The Superbowl has always been one of the most anticipated sports events of the year. It’s even safe to say that the event goes beyond the actual sport—witness the numerous high-profile Superbowl TV commercials, events, and promos that are often tied to the event. The Superbowl is an annual spectacle that everyone wants to be a part of—even scammers and cybercriminals.
We encountered several spammed messages that use the upcoming Superbowl XLIX as bait. These emails talk about selling tickets to the game—highly desirable items, given that the event is just a few days away. The message contains a link stating “Check Ticket Availability.” The link leads to a page with an image stating that the post is no longer available.
However, a small link can be seen below that image. When clicked, it leads to another page that contains information about a certain business organization based in Panama. Perhaps it’s of little surprise that our analysis revealed that the sender of these emails is the same business indicated in the web page.
Below is a copy of the spammed message that claims to sell tickets to the Patriots versus Seahawks game to be held in the University of Phoenix Stadium in Glendale, Arizona.
[Read our spam entry Superbowl XLIX in Scam Mails]
While we haven’t seen any outright malicious activity from these web pages, it wouldn’t be too difficult for enterprising scammers or cybercrooks to use these pages to host malware, survey scams, or other threats. As such, users should remain wary of these pages.
Superbowl scams aren’t new; we’ve seen scams take advantage of the Superbowl as early as 2007. And the scams aren’t just limited to the Superbowl. We have seen almost every major sporting event be used as social engineering bait. And the reasoning behind it is pragmatic: the large number of sports fans means a large number of potential victims.
So what can users do?
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.