Security Expert On Threat Actors Targeting FIFA World Cup Fans

By   ISBuzz Team
Writer , Information Security Buzz | Dec 01, 2022 07:54 am PST

Threat actors are seeking to capitalize on or gain interest in their cause with assaults meant to draw unwitting people who may be more preoccupied with supporting their favorite teams than cybersecurity as the sporting world turns its attention to Doha for the FIFA World Cup in 2022.

According to a recent analysis from contextual artificial intelligence company CloudSEK. Which examines the numerous dangers intended for fans and organizations with World Cup-themed assaults and strategies. According to the data, there were 100 million and 2.3 million attacks per day. The Tournament and the Paralympics in 2018, respectively.

A photograph of a Telegram channel selling bogus tickets. Cybercriminals with a financial incentive have turned to selling bogus Hayya cards (FIFA admission cards) game tickets, and even using credit cards that have been stolen to book travel and housing for the match.

According to CloudSEK research, some Telegram channels sell fraudulent Hayya cards and only accept payment in Bitcoin. These channels also demand that purchasers provide a legitimate identity.

Scammers are offering “World Cup Coin” and “World Cup Token” due to the fact that the Online version is an official partner and Alibaba has worked with well-known soccer player Ronaldo to market NFTs with a soccer theme

A screenshot of CloudSEK’s report on risks related to the FIFA World Cup shows a hacktivist threatening to use a DDoS assault to take down a site in Qatar.

Hacktivist organizations are utilizing the month-long protest to mobilize their supporters and partners to boycott the Doha FIFA World Cup in 2022. Hacktivists frequently posted evidence of their DDoS attacks against Qatari websites on social media.

The Asia AI security company advises fans to only buy from official websites. And to be skeptical of offers that appear too to be true.

It also advises using network services and services like Cloudflare to prevent DDoS assaults. As well as keeping an eye out in live time for knockdowns of phishing websites, and imitation social network pages.

In a press release, a CloudSEK researcher stated that “cybercriminals have co-opted. The imbalance between demand and supply of the World Cup. Match tickets, travel tickets, hotels, mementos, etc., to swindle fans and enthusiasts.” “Users should limit their transactions to official mobile apps and websites despite the alluring offers and lures. Additionally, organizations that support FIFA should strengthen their security measures and keep abreast of the strategies used by threat actors.”.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Joe Gallop
Joe Gallop , Manager of Intelligent Analysis
December 1, 2022 4:18 pm

Fans around the world have been eagerly awaiting soccer’s biggest event since 2018, but cybercriminals have used the global fanfare to take advantage of audiences with scams. Cybercriminals seek to use the World Cup’s global forum to achieve a variety of ends, including financial gain, ideological promotion or surveillance or cyberespionage purposes. Phishing, as a threat vector, targets the habits, concerns, and interests of humans. Any issue currently making waves on social media is a lure option for the phishers, since it’s safe to assume that a significant percentage of the population is aware of it and potentially interested or even concerned about it. The World Cup is no exception.

Threat actors will unfortunately use PII to expose victims to future fraud and scams. It is critical to note that, even when conducting phishing campaigns that take advantage of a massive event like the World Cup, threat actors may often simply add that theme to others that are tried and true. The themes of account verification, overdue payment/invoice, and order confirmation are very common within phishing campaigns, and the majority of phishers won’t switch entirely from those extremely broad themes to a more narrow sporting theme just for the period in which the World Cup holds attention. By combining the two, however, a threat actor can attempt to get the best of both worlds, playing on fans’ interest while still forcing a sense of urgency. Doing so probably reduces their potential victim pool, but also might increase the likelihood of success against particular users. Users should always be wary of unexpected emails that request payment or personal information.

As phishing campaigns continue to become increasingly common, it is essential that the necessary steps are taken to protect inboxes, detect threats, and respond to attack. Adopting actionable intelligence that gives visibility into the risk factors in your network and immediately and decisively responses to phishing threats will help keep malicious actors at bay and ensure the protection of sensitive data.

Last edited 1 year ago by joe.gallop

Recent Posts

Would love your thoughts, please comment.x