A lot of phishing and cyber-attacks were witnessed at the time of the FIFA World cup. The cybercriminals devised different ways and methods of attacking the fans and get hold of their private and confidential data. The attackers misled the fans online by broadcasting unsolicited advertisements for free live online streaming of the event and fake world cup related promotions that are difficult to resist. These are classic baiting techniques that often result into dangerous fraud, phishing and malware attacks.
The Dell SonicWALL threats research team has been tracking down all the World Cup related spam mails. These mails asked the users of their personal information in return of providing them with live streaming videos or prize through FIFA lottery. There are hordes of fraudulent sites on the web which plan similar kinds of attacks. Some of these sites will redirect to another URL requiring users to provide their credit card information for full access to live streaming while others will prompt users to download special video playback software or install “missing plugins” that almost assuredly, if users click that URL, they will most likely download malware onto their devices.
Murli Mohan, General Manager, Dell Software says, “At Dell, we are deeply committed to protect enterprises against business disruption by consistently delivering industry-leading security solutions that are well suited for today’s advanced-threat environment. With cyber criminals increasingly exploiting software vulnerabilities, secure network connectivity is a key area of concern for enterprise technology decision makers. To meet present-day network security requirements, it is therefore imperative to adopt a fool-proof framework coalescing the enterprise network that provides deep threat prevention”.
The research team says that it is recommended to stream the games through legitimate, reputable websites such as ESPN or BBC. Begin layering your defence system that will provide you many ways of preventing attacks and managing network bandwidth. This includes:
1) Vigorously defend the endpoints as most network infections begin with a compromised user device. Enforce every device attempting to access the internet to have threat prevention capabilities such as content filtering capable of blocking inappropriate, illegal and dangerous web content.
2) Comprehensive gateway threat detection m services that can provide complete inbound anti-spam, anti-phishing and anti-virus protection.
3) Manage network bandwidth with application control capabilities to provide granular control of certain application–limiting or blocking access–by setting policies based on logical pre-defined categories (such as sports), individual applications, or even users and groups to keep business application running at full speed.
4) Breaking the malware kill cycle by investing in a capable intrusion prevention system because it is far easier to keep the bad guys out than to expel them.
5) Add SSL inspection and application control to detect and prevent today’s advance evasive tactics or compromised web applications from sneaking malware into the network.
6) And finally, ensure that there is a 24x7x365 threat response and counter-intelligence service for the firewalls and intrusion prevention systems so it can quickly receive the latest countermeasures to combat new vulnerabilities as they emerge.