Long-Term Scammers Target 2014 Glasgow Games

With 693 days until the Glasgow Commonwealth Games, according to their online countdown clock, organized cyber-crooks have already started spam campaigns with bogus Glasgow awards.

Many scammers are organized professionals, whether operating from a small room in their parents’ house or a student condo. They monitor “business” trends, prepare holidays and events calendars, and launch phishing hooks well in advance.This time, they flood inboxes with old Lottery scams allegedly coming from the Glasgow Commonwealth Games 2014.

The e-mails come with an empty message from an alleged Scottish e-mail service to make the phishing attempt more credible.

The PDF document in the attachment invites users to share personal information such as full name, address, occupation, and reconfirmation of e-mail address. The e-mail is “signed” by the official Glasgow 2014 Director of Communications Gordon Arthur.

Glasgow Games organizers are already familiar with phishing attempts, including this one that informs the recipient that their email address has been selected randomly from the “XX Commonwealth Games, Glasgow 2014 online Balloting System,” and that they have won money.

“We are aware that Glasgow 2014’s name is being used in relation to some email scams and other fraudulent or inappropriate conduct,” the Glasgow 2014 representatives said. “This is a scam. Do not provide any of your personal details to the people who sent this email.”

Other scams flood inboxes in the form of a Winning Certificate from the Commonwealth Award Lottery or ask people to contact “DIRECT EXPRESS COURIER SERVICES with personal details in order to receive a parcel delivery.”

Just as with the London Olympics, we expect many other identity theft scams, but also arrests. In London Olympics, one of the most common cyber-crimes was ticketing fraud.

Be careful with bogus Glasgow Games promises on social networks too. Cyber-crooks may attempt to lure you into clicking on malicious links allegedly from your list of friends. Relying on social engineering techniques, event-themed scams are efficient tools that help hackers grab your personal information, user names and credentials.

The 2014 Commonwealth Games in Glasgow (24 July – 3 August 2014) will be the largest multi-sport event ever held in Scotland.

If you think nobody still falls for such old tricks, here’s one user’s complaint made four years ago, when the sports event was held in Delhi, India.

“This is regarding complaint [SIC] about a gang who, it seems, are functioning all over the world,” the sports fan wrote on the Indian Consumer Complaints Forum.

“On November 16, 2010 an sms was sent to my Mobile No XXXXXX stating – ËœCONGRAT YOUR MOBILE NUMBER HAS BEEN AWARDED $ 2 MILLION USD IN COMMONWEALTH GAMES AWARD LOTTERLY TO CLIM CONTACT MRS. JANE ON EMAIL: [email protected] Accordingly, I had started correspondence with them as per copies of attached emails for your favour of information please.”[SIC]

In response, another user complained he had received the same SMS, and wanted to find out how he could get “his” money.

To prevent online and offline security breaches, police collaborate with professors from the Scottish Centre for Crime & Justice Research, in a project funded by the European Commission. The team already made a visit to South Africa to see how they provided security at the 2010 FIFA World Cup.

“My colleagues will be travelling to more countries this year and next to see what we can learn about the ways they have tackled issues such as border security, counter-terrorism, counterfeit ticket scams and ambush marketing during mega sporting events,” Michele Burman, Professor of Criminology at the University of Glasgow, said. “A key aim of the project is to produce a legacy for security planning that will assist in the planning for future mega sporting events in Europe.”

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the technical information provided courtesy of Ionut Raileanu, Bitdefender Spam Analyst.