Italian football giants Lazio hit by spear phishing with a lookalike domain name

Dutch club Feyenoord left two million short

De Telegraaf recently reported that Dutch football club Feyenoord was two million euros out of pocket following Stefan de Vrij's switch to Lazio of Rome in 2014. The reason: spear phishing with a lookalike domain name. The Italians received an e-mail faked to look as if it came from Feyenoord. They paid up as requested, and neither club has seen a cent of the money since.

In 2014, Stefan de Vrij moved from Rotterdam's Feyenoord to Lazio of Rome for a fee totalling 8.5 million euros. When Lazio received a request to make an interim payment of two million, they fully assumed it came from Feyenoord. So they paid up promptly, little knowing that it was all a scam. The case remains under investigation by the Italian authorities.

Spear phishing

However, it looks very much as if Lazio were the victims of 'spear phishing'. Unlike ordinary phishing, which involves casting a very wide net, spear phishing is carefully targeted. Convincing forgeries are used to trick selected people or organisations. In many cases, the scammers tailor their approach to the victim using 'social engineering' techniques, with realistic, personalised messages and websites. By making themselves extremely credible, the hackers are able to lure top managers and finance directors into clicking links to fake websites and opening infected attachments. The Lazio case revolved around a financial transaction, but similar scams are used to get hold of intellectual property, commercially sensitive data, military secrets and other confidential information.

How can you protect yourself?

More and more companies are falling victim to (spear) phishing and identity fraud. So how can you make sure that you aren't next? "It's always best to check a sender's e-mail address," says SIDN's Product Manager Pim Pastoors. "Does it contain the real organisation's name, spelled the right way? Does it have the right national extension at the end? Compare it with the domain name used in the real company's corporate communications. If in doubt, call the company on a number you haven't got from the e-mail to make sure the correspondence is genuine."

Active monitoring

Having to wait years for full payment is bad enough, of course. But the incident might yet have further implications. Clearly, there are scammers out there willing and able to pretend that they are Feyenoord. Having already tricked one of Italy's biggest clubs, what will they try next? A scam aimed at supporters, maybe? That kind of thing could do untold damage to the club's brand and reputation. Feyenoord would therefore be well advised to actively protect its brand name against malicious domain registrations. Our Domain Name Surveillance Service is ideal for that. It's a system that flags up registrations similar to your domain name and/or brand name. Built-in risk profiling and indicative classification make it quick and easy to decide whether a registration is a potential threat. "The service has to make sense for any company with a strong brand identity," says Pastoors.



Pim Pastoors


+31 6 570 454 07

  • Monday 25 June 2018

    About SIDN

    Blockchain technology set to bring transparency to the music industry


    Support from SIDN Fund enables IBT Music to make a difference

    Read more
  • Monday 25 March 2019

    About SIDN

    Register for IDnext 2019


    The number-one digital identities event

    Read more
  • Monday 12 March 2018


    Know what you're collecting!

    The General Data Protection Regulation has implications for the domain name industry

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.