Cybercriminals Cast A Wider Net To Catch Victims

Pro Evolution Soccer 2012

Last month saw malware attacks targeting a wide range of potential victims, including gamers looking for a Pro Evolution Soccer 2012 game crack, small business owners concerned about the reputation of their business, and government organisations receiving spoofed messages from the United States Computer Emergency Readiness Team (US-CERT).

Anyone who goes on the internet is a potential target for cybercriminals looking to infect systems and scam users. Malware writers and phishers do not discriminate. They purposefully cast a wide net when picking their methods of attack in order to reach as many targets as possible.

Whether you are a young gamer, a successful business owner or a government employee, you need to be wary when clicking on links that appear to pertain to your interests, especially when asked to submit personal information online.

In addition to malware writers installing rootkits on the systems of gamers who were looking for a pirated release of Pro Evolution Soccer 2012, developed by Konami Digital Entertainment, scammers also latched onto the buzz surrounding the upcoming fourth instalment of the Halo video game series, developed by 343 Industries, by offering bogus beta invites in return for filling out surveys and recommending links on Facebook and Google+.

These attacks leverage the popularity of these titles among the gaming community and are meant to take advantage of the mistakes some users might make when acting out of excitement about a favourite game franchise.

January also brought phishing emails posing as notices from the Better Business Bureau, claiming that a customer had filed a complaint against the recipient. The messages contained links to malware created using the Blackhole exploit kit.

Government body US-CERT served as another disguise for cybercriminals attempting to bait unwitting victims into opening a file that contained a variant of the Zeus/Zbot Trojan. Meanwhile, Tumblr users were baited with “free Southwest Airlines tickets” in exchange for taking surveys and submitting personal information by a phony “Tumblr Staff Blog.”

Malware writers and internet scammers also sought to attack a wider cross-section of the population when opportunities presented themselves to creatively piggyback on hot news topics and highly trafficked websites.

This past month, the shutdown of popular file hosting website Megaupload led to a domain typo scam targeting both the regular users of the website as well as visitors who were interested in seeing the FBI notice posted on the site. Once the victims reached the misspelled URL, they were redirected to various sites promising fake prizes and asking for personal information.

While cybercriminals may not be picky about their choice of victims, their choice of tactics is anything but haphazard. Cybercrime campaigns are designed to cripple systems and steal personal information, but first they have to reach the victim. Once they know the profile of the group they want to attack, they will do anything they can to increase their chances of success and fool users into playing along.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Christopher Boyd is a Senior Threat Researcher for GFI Software. He is also a 6-time Microsoft Most Valuable Professional (MVP) awardee for Consumer Security and former Director of Research for FaceTime Security Labs. He has given talks at RSA, InfoSec Europe and SecTor, and has been thanked by Google for his contributions to responsible disclosure. Chris has been credited for finding the first instance of a rogue Web browser installing without permission, the first Twitter DIY botnet kit, and the first rootkit in an IM bundle. Chris is regularly quoted in relation to his work on gaming security issues.