It seems that nothing is safe from being abused these days. Several security software vendors have announced a number of different scams based on the 2010 Winter Olympics in Vancouver. MessageLabs offers two examples.
- An email with the subject, “Information and resources to help you travel during the Vancouver 2010 Winter Games. TravelSmart 2010.htm” includes legitimate links but contains hidden code embedded in the email which can be used to drop almost anything on the victim’s computer.
- An email with the subject, “How to make Olympics more interesting”. In this case, the attack is buried in an attached presentation file and will attempt to install other malware on your computer.
Based on the reports so far, these scams appear targetted at specific people (an attack mode known as spearphishing). The rest of us may or may not ever see them but they are highly dangerous to the few people that do get targetted. Here are some ways to stay safe:
- Buy from legitimate sites. This includes your Olympic tickets. Scalpers are already showing a disdain for the law. What makes you think they’ll respect your computer privacy? There are legitimate online fan-to-fan sites for reselling tickets (one such is Vancouver2010.com) but you have to do your homework to be sure it’s a reputable site.
- If it sounds too good to be true, it probably is. We’ve said this many times before but greed remains one of the hackers’ best weapons. Be suspicious.
- Be especially suspicious of links in emails or IM messages. Look up the legitimate site on google or type the address into your browser yourself.
- Never fill out forms in messages. Legitimate companies will never ask for personal, financial or password information through an email message.
Enjoy the games – safely.
Leave a Reply