Two phishing campaigns made their appearance and concern both the FIFA World Cup organization (Mundial 2018) and one of its long-term partners, Adidas.
One campaign tries to tempt victims to click on a malicious link under the guise of getting a program of matches and team workouts as well as a tracker of results.
The second campaign gives you, a free 50 dollar registration per month at website who advertise Adidas shoes.
Check Point was the one who discovered the phising effort associated with the start of the World Cup and is aimed at football fans. A known malware commonly used to install programs (PUP), toolbars, adware or system optimizer is called DownloaderGuide and is incorporated as an attachment to these emails. The researchers discovered nine different executables that were delivered to emails: "World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager".
The company said the campaign culminated in June 5, but it reappeared shortly before the start of the Games. "Events that attract a large percentage of people are considered by cybercriminals as a golden opportunity to launch new campaigns," said Maya Horowitz, director of Checkpoint's Intelligent Threat.
The second phishing campaign, targeting Adidas customers, uses a different tactic to trick the different users. This is the so-called homographic attack which in our case uses a vertical line in the position where Adidas should be "i". "The use of punycode-based email and domain is an increasingly used technique to get users down and get infected," said Matthew Gardiner, a security expert.