Tuesday, May 31, 2011

Fake Lotto for Indian Premier League

There has been yet another spam attack on the widely followed game of cricket. Earlier this year, Symantec reported about a spam attack that targeted the Cricket World Cup. It is now time for the Indian Premier League (IPL). With the playoffs in progress and the grand finale just two matches away, it is not surprising to see spammers trying to make the best of it.

We have observed IPL scam, in the wild, promoting an IPL lottery. Were the IPL honchos promoting a sweepstake of this sort?  We did our research and the answer is no.  So, where did this offer come from?  We investigated further and found that it was from a compromised machine from the suburbs of Mumbai, India.

Below is the spam sample:


So what is this scam all about? Our analysis found out that it comes from a fake “IndianPremier League Fiduciary Agentclaim department” and speaks about a whooping amount of “(Rs/-56,80,708.00) Fifty Six Lacs Eighty Thousand Seven Hundred and Eight India Rupees”.  What does a user have to do to get this coveted cheque/demand draft? As is customary with such scams, there is a list of information that needs to be provided along with personal details such as:
·         Full name
·         Date of birth
·         Present contact address
·         Email address
·         Mobile number

Ironically, there is a security warning included in the offer: “For Security reasons, you are advised to keep your winning information CONFIDENTIAL to avoid double claim or impersonation”.
All this together makes for a perfect IPL sweepstake scam!  This scam attack is targeted at the cricket-crazy population in India. We advise our readers to follow general security and safety policies and to not reply to such scam emails.

Thanks to Christopher Mendes for the contribution of this blog.

By: Samir Patil