Unlike the World Cup ticketing scam we covered a few weeks ago, one of the latest scams has been out since May, but is gaining traction as the games have started. The attack purports to provide a schedule and scoresheet for devoted fans to use to following the games.
But, in reality, the email using the subject World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager, contains one of nine observed attachments that traditionally act as a toolbars, adware or system optimizer installer.
With the World Cup taking employees attention away from work during work hours, online betting, and even fantasy World Cup teams, cybercriminals are counting on employees to be less vigilant around receiving and opening emails from unknown senders. The excitement of the game, the desire for a team to win, and the comradery built between many is the perfect storm for cybercriminals to take advantage of unsuspecting employees.
You should take precautions anytime a major sporting event occurs, including:
- Have a layered security strategy in place that uses mail scanning, web scanning/reputation, and endpoint security
- Update all patches and AV signatures
It’s also important to remind your employees that especially in situations like this – where they aren’t thinking about work, your security culture, or their need to be concerned about phishing scams and malware – they need to be extra-vigilant when surfing the web to event-related sites and when opening event-related emails on corporate devices.
Based Blockchain Network