Fraudsters offer users to enter personal information to participate in the prize draw.
Symantec discovered several phishing sites that are presented to users in the guise of web-sites popular Brazilian financial services company that provides credit and debit cards. Web-sites are filled with images of popular Brazilian soccer players, as well as the logo of the World Cup.
Users to phishing pages offer some prizes, for participate you must register. After completing the form, the user is notified of successful registration, and all data sent to the attacker’s server.
The registration form is provided to define a name, social security number, date of birth, email address and password, and credit card information, including card number and PIN-code.
Notify Symantec can be found here.
