14 DAY TRIAL // New spam campaigns target UK-based football fans looking forward to the UEFA Cup and Champions League finals. The scams claim that users need to send an SMS message to a certain phone number in order to sign-up with a free-ticket lottery.
Security researchers from antivirus vendor Bitdefender warn that similar campaigns targeting both finals have been detected in the wild. Additionally, the upcoming FIFA World Cup 2010 has also made the subject of a lottery scam.
"Last UEFA Cup Final in history! [This competition will be re-branded as UEFA Europa League beginning next season] […] Simply send a text message to a short number ##### to vote for your favorite team for a chance to win 3 tickets to the UEFA Cup in Istanbul, which will take place in May 20th, 2009," one of the e-mails reads.
Another, with a similar message and instructions to vote for your favorite team, claims to offer a chance to win three tickets on Stadio Olimpico (Olympic Stadium) in Rome, where the UEFA Champions League final will take place on May 27th, 2009.
The reason for these campaigns is, obviously, the monetary gain. According to the fake messages "each message costs £5 excluding VAT," so even assuming that this claim would be accurate for some reason, although the real amount could be much higher, it would still have the potential to earn the cybercrooks a lot of money.
A more complex lottery scam invokes the 2010 FIFA World Cup in South Africa. The e-mail in this case comes with a .doc file attached, which goes to great lengths to convince users that they have won a big sum of money in part supplied by the World Cup Local Organizing Committee, supposedly to raise awareness to the African problems.
The document includes images of alleged past winners and gives a lot of details about the lottery-organizing company and the "automatic draw" you have been selected from. However, it fails short on several aspects, the e-mail address you are supposed to reply to is a Gmail account and the images of the previous winners have the Michigan Lottery Logo in the background, which is not the company named in the document.
Bitdefender researchers advise users to be wary of such lottery e-mails and take extra steps to verify their authenticity before deciding to participate. They speculate that, as these important events are approaching, more such campaigns will be in circulation. This has happened before during the Beijing Olympics, when cybercrooks won hundreds of thousands of dollars by scamming Internet users.