March Madness nearing, but cyberthreats already here

Share this article:
Sports fans might be eager for March Madness to begin later this week, but for cybercriminals, the games already have begun.

A number of security firms already have spotted attacks that target fans of the annual NCAA men's college basketball tournament, which kicks off Thursday afternoon EST.

Cybercriminals are poisoning top Google search results related to March Madness to lure users into visiting fake anti-virus sites, Stephan Chenette, manager of security research at security firm Websense told SCMagazineUS.com Tuesday. Attackers are using deceptive search engine optimization (SEO) to get their malicious sites to the top of results on Google and other search engines, Chenette said.

Searches for “March Madness schedule,” “March Madness brackets,” and “2009 NCAA bracket predictions” have been poisoned, Chenette said. The malicious sites fall in the top ten search results, and have been as high up as the first result.

in most instances, when users follow a poisoned search link, they are directed to a fake anti-virus site, where they are told their computer is infected and they should download a rogue program. However, they actually end up installing a fake solution that, at some point, will prompt them for money, Chanette said.

“Users are warned to be very cautious when clicking on any March Madness hyperlinks,” Chanette said. “Even Google search results should be clicked on with caution.”

Attackers also are using automated software to post comments on sports blogs, which actually contain links to spam websites, Chanette said. The links typically lead to fake AV or fake video sites where users are told they can watch March Madness videos but need a codec -- which is really a trojan -- to watch, Chanette said.

Spencer Parker, director of product management at web security firm ScanSafe, told SCMagazineUS.com Tuesday that it seems Google appears to be quickly taking down the malicious sites, but users must still be wary.

Parker said that in addition to the attacks taking place, viewing the basketball games -- many of which occur during work hours on Thursday and Friday -- is likely to cause bandwidth issues for companies.

During March Madness last year, traffic to popular college basketball websites such as NCAA.com and CBSSports.com increased more than 10,000 percent, Parker said. Employees will likely view the games via streaming video sites while at work, which, besides slowing employee productivity, can also “severely disable” network performance.

Because of productivity of bandwidth issues, companies may decide to block access to legitimate streaming video sites. As a result, employees then might look elsewhere on the web to watch streaming video – and may find themselves on a malicious site, Mark Parker, senior product manager at security firm Marshal8e6 told SCMagazineUS.com.

“What's the guy who has bet a lot of money on his brackets to do but go elsewhere and find a [video] stream?” Marshal8e6's Parker said. “And he could end up putting his company at risk.”
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Two Russian cybercriminals nabbed in Android malware scheme

Two men were arrested for stealing money from victims' bank accounts after sending malicious emails offering a romantic gift.

TorrentLocker developers patch error

Victims had been able to restore encrypted files without paying a ransom.

Home Depot: breach risks 56M payment cards, 'unique' malware used

Home Depot confirmed that approximately 56 million payment cards may have been compromised as result of a malware attack.