World Cup scams out in full force

It’s the time again when the greatest soccer teams in the world collide to determine a champion. The 2014 World Cup is this summer and with it comes 90-minutes of intense soccer action, patriotism, flopping, hacktivism, scams and spam. The World Cup is big news and because of it scammers, spammers and criminals will take advantage of the event to get you to click on malicious links or sign up for services you don’t want. They do this by offering free tickets, prizes and various other free things. Be wary of clicking on links both here at work and on home on your computing devices. Nothing is ever free, especially on the internet and if you decide to explore one of these malicious links or scams you’re likely to end up with something other than free access to one of the greatest sporting events in the world.

For more on the subject I would highly recommend eSecurity Planet’s article How to Avoid FIFA World Cup Cyber Threats by Jeff Goldman. The article is not only good advice for handling scams during the World Cup, but any other big events scammers and criminals are likely to take advantages of.

Also, for Android users, be wary of World Cup apps. Several apps have been found to contain malware on them that steals data, pushes ads or runs up premium service charges. For more on that check out the Security Affairs blog and the Fake Versions of World Cup 2014 Apps targeting Android users post.

 


 This post first appeared on Exploring Information Security.

Brian Krebs InfoSec Links May 7, 2014

Cause Brian Krebs is awesome.

Phishers Divert Home Loan Earnest Money - Brian Krebs - Krebs on Security

In this scheme, the attackers intercept emails from title agencies providing wire transfer information for borrowers to transmit earnest money for an upcoming transaction. The scammers then substitute the title company’s bank account information with their own, and the unsuspecting would-be homeowner wires their down payment directly to the fraudsters.

Emails are being intercepted and the account information changed so that the home buyers send the money to the criminal and not the loan agency. That's really scary and shows that if it's financially profitable criminals will find a way to exploit the system.

Adobe Update Nixes Flash Player Zero Day - Brian Krebs - Krebs on Security

Update Adobe Flash Player on your computers. Do it. Do it NOW!

The Target Breach, By the Numbers - Brian Krebs - Krebs on Security

Krebs breaks down some of the numbers involved in the Target breach that took place from November 27 to December 15, 2013. The most glaring one is the number of Chief Information Security Officers (CISO) or Chief Security Officers (CSO), which was zero, according to the AP. If true, that's pretty sad for the second-largest discount retailer in the United States. And it's not that a CISO or CSO would have stopped the breach, but does give us a peek into Target's thoughts on information security.

 This post first appeared on Exploring Information Security.