We’re nearing the opening of the 2012 Summer Olympics, which will be held this time in London in July. As the event starts to go in full swing, cybercriminals start mounting their scams and schemes to get users to click.
We also spotted a malware that arrives as a file named Early Check-In 2012 London Olympics.doc. This file, detected as TROJ_ARTIEF.XPL, exploits the RTF Stack Buffer Overflow Vulnerability found in several versions of Microsoft Office components. If it’s successful, it drops several other malware on your system, which Trend Micro detects as TROJ_DROPHIN.A and TROJ_PHINDOLP.A.
This is not the first scam that uses this event to get users clicking. As early as 2008, Trend Micro has spotted a spammed message purporting to be a lottery drawn by the London 2012 Olympics committee. In May 2011, we also reported on a spam campaign that used London 2012 Olympics as bait. In addition, our social engineering e-guide mentions seasons and events as jump off points used by crooks. Online deals that look like they’re too good to be true, suspicious email messages promoting great but non-existent offers are also some of the tools used to lure users. All these tactics may lead to you inadvertently giving out your personal information, or for malware to be downloaded on your computer.
Your personal information is not worth the risk of a chance to win a non-existent chance to win a lottery. Before clicking on that email link, investigate.
Leave a reply