Italian football giants Lazio hit by spear phishing with a lookalike domain name

De Telegraaf recently reported that Dutch football club Feyenoord was two million euros out of pocket following Stefan de Vrij's switch to Lazio of Rome in 2014. The reason: spear phishing with a lookalike domain name. The Italians received an e-mail faked to look as if it came from Feyenoord. They paid up as requested, and neither club has seen a cent of the money since.

In 2014, Stefan de Vrij moved from Rotterdam's Feyenoord to Lazio of Rome for a fee totalling 8.5 million euros. When Lazio received a request to make an interim payment of two million, they fully assumed it came from Feyenoord. So they paid up promptly, little knowing that it was all a scam. The case remains under investigation by the Italian authorities.

Spear phishing

However, it looks very much as if Lazio were the victims of 'spear phishing'. Unlike ordinary phishing, which involves casting a very wide net, spear phishing is carefully targeted. Convincing forgeries are used to trick selected people or organisations. In many cases, the scammers tailor their approach to the victim using 'social engineering' techniques, with realistic, personalised messages and websites. By making themselves extremely credible, the hackers are able to lure top managers and finance directors into clicking links to fake websites and opening infected attachments. The Lazio case revolved around a financial transaction, but similar scams are used to get hold of intellectual property, commercially sensitive data, military secrets and other confidential information.

How can you protect yourself?

More and more companies are falling victim to (spear) phishing and identity fraud. So how can you make sure that you aren't next? "It's always best to check a sender's e-mail address," says SIDN's Product Manager Pim Pastoors. "Does it contain the real organisation's name, spelled the right way? Does it have the right national extension at the end? Compare it with the domain name used in the real company's corporate communications. If in doubt, call the company on a number you haven't got from the e-mail to make sure the correspondence is genuine."

Active monitoring

Having to wait years for full payment is bad enough, of course. But the incident might yet have further implications. Clearly, there are scammers out there willing and able to pretend that they are Feyenoord. Having already tricked one of Italy's biggest clubs, what will they try next? A scam aimed at supporters, maybe? That kind of thing could do untold damage to the club's brand and reputation. Feyenoord would therefore be well advised to actively protect its brand name against malicious domain registrations. Our Domain Name Surveillance Service is ideal for that. It's a system that flags up registrations similar to your domain name and/or brand name. Built-in risk profiling and indicative classification make it quick and easy to decide whether a registration is a potential threat. "The service has to make sense for any company with a strong brand identity," says Pastoors.

Comments

Pim-Pastoors

Pim Pastoors

Productmanager

+31 6 570 454 07

pim.pastoors@sidn.nl

  • Monday 15 April 2019

    About SIDN

    Adjusted opening times during the holidays

    christmas_backgrounds+thumb

    During the holiday period, our opening times will be adjusted.

    Read more
  • Friday 19 April 2019

    About SIDN

    Don't disable IPv6!

    Thumb-close-up-switch-on-off

    It's a quick fix that stores up problems for later

    Read more
  • Monday 8 January 2018

    About SIDN

    Adjusted opening times on Tuesday 9 January

    Thumb-clock-close-up

    You can reach us until 16.00

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.