Kaspersky Lab Warns about Cyberthreats within World Cup Brazil 2014

As the FIFA World Cup 2014 continues to get more and more attention of tourists and football followers from all corners of the world, it also brings with it the unwanted attention of cybercriminals looking to exploit people’s interest to this popular sport. Kaspersky Lab experts share a list of basic do’s and don’ts to make your football experience safer, whether you are travelling to Brazil, checking scores online, watching games online or via mobile applications.

Online threats related to broadcasting of the games

Many fans are looking for a live stream of the games, but they should be aware going to a wrong website can cost them money or leave a malicious program on the computer.

Live Word Cup broadcast with purchased advertisements could lead to fraudulent or malicious content. One example is when you go to the website, it asks you to download a special plugin supposed to be the player needed to watch the on-line broadcast of the games. In reality, it is an Adware program, which may not show you anything but will drain your computer’s resources.

The sites offer every game, at any time promise high quality footage taken from the best cameras in the arenas. However, if you pay, you will just lose your money. Dubious and dishonest websites like these have no interest in playing by any rules.

And like with phishing websites there appeared a lot of new registered domain names containing words like “Fifa Live World Cup steaming 2014” which can be largely used for a malicious purpose.

Cybercriminals, opportunists and other malicious individuals look for occasions like the World Cup. They know this is the best time to cheat people, stealing their money and infecting their devices. Stay ahead of the game and do not fall into their social engineering traps. Use the best anti-malware protection and keep your wits about you when browsing and looking for the content. By the way, if you want to see a live broadcasting, probably you may use one of these legitimate councils.

Phishing schemes

Online fraudsters have been actively creating sophisticated websites imitating authentic domains of the World Cup, its sponsors, and partners – including well-known brands – trying to lure users to share their private data, such as usernames, passwords and credit card numbers.

Fabio Assolini, Kaspersky Lab’s Senior Security Researcher with its Global Research and Analysis Team, said: “We detect 50-60 new phishing domains every day in Brazil alone, and they are often highly sophisticated and very skillfully designed. In fact, for an ordinary user it’s far from easy to distinguish a fraudulent domain from a real one.”

Some phishing websites appear to be safe. For example, their URLs may start with ‘https’, where the ‘s’ stands for ‘secure’, as the cybercriminals manage to purchase valid SSL certificates from certification authorities. Phishing domains also sometimes have mobile versions with an authentic look and feel aimed at users of smartphones and tablets. Criminals use legitimate SSL certificates also to infect users’ computers with malware.

There are also messages about winning World Cup game tickets with links or attachments that people should be cautious about, even if they include user’s full name, date of birth and other credentials, which can be taken from a breached database.

Here are some tips to stay secure against phishing schemes and malware that use a World Cup context to stage their attacks:

• Always double-check the webpage before entering any of your credentials or confidential information. Phishing sites are deliberately designed to look authentic.
• Although websites with the ‘https’ prefix are more secure than those with ‘http’, this does not mean such websites can be fully trusted. Cybercriminals are successfully obtaining legitimate SSL certificates.
• Generally, be wary of messages you receive from unknown senders. Specifically, avoid clicking on links in e-mails from sources you are not absolutely sure about, and do not download and open attachments received from untrusted sources.
• Make sure you have up-to-date anti-malware protection installed that blacklists phishing websites.

 Using ATMs and Avoiding Credit Card Cloning

If you are going to Brazil and still haven’t decided how you plan to pay your bills there – cash or credit card – it is high time to do so. Kaspersky Lab warns that Brazil has some of the most creative and active criminals specializing in credit card cloning. Below are some tips from Kaspersky Lab on how to protect yourself against the most common attacks on ATMs, point of sales (PoS) devices and on using ATMs in Brazil.

• Chip-and-PIN cards are still more secure and harder to clone than magnetic swipe cards. If you don’t already have this type of card, ask your bank if it’s possible to get one before you travel.
• In some countries people are in the habit of handing over their cards to staff in restaurants and stores. In Brazil, this can be dangerous – you’re presenting fraudsters with a golden opportunity to clone the card. Ask the staff to bring the electronic payment terminal to you.
• Be careful of chance encounters or accidents which might take your card out of reach for a moment. If it happens, check that the card you get back is really yours. If you have any doubts, report it immediately to the bank.
• Wherever possible try to pay using a wireless PoS device – they are a bit more secure than the older ones connected to serial or USB ports.
• Keep a close eye on your credit card statement to check all transactions and inform your bank immediately if you see something suspicious.
• While using an ATM cover the key pad while you enter your PIN with your hand or wallet - it is a great way to foil most skimmers, which tend to rely on hidden cameras.
• If you see something that doesn’t look right, notify the bank or owner of the ATM machine, and go somewhere else to withdraw cash.

Insecure Wi-Fi Networks

As data roaming charges for cell phones are generally very expensive, many travelers to the World Cup in Brazil will probably just opt to use free Wi-Fi access points, and probably not give much thought to security issues. This is a very risky approach, however, because all the data that is sent or received on open Wi-Fi networks could be intercepted.

Kaspersky Lab security experts conducted research into Wi-Fi access in São Paulo. They drove 100 km around the city and checked out more than 5,000 different access points popular among tourists – parks, malls, airports and other attractions. As a result of the study, it turned out that 26% of the 5,000 open Wi-Fi networks in São Paolo don’t use any encryption. Below are some tips on using Wi-Fi networks:

• Always access any Wi-Fi network through a VPN connection. If you do not have one, please get one and install it on all your devices – smartphones, tablets, laptops, etc.
• If a Wi-Fi network blocks your VPN, avoid using that network. If you have no choice, it’s better to use the Internet via TOR Browser together with your own DNSCrypt settings directly on your device.
• If you own an Access Point, check if your firmware is the latest version. If not, upgrade it.
• Don’t leave your Access Point with vendor default settings; change them and also set strong new passwords. Check the encryption your Access Point now has. If it’s WPA or WEP, change it to WPA2 with AES settings. Disable SSID broadcasting and make sure your network password is strong.
• If there is no really secure network where you are, don’t worry about posting your pictures right away; wait until you find a secure place to work.

 Malicious AC/DC Charging Points

Passwords, PINs and other sensitive data could also fall into the hands of cybercriminals if public charging stations are used – in Brazil these publically available chargers may be malicious. A malicious AC/DC charger will still charge your battery, but at the same time it can silently steal information from your smartphone. The interception will happen via a USB connection, as the majority of plugs use this type of connection. In some cases these fake chargers can also install malware capable of tracking your location, stealing notes, contacts, pictures, messages as well as call records, saved passwords and even browser cookies.

• Never use unknown chargers; instead look for trusted places to recharge devices.
• Use your battery responsibly and try to keep a spare with you, so you can use it if the primary battery dies.

Try to optimize battery life by shutting down unnecessary processes and turning on airplane mode when a cell phone network is not available. You can also disable sounds, vibrations and tones and other resource-hungry features, like animated wallpapers etc.