Symantec researchers have recently spotted a number of phishing sites that look like the website of a popular Brazilian credit and debit card company, equipped with images of a popular Brazilian soccer player, FIFA World Cup’s logo and various prizes.
Phishers have already taken the opportunity to start promoting the FIFA World Cup scheduled for Brazil in June 2014. Symantec said that in September 2012, phishing sites spoofed a popular Brazilian credit and debit card company using the 2014 FIFA World Cup as bait.
The phishing page was set up to look like the company is offering prizes for its customers, as well as zero billing charges on the customer’s card for exclusive trips taken to the 2014 FIFA World Cup in Brazil.
In order to qualify for the prizes, customers are asked to register by entering their name, social security numbers, date of birth, email address and password, as well as credit card details including card number and security code.
Once the information is entered and submitted, the victims are reassured with an acknowledgement of the registration, and the information is sent to the scammers to be misused.
Users are advised to always be on the lookout for such schemes, and to remember that unsolicited emails that link to or contain pages that require them to submit personal and/or financial information are almost surely bogus and authored by scammers.
How to avoid phishing attacks:
- Do not click on suspicious links in email messages
- Do not provide any personal information when answering an email
- Do not enter personal information in a pop-up page or screen
- Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
- Update your security software frequently, which protects you from online phishing