Risk: Low
A new Trojan has started to circulate, masquerading as a World Cup wallchart. The worm is circulating through a spam email that contains a link that purportedly downloads a free wallchart, but actually installs a program onto the user's PC to enable an attacker to gain remote access.
So far, the emails seen have only been written in German, but it may be that as World Cup fever ensues, the Trojan could spread further. Football fans will be eager to follow their country's progress as closely as possible, and this new method of spreading Trojans may take some supporters by surprise. After all, people are getting wise to pornographic attachments and lottery scams and may not suspect that an email about the World Cup would be malicious.
Previous football-related malicious attacks were seen in 1998, 2002 and 2005. Before the 1998 World Cup started, an email encouraging recipients to bet on the team that they thought would win circulated; if that team wasn't the winner, a virus would be triggered that would delete everything on an infected PC's hard drive. VBS/Chick-F was a 2002 scam that appeared to offer access to the latest World Cup scores, but when an email attachment was opened, the worm spread by sending itself to all users in the victim's Outlook address book. In 2005, the Sober-N worm was seen in a variety of guises in over 40 countries. One variant of the worm was an email offering its recipients free tickets for the 2006 World Cup. It then spread by sending itself to all users in an infected PC's address book and disabled anti-virus programs.
There is also a low risk virus doing the rounds in the similar guise of a fantasy football Excel spreadsheet. Yagnuul-A transfers an infected file onto a user's PC but is not thought to be of a significant threat, as it first appeared a day after the Premiership season ended.