Phishers Kick Off 2014 FIFA World Cup

Co-Author: Ashish Diwakar

The next FIFA World Cup is scheduled to take place in June 2014 in Brazil and phishers have already taken the opportunity to promote the event. World Cups are a favorite of phishers, as observed in the phishing sites focused on the 2010 FIFA World Cup and the 2011 Cricket World Cup. In September 2012, phishing sites spoofed a popular Brazilian credit and debit card company using the 2014 FIFA World Cup as bait.
 


 

The phishing sites were in Brazilian Portuguese. A number of the phishing sites featured Brazilian footballer Neymar da Silva. Phishers utilized a recently registered domain, hosted on servers based in Brazil, to create the phishing site.
 


 

A message given on the phishing page stated that the company offered $20,000 in prizes and a new car. It also offered zero billing charges on the customer’s card for exclusive trips taken to the 2014 FIFA World Cup in Brazil. Customers were prompted to register for the offer by entering their personal data and credit card details.

The personal data requested included the customer's:

  • Name
  • CPF (a number related to taxes in Brazil)
  • Date of birth
  • Email address
  • Password

The credit card details requested included the customer's:

  • Name on card
  • Card number
  • Card validation
  • Security code
  • Bank name
     


 

After the required information was entered the phishing site acknowledged the registration with the message, “Congratulation, your registration was successfully completed. Record your protocol number for future reference: World Cup-277200662-2014”.

Any subject with a large fan following such as celebrities, movies, television shows, and sporting events are often featured by phishers. These subjects are targeted because phishers believe that a large audience will lead to more duped users. If customers fell victim to the phishing site, phishers would have successfully stolen their information for financial gain.

Internet users are advised to follow best practices to avoid phishing attacks:

  • Do not click on suspicious links in email messages
  • Do not provide any personal information when answering an email
  • Do not enter personal information in a pop-up page or screen
  • Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
  • Update your security software (such as Norton Internet Security 2012) frequently, which protects you from online phishing

Senator Seeks to Graft E-Mail Privacy Onto Netflix-Facebook Bill

Photo: JohnSeb/Flickr

Sen. Patrick Leahy (D-Vermont) is again proposing sweeping digital privacy protections requiring the government, for the first time, to get a probable-cause warrant to obtain e-mail and other content stored in the cloud.

Leahy, the head of the Senate Judiciary Committee, a year ago made the same proposal to amend the 1986 Electronic Communications Privacy Act. Yet Leahy never even got a hearing in the committee he heads. That says a lot.

But fast-forward a year later, and the Vermont lawmaker is at it again. But this time he’s trying to attach the proposal to a legislative package concerning video-rental privacy and Netflix that already has momentum.

Here’s the skinny:

The Video Privacy Protection Act prohibits Netflix customers from allowing their Facebook streams to automatically update so their friends know what movies they are watching. Spotify and other online music streaming customers, however, can consent to the automatic publication on Facebook of the songs they’re listening to.

The reason for the disparity is that the Video Privacy Protection Act outlaws the disclosure of video rentals unless the consumer gives consent, on a rental-by-rental basis. Congress adopted the measure in 1988 after failed Supreme Court nominee Robert Bork’s video rental history was published by the Washington City Paper during confirmation hearings.

The House passed a measure last year limiting the act’s reach to allow Facebookers to have their timelines automatically updated with whatever they’re watching on Netflix.

Now it’s the Senate’s turn to take up the same Netflix-Facebook legislation.

“When Congress first enacted these laws almost three decades ago, e-mail was still a novelty and most Americans viewed movies at home on VHS tapes rented at their local video store,” Leahy said in a statement. “The explosion of cloud computing, social networking sites, video streaming and other new technologies in the years since, require that Congress take action to bring our privacy laws into the digital age.”

Leahy on Thursday introduced his amendment (.pdf) to the Video Privacy Protection Act, and placed it on the Judiciary Committee’s docket for next week.

The amendment would nullify a provision of the 1986 Electronic Communications Privacy Act that allows the government to acquire a suspect’s e-mail or other stored content from an internet service provider without showing probable cause that a crime was committed, as long as the content has been stored on a third-party server for 180 days or more. Currently, the government only needs to show, often via an administrative subpoena, that it has “reasonable grounds to believe” the information would be useful in an investigation.

When enacted, the ECPA provided real privacy. But not as technology advanced and people began storing email on servers indefinitely. And Congress has so far been unwilling to change course, despite the Fourth Amendment being gutted as technology advances.

The act was adopted at a time when e-mail wasn’t stored on servers for a long time, but instead was held there briefly on its way to the recipient’s inbox. E-mail more than six months old was assumed abandoned. And personal cloud storage didn’t really exist in 1986.

Leahy’s measure simply requires the authorities to get a probable-cause warrant from a judge to access electronic information, just like a warrant would be needed to search a house or somebody’s papers and affects. For the most part, the information now can be accessed without judicial oversight.

“I think this is a big deal,” said Chris Calabrese, legislative counsel for the American Civil Liberties Union. “This affects everybody’s e-mail and all communications held in the cloud.

Leahy’s measure is expected to be heard September 20 in the Senate Judiciary Committee. If approved by the committee, the amendment will be included in the revised and Netflix-friendly Video Privacy Protection Act proposal.

Even if approved by the full Senate, the House would also have to approve the Leahy amendment to its Netflix-friendly Video Privacy Act revision it approved last year before it gets sent to President Barack Obama’s desk.

Searches for Stolen iOS data Lead to Malware

On September 3, the AntiSec branch of Anonymous announced their March hack of a Dell Vostro laptop used by an FBI agent. AntiSec discovered a file containing a list of millions of Apple iOS devices, including their Unique Device Identifiers (UDIDs) and personal data for their owners.

The hackers did not publish the file NCFTA_iOS_devices_intel.csv, but another–Rxdzz.txt–assumed to contain a part of their discovery. At the same time, the FBI denied this hack in a brief announcement. On September 10, BlueToad posted a blog to explain the leak came from their servers.

On the Internet, the media widely quoted this unpublished filename, and the file soon appeared on various torrent sites.

As you might have guessed, this file is not the real list but an exe file and, of course, a malware!

Once again, we recommend you take care before downloading an alleged sensational file. Yesterday evening, this file (md5: 0b48ef73c0fb55e0b752aced82601513) was detected by VirusScan as Artemis!16D937DB87E4.

Anonymous’ Barrett Brown Raided by FBI During Online Chat

For the second time this year, self-proclaimed Anonymous spokesman Barrett Brown was raided by the FBI.

The latest dramatic incident occurred late Wednesday evening while Brown and another woman identified by some as his girlfriend were participating in an online chat on TinyChat with other individuals.

Two minutes into the recorded chat session, loud voices could be heard in the background of Brown’s residence in Texas while the woman in the room with him was in front of the computer screen. She quickly closed the computer screen, but the audio continued to capture events in the room as the FBI appeared to strong-arm Brown to put handcuffs on him. Brown could be heard yelling in the background.

A spokeswoman in the Dallas County sherriff’s office confirmed to Wired that Brown was raided last night and was booked into the county jail around 11 p.m. She said the FBI removed him from the jail this morning to take him to a different facility, but she did not know where he was headed.

California attorney Jay Leiderman, a member of Brown’s legal team, told Wired that Brown was scheduled to be arraigned today in Texas on making threats to a federal agent.

Asked if the FBI agents were aware that Brown was online at the time of their raid, Leiderman said, “They problaby would have preferred to raid him when he was not online.” He noted that the audio from the raid was “certainly less than flattering when they’re marching through these doors dropping F-bombs…. I imagine they would not want to have that captured if they could help it.”

A transcript of the TinyChat session has been posted online. Just moments before the arrest, there were jokes about whether one of the chat participants was real or just an animated GIF. Moments later, the chat participants faced a different conundrum: trying to figure out whether they’d just witnessed an FBI raid.

A voice that appeared to come from one of the arresting agents was heard saying something to the effect: “You’re going down! Get your hands down!”

Right as the noise began, another participant in the chat room showed up in a video window with a white handkerchief covering his lower face. “Is Barrett Browm getting fuckin’ raided by the FBI?” he appeared to say. “Holy shit!”

Brown’s latest raid came after he posted a long and rambling YouTube video in which he talked about taking drugs (though not today, he noted) and about retaliating against an FBI Agent named Robert Smith after he learned that his mother might be hit with obstruction of justice charges. The threat of charges was apparently related to a laptop of Brown’s that he apparently hid.

“So that’s why Robert Smith’s life is over,” Brown said in the video (beginning around minute 9:40). “When I say his life is over, I’m not saying I’m going to kill him, but I am going to ruin his life and look into his fucking kids. Because Aaron Barr did the same thing and he didn’t get raided for it. How do you like them apples?” he said, smiling.

The video, titled “Why I’m Going to Destroy FBI Agent Robert Smith Part Three: Revenge of the Lithe” was accompanied by a note apparently posted by Brown that reads: “Send all info on Agent Robert Smith to [email protected] so FBI can watch me look up his kids. It’s all legal, folks, Palantir chief counsel Matt Long already signed off on it when Themis planned worse.”

Brown also talked about being a target of the Zeta drug cartel and mentioned that he was heavily armed and was concerned that the cartel would come after him posed as federal officers.

“Any armed official of the U.S. government, particularly the FBI, will be regarded as potential Zeta assassin squads,” he said in the video. “As FBI knows … they know that I’m armed and I come from a military family and I was taught to shoot by a Vietnam veteran … and I will shoot all of them and kill them if they come and do anything…. I have reason to fear for my life.”

He signed off the video saying: “Frankly, it was pretty obvious I was going to be dead before I was 40 or so, so I wouldn’t mind going out with two FBI sidearms like a fucking Egyptian pharaoh. Adios.”

Asked about Brown’s comments, Leiderman said that he hadn’t seen the full video and wasn’t aware of everything Brown had said, but he noted that his client had a reputation for hyperbole and joking around, and that things he said might appear to be a threat when they weren’t really intended to be that way.

“It’s hard to understand the context [of what he said], Leiderman said. “But this is speech, so ordinarily we go to a First Amendment defense, but obviously there are lines that can be crossed where you can lose your First Amendment protection.”

An FBI spokeswoman had no comment to make on Brown’s arrest.