
In conclusion, it is important to stay vigilant during global event as hackers often try to take advantage of individuals during this time. Best phishing practices and other stories about phishing can be found in our other blogs,
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions, want to learn more about our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.