FIFA World Cup Tickets Scams Available Now

We recently alerted our readers to spam campaigns using the H1N1 vaccination program to prompt recipients to open the mail. And we have frequently mentioned that crooks love to take advantage of news, disasters, and other events.

Now that the final draw for the FIFA World Cup in South Africa next year has taken place, it is time to remind you that sports events are no exception to the rule. I’ve already found some examples.

The first is a fake lottery. In this case, the source claims the recipient has won a large sum of money from the South African Football Association. After contacting the lottery manager, the victim of the scam will be asked to pay “processing fees” or “transfer charges” so that the winnings can be distributed. Don’t expect to ever see a payment.


The second example is a “watch live games online” offer. Can you guess it’s a fake? The victims pay to download an HD video player, but they receive only a rogue security product (a.k.a. scareware).

When a sport makes the headlines, there are always fans who want to take part. We’ve also encountered fake club offers that are dedicated solely to collecting subscriptions.

As June 2010 approaches we’re certain these scam offers will increase in number and in professionalism. You must be especially vigilant if you plan to buy tickets online for the South Africa games. Go to fifa.com, use a reputable travel agent, or contact your football/soccer association directly. Don’t assume unsolicited online offers are genuine.

In September, The Times of London wrote that New Scotland Yard had tracked down and closed more than 100 sites so far, with as many as 20 based in Britain. These fraudsters were only the pioneers of an Internet crimewave that will rise as the World Cup approaches.

Here is a screenshot I took today on the official FIFA website. (Prices for the various categories are in US dollars.) The site explains that only one location–fifa.com–will sell tickets and that only a few other companies will sell authorized packages.

Compare the real thing with this suspicious site I also found today. It offers different prices for the same categories:

Don’t be disappointed before your team starts to play. Shop carefully if you plan to buy tickets!

Critical Adobe Flash Update

It’s the second Tuesday of the month and there are important updates being released.

From Microsoft, of course, but also from Adobe.

There’s a critical security issue in Adobe Flash Player 10.0.32.18 and earlier.

It’s important that organizations deploy these updates before the Christmas holiday reduces IT staffing. Fortunately, this patch cycle is as early as can be landing on the 8th so there’s still time to test and deploy.

New social engineering technique: use Microsoft support to sell rogues

Sunbelt analyst Adam Thomas came across this ugly new social engineering technique when he analyzed the DefenceLab rogue security product.

It does the usual scare-ware stuff: a fake scan and fake “Windows Security Center” alert:

Then it directs the potential victim to a Microsoft Support page, but injects html code into the page in his or her browser to make it appear as though Microsoft is suggesting the purchase of the rogue.

This is the real Microsoft page:

This is what it looks after DefenseLab changes it: