FIFA World Cup 2010 attracting cybercriminals

by CXOtoday Staff    Jun 15, 2010

Hackers have always attempted to hijack traffic from popular websites. The ongoing FIFA World Cup has also attracted cybercriminals. According to Fortinet, cybercriminals are repeatedly using simple attacks and have been even been successful. This is because cybercriminals use common social engineering attacks to capitalize on events through social networking, e-mail based spam (containing malicious links/attachments) and search engine optimization (SEO) based attacks. SEO attacks work by getting popular search engines to rank malicious websites among a list of the top set of returned results following a gaming related keyword search.

According to Fortinet Labs, SEO attacks can be dangerous because they are often user-initiated, unlike many other solicited attacks seen in the wild. In addition to malware attacks, Fortinet warns that fraud is also a significant threat to be wary of. For example, FIFA issued a scam warning earlier this year that suggested sports fans be wary of ticket lotteries and any other communications from FIFA that ask for additional payments and/or personal information to secure tickets.  

With Web 2.0, mobile computing on the rise and a much more distributed and global workforce, companies are exposed to a greater than ever number of entry points into the corporate network. In order to protect against social engineering attacks, Fortinet has recommended enterprises to educate employees on web usage and maybe even limit the amount of time the latter spends online, watching or surfing information on the ongoing matches. Even legitimate websites can be compromised, making it difficult to completely avoid malicious codes online.

Fortinet’s FortiGuard team recommends IT managers read the company’s regular threat research blogs (available via RSS) to stay current with latest threat trends. Companies should also seriously consider putting in place an intelligent, layered security solution like a unified threat management (UTM) offering.