Zscaler has issued a warning to football fans looking to watch the World Cup online via streaming sites.
The company’s latest Zscaler TheatLabz (opens in new tab) research found there has been a recent spike in cyber attacks targeting football fans using fake streaming sites and lottery scams, which is “leveraging the rush and excitement around these uncommon events to infect users with malware.”
The study found a recent increase in domain registrations relating to the World Cup, which is to be expected as more companies ramp up their football-related offerings online.
Numerous threats
Following analysis to “weed out hidden offenders”, Zscaler has presented a number of alarming case studies.
Most concerning is the usage of legitimate websites and portals – including Xiaomi, Reddit, OpenSea, and LinkedIn – that are hijacked to post fake streaming links.
This included one example where victims are enticed to visit a malicious site claiming to offer live streaming of the FIFA World Cup 2022 opening ceremony.
However this redirects to a fake streaming site hosted on Blogspot, where users are prompted to create an account for free access to watch the live streaming event, giving away personal information or payment data to the scammers.
Attackers are also targeting users with malicious cracked version of games related to FIFA or football as a whole, including scam sites trying to collect fake ticket fees or steal payment card details.
ThreatLabz also detected a scam where users are offered prize money and airline tickets by Qatar Airways, and another campaign sending fake lottery emails and pretending to be a Qatar FIFA World Cup 2022 lottery committee.
As a whole, the firm suggests that users are wary of promises of match tickets, airline tickets, and themed lottery draws.
Fortunately, the warning doesn’t come without solutions. As well as using authorized vendors and verified sites, Zscaler recommends avoiding downloading any software or games from untrusted sites and being aware of fraudulent emails, which can be checked in a number of ways including verifying the sender domain.
Further safety procedures, like utilizing HTTPS/secure connections, two-factor authentication (2FA), and even setting up a firewall are also advised.
