Contributed by George Mack, Content Marketing Manager, Check Point Software.

The 2022 FIFA World Cup is possibly the biggest spectacle of the year. With an expected viewership of over 1 billion viewers, hackers see this as the opportunity of a lifetime to scam their way into victims’ bank accounts or steal personal information.

All major events, especially the World Cup, will experience a major increase in cybercrime targeting unsuspecting followers and fans. And it’s the fans whom are the main target of hackers.

There are three main attack vectors through which hackers target their victims: emails, apps, and websites. Many hackers create fake, fraudulent websites, apps, or emails that will appear official and target the victims’ financial information, credentials, and passwords – infecting their computer or smartphone with malware.

According to one report, researchers found over 50 social media accounts, 40 malicious apps, 130 pages, and over 16,000 domains created with the intent to scam users.

To coax users into sharing their personal or credit card information for fake tickets, scammers use social media pages that lead victims over to WhatsApp or Facebook Messenger. Once the target is in the chat, the scammer pressures the victim into buying fake tickets.

In addition to tickets, threat actors are using the allure of free merchandise to rope in their victims – setting up fake websites that sell said merchandise.

However, what’s the most efficient way for hackers to target their victims? World Cup-related phishing emails.

Here are a few examples of phishing emails one may expect:

  • Emails impersonating a team manager, linking to a fake payment confirmation phishing URL
  • Fake FIFA helpdesk emails warning about multifactor authentication deactivation
  • False emails warning buyers of a payment issue from the ticketing office
  • Spoofed emails from Snoonu, the official food delivery partner of the World Cup, pretending to offer tickets to people who register

These attacks are expected to continue through the beginning of 2023. To increase the appearance of legitimacy, these phishing emails may incorporate real details of league staff and team managers.

Jeremy Fuchs, a cyber security research analyst at Avanan, noted that hackers are using a variety of angles to entice victims into clicking on the links. “One common thread is related to betting on the World Cup, trying to entice end-users to wager. Instead, the email and resulting link steals credentials,” Jeremy said.

Here is one example. This page’s goal is to trick users to click on the Login button.

Phishing website targeting FIFA Employees | Source: Avanan

Below is another example. Fortunately, for most users, it’s easier to spot as a fake and as there is a ton of irrelevant information wrapped up in this unaesthetic design.

Phishing website promoting a fake lottery | Source: Avanan

The best way to protect yourself from any FIFA-related scam is to recognize what a phishing attempt looks like. Don’t rely too much on technology to protect yourself from cyberattacks. The best defense starts with you. Finally, consider using a robust email security solution.

For more information, visit Avanan. Lastly, to receive more cutting-edge cyber security news,  best practices and analyses, please sign up for the CyberTalk.org newsletter.