Penalty! Another FIFA World Cup Phishing Scam Found

FIFA_2018As we round out the second week of the FIFA World Cup, new phishing scams continue to permeate, seeking to take advantage of fan’s interest and excitement.

Unlike the World Cup ticketing scam we covered a few weeks ago, one of the latest scams has been out since May, but is gaining traction as the games have started. The attack purports to provide a schedule and scoresheet for devoted fans to use to following the games.

But, in reality, the email using the subject World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager, contains one of nine observed attachments that traditionally act as a toolbars, adware or system optimizer installer.

With the World Cup taking employees attention away from work during work hours, online betting, and even fantasy World Cup teams, cybercriminals are counting on employees to be less vigilant around receiving and opening emails from unknown senders. The excitement of the game, the desire for a team to win, and the comradery built between many is the perfect storm for cybercriminals to take advantage of unsuspecting employees.

You should take precautions anytime a major sporting event occurs, including:

  • Have a layered security strategy in place that uses mail scanning, web scanning/reputation, and endpoint security
  • Update all patches and AV signatures

It’s also important to remind your employees that especially in situations like this – where they aren’t thinking about work, your security culture, or their need to be concerned about phishing scams and malware – they need to be extra-vigilant when surfing the web to event-related sites and when opening event-related emails on corporate devices.

Free Phishing Security Test

91% of successful data breaches started with a spear phishing attack

Would your employees fall for popular phishing scams? Find out with a free test and customize your phishing templates to your environment. We help you train your employees to better manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks. 

Get Your Free PST Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews