False contest to win jersey of the Brazilian team found on WhatsApp
Source: Vistar Communications for ESET Middle East , Author: Juan Manuel Harán
Posted: Wed August 22, 2018 5:56 pm

UAE. With ten days to go before the FIFA World Cup begins in Russia cybercriminals are trying to take advantage of the event by tricking people into providing personal details or clicking on links that contain dangerous content.

An example of this was recorded in Brazil last week, when a fraudulent campaign circulated, mainly through WhatsApp, with a message claiming that Nike would be commemorated 22 years as the official kit manufacturer of the Brazilian National Football Team by giving away official shirts of the team. The only requirement to obtain the prize was that the users share the message.

In the captures of the messages (below) that arrived at the ESET laboratory there were two different links and none had any relation to the clothing company. Indeed, clicking on the link directed the unsuspecting to a website that ESET detects as a site with potentially dangerous content.

Depending on the type of device the user is using the behavior of the threat may be different, including subscribing the victim to premium SMS services or installing add-ons in the browser to steal user information.

The contest to win the shirt of the Brazil team
The campaign tries to convince the user that they were selected to participate in a small survey and once completed they are requested to share said survey with their contacts — in this way spreading the campaign by having the unsuspected user to do their dirty work for them.

It should be noted that in this case the website has a valid SSL certificate. This can make users believe that it is a secure site by using the HTTPS protocol, but we have already spoken previously that at first glance, this is no longer a parameter that it is a secure site because it has HTTPS .

WeLiveSecurity recommends users to use – both on their computer and on their mobile devices – a security solution that warns the user when faced with an attempt at deception or a suspicious website.

Likewise, with the World Cup getting closer, we expect cybercriminals to try to take advantage of fan excitement on all things related to FIFA World Cup Russia 2018 and  attempt to get users, albeit unknowingly, to spread threats. Therefore, it is important to be more attentive, learn to recognize these deceptions, prevent them from affecting us, and avoid spreading them to others.

Author: Juan Manuel Harán writer at Welivesecurity (ESET)

Photo Captions:
1. (above)  Brazil shirt (Photo: ESET)
2. (inset)   ESET antivirus (For illustration purpose only - File photo)

 

MIDDLE EAST BUSINESS COMMENT & ANALYSIS

date:Posted: November 19, 2018
UAE. Large majority of UAE survey respondents willing to bank with established technology companies, says Bain & Company study.
date:Posted: November 19, 2018
SAUDI ARABIA. First mover advantage for Saudi companies that protect consumer data.
date:Posted: November 16, 2018
UAE. The new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.
dhgate