With this year’s South African World Cup the great majority of weekday matches will be played in working hours. Coupled with the fact that many pundits are predicting the U.S. making it to the second round and beyond you are likely to want to watch many of the matches (with your bosses consent or otherwise) than ever before.
However, this insatiable desire to watch the World Cup matches at work has the potential to be the biggest security catastrophe ever seen, with malware writers targeting eager employees who will disregard common sense and employ any means necessary to get their soccer fix during office hours.
For example, during the 2008 Olympic Games, many U.S. Internet users went in search of footage of Usain Bolt’s 200-meter race from other sites in the UK, China and Eastern Europe due to a lag of several hours between the race taking place and U.S. broadcaster NBC showing it on television and placing it on its Web site. In a similar vein, soccer fans heading to largely unknown and untrusted websites in search of soccer from not being broadcast by domestic broadcasters such as BBC or ITV feeds risk exposing work-based computers to increased virus threat, phishing attacks and malware embedded in web pages, banner advertising and fake video streaming codec downloads.
So what, in particular, should you be watching out for to ensure your safety during what promises to be the most exciting World Cup tournament ever:
- Infection files distributed via World Cup spam. As in any prominent event, email users should be cautious when opening messages with attachments claiming to be related to the World Cup. In all probability, the attachment will be an infection file that could do serious damage to your PC or network. Typical themes we expect to see in these spam messages would be “Free tickets”, “match list”, “watch online” and “tickets refund” ? all of which are designed to lure the victim into opening up the attachment.
- Search Engine Optimization poisoning. Search engine results will probably be poisoned to include links to malicious sites which peddle rogue security products, online pharmacy scams or malicious files. Users should READ URLs before they click on them, and consider obtaining their news only from sources they trust during this period – the fake websites and spamblogs will be out in full force. Fake antispyware programs ? which claim your PC is infected and ask for anything up to $60 to remove those fictitious files ? are big business for hackers, and are one of the most common scam tactics online today. Anything from a rogue advert on a reputable website to a fake video claiming to show “match highlights” can be a gateway for these particular intruders. If you see popups mentioning infections while browsing the net that aren’t from your security software, don’t panic, simply open up Task Manager (CTRL+ALT+DEL) and shut down your web browser. If nothing malicious has been installed and what you’re seeing is a simple pop up, then this will allow you to “escape” the website that traps you on their page. Don’t give them any money!
- Social Networking Scams. We would expect to see malicious links on Twitter, fake applications on Facebook and other kinds of dubious behaviour on the more popular 2.0 websites. If someone asks you to try out a program on Facebook, don’t be afraid to Google it first and see if it’s a legitimate application or not. There are still many issues in relation to security where 2.0 applications are concerned and fake programs are a part and parcel of the hacker armoury.
- Website defacements. It’s a sad fact that when a big event takes place, websites related to the event are under threat of attack. While many of these attacks are simple webpage defacements, sometimes attackers may try to use the compromised websites to install malicious software onto your PC. Always ensure your security software is up to date and your version of Windows is fully patched, as there is a wealth of programs available that would-be hijackers can use to infect PCs with ease.
Simply follow these basic rules and you should be ensured of enjoying the fun and excitement of this year’s World Cup without scoring a security own goal.
Editor’s note: Christopher Boyd is a senior threat researcher for Sunbelt Software.