Football Phishing Fever Continues

Contributor: Avdhoot Patil

Several phishing attacks using football have been observed during 2012. Phishers have shown their interest in football clubs, football celebrities, and the 2014 FIFA World Cup. In November 2012, the trend continued with phishers spoofing the 2014 FIFA World Cup in Brazilian Portuguese on a free web hosting site.

In one example, a phishing site prompted users to sign up for a  daily offer to win prizes worth hundreds of dollars, including trips to the World Cup. The phishing page featured the World Cup mascot Fuleco on the right hand side. While signing up for the offer, the user is asked to select from three Brazilian electronic payment brands. After the brand is selected, the phishing site requests the user’s confidential information.

The information required includes the user's:

  • Card number
  • Electronic signature
  • Card holder name
  • Password
  • Email address
  • Email password

After the information is entered, the phishing site acknowledges the registration and provides the user with a lucky number, “L2Y7DQ852”, that is allegedly required when a user wins a prize.

Figure 1. Electronic payment brand choice

Figure 2. Confidential information request

Figure 3. Information acknowledgement

In the second example, a phishing site spoofing a Brazilian credit and debit card operator prompted users to sign up for a similar offer. The phishing site featured popular footballer Neymar da Silva. The offer stated that users would get a lucky number for every $30 purchase on their card. The lucky number is then drawn for a daily sweepstakes prize. In order to sign up, users are asked to enter their personal information.

The information required includes the user's:

  • Name
  • CPF (a number related to taxes in Brazil)
  • Phone number
  • City
  • Father’s name

If users fall victim to the phishing sites, phishers would have successfully stolen the information for financial gain.

Figure 4. User information request

Internet users are advised to follow best practices to avoid phishing attacks:

  • Do not click on suspicious links in email messages
  • Do not provide any personal information when answering an email
  • Do not enter personal information in a pop-up page or screen
  • Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
  • Update your security software (such as Norton Internet Security 2012) frequently, which protects you from online phishing