Contributor: Avdhoot Patil
It seems that targeting football clubs, football celebrities, and football events has become a habit for phishers. They continue their uncivilized activities and in particular single out football. Now, phishers have set their eyes on the Real Madrid Football Club based in Madrid, Spain. Real Madrid is one of the world’s richest football clubs and has a large fan base.
Figure. Fake Facebook phishing page featuring Real Madrid and Cristiano Ronaldo.
As we can see in the figure, the phishing page asks users to enter Facebook login credentials while the page content is designed to highlight the football club. The phishing page is titled “Facebook Real Madrid Login” and the background contains an image of Cristiano Ronaldo, a Real Madrid player. After login credentials are entered, the phishing page redirects to the legitimate Facebook community page for Real Madrid. The purpose of redirecting to a legitimate page is to create the deception of a valid login. If users fall victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes.
Phishers understand that choosing celebrities and football clubs with a huge fan base offers the largest amount of targets that can increase their chances of harvesting user credentials. In June 2013, the trend continued with phishers using the same strategy.
Internet users are advised to follow best practices to avoid phishing attacks: