14 DAY TRIAL // Baseball fans beware! Cybercriminals are using bogus Red Sox ticket purchase emails to trick you into installing a piece of malware.
The emails (see screenshot) are titled “Thank You for your order” and they read something like this:
“Thank you for your recent ticket purchase. We truly appreciate your support and commitment to Red Sox Baseball. If you have any questions regarding your purchase, please contact our Ticket Services department by calling (toll free) 877-REDSOX9.
Note that you will receive a separate email within the next two business days which will include the vouchers you will need for both parking at the Prudential Center and your Duck Boat ride to the ballpark, included in each End of Summer Family Pack purchase.
Please remember that all sales are final-there are no refunds or exchanges issued on any tickets. Also note that all game times are subject to change. Be sure to visit redsox.com for the latest Red Sox news and any game time updates.“
The bogus notifications are well designed, as they contain purchase details and everything.
However, when users click on the link from the email, they’re taken to www.redsox.com.tickets-service.lindoliveryct.net. While this might seem a genuine Red Sox website, it’s not.
“Redsox.com.tickets-service” is simply a subdomain of the actual site, lindoliveryct.net, which has nothing to do with Red Sox.
Said website has been set up to distribute malware onto the computers of unsuspecting visitors.
According to Conrad Longmore of Dynamoo’s Blog, the spam campaign was launched by a group of cybercriminals dubbed Amerika. They’re believed to be behind numerous major spam runs.
If you come across such emails, delete them immediately. If you’re a victim, be sure to scan your computer with an updated anti-malware solution.