Formula 1 racing and the Maldives are hot topics – for spammers

Photo credit: Jaggat/
Photo credit: Jaggat/

Samir Patel, a Symantec researcher, said that sporting events are always popular among the spammers, with Formula 1 – a game of speed, thrill, and action – being no exception.

"In the past we have seen spam messages ranging from cheap and/or fake game tickets to phishing around almost all major sporting events", he wrote in his latest security posting, adding that the F1 Grand Prix currently being held in Abu Dhabi falls in line with this trend.

"Although the winner of the 2011 World Championship has already been decided by the last few races, this event is important because it is near the end of the 2011 season and the drivers will be scoring vital points to retain their positions", he noted.

In view of the interest, spammers are offering free tickets – including a private table, champagne, canapé reception and open bar – for the venue.

Fellow researcher Mathew Maniyara, meanwhile, said that spammers are apparently also promoting a fake application called the Maldavian App.

Rather than being a pure spam, however, the Symantec researcher said that this is a phishing attack pointing recipients to a phishing site hosted on a free web hosting domain.

The phishing site, he added, contains an image with details about the application and included a form for web users to enter login credentials.

"The image presents a ribbon in the tricolors of the Maldivian flag accentuated with the logo of a social networking brand and a Maldivian flag t-shirt. A prominent description of the application boasts that, after logging in, users would receive 'cool news' about the Maldives", he wrote in his latest security posting.

However, after internet users enter their logon credentials to one of several social networking sites, they redirected to a page that displays the message 'You are connected', and nothing else.

The page, he said, does not offer anything additional to the user.

"If you fell victim to the phishing site by entering your login credentials, phishers would have successfully stolen your confidential login information for identity theft purposes", he explained.

What’s hot on Infosecurity Magazine?