Hackers violated the official email Contact for the organization of the Belgian Grand Prix (Formula 1) and used it to direct fans to a phishing site promising a 50 euro gift voucher.
The Spa Grand Prix is a race in the World Championship of the Formula 1 held at the Circuit de Spa-Francorchamps in Stavelot, Belgium. This year, the race will be held between 26 and 28 July and those interested can find the tickets via the official website of the event.
According to BleepingComputer, the race organizer reported that the account email of the Grand Prix was compromised on Sunday 17 March and immediately the attacker started sending phishing emails.
See also: Hackers exploit DDP sites for phishing attacks
 και το χρησιμοποίησαν){kind=link}
The email informed the recipients that an offer was being made for a a €50 voucher to buy tickets for the Formula 1 Grand Prix. However, to obtain it, the user would have to open a built-in connector.
The link redirected the user to a fake website that looked like the official Spa Grand Prix portal. There, the victim were called upon to introduce the personal information, including banking data.
The SPA Grand Prix reacted to the situation "within a few hours" and sent a series of Messages to warn fans that it was a phishing email and that they should not click on any links.
The Agency asked the person responsible Security IT to implement additional security measures to prevent a similar incident. On 18 March, a complaint was also lodged with the Belgian cyber police.
See also: New phishing campaign targets the US with NetSupport RAT
At the moment, we do not know how many people received the phishing emails from the compromised Formula 1 Grand Prix account. hackers they managed to hack into some other system besides email. The agency stressed that this incident did not affect its website at "spagrandprix.com" nor the official ticketing system.
“The ongoing criminal investigation should make it possible to determine the causes and circumstances that led to this situation.“, cited from in the organiser's statement. "For the time being, therefore, we must let the courts do their job while respecting the Privacy of the investigation“.
Users who have purchased tickets in the past and are concerned about the possibility of their data being exposed to cyber criminals are advised to contact the SPA GP secretariat.
Fans of the Grand Prix and other similar events should be always wary of the emails they receive. If they receive a email that looks suspicious or unexpected, they should check it carefully before clicking on any link.
See also: Hackers exploit Venmo for phishing attacks
Also, you must always check the sender's email address (in this case the Grand Prix). If the address does not exactly match the official address of the organization, then it is most likely to be a fraud.
Equally important is to attention is paid to the websites one visits. If a website looks suspicious or different from the official website, then personal and banking details should be avoided.
Finally, it's a good idea for fans to use security software on their device. This can help detect and protect against malicious Software and fraud.
Source : www.bleepingcomputer.com