Any significant event is usually (ab)used by cybercriminals that seek to take advantage of people looking for information, tickets, or news.
In less than two weeks, the largest sporting event in the world will begin: The FIFA World Cup 2022. According to official data, the last time it took place (in Russia during 2018), the tournament was followed by nearly 3.6 billion people, and the final match alone was watched by more than 1 billion. Despite the upcoming World Cup being controversially discussed due to human rights abuses in Qatar, it will certainly be followed by a massive audience. Any significant event is usually (ab)used by cybercriminals that try to take advantage of users looking for information, tickets, or news. We have to be ready, and that’s why we'll explore the different types of scams and threats that we’ll eventually have to face, from ticket scams to SEO poisoning, lottery scams, phishing, and malware distribution. We’ve seen this threat at all kinds of events, festivals, and concerts, and the World Cup won’t be an exception. People are susceptible to FOMO (fear of missing out) and scammers will use it against them to offer victims sold-out tickets. This one is easy to avoid: no tickets are sold or resold outside of the FIFA purview, if you want to acquire tickets, go to the official site. Otherwise, don’t say we didn’t warn you. Many people would love to go to see their national team, so it is the perfect time for cybercriminals to organize a lottery offering the opportunity to win flights, hotels and match tickets. If you come across some of this my advice is think the worst and you won't be far wrong. It is true however that there could be legitimate lotteries and usually some research on the Internet will help us find out if that’s the case. The top searchers during the weeks of the tournament will be about matches, results and news around the World Cup. Search engine optimization (SEO) is the technique used to make websites more relevant to search engines and appear on the first page of results to gain clicks and visitors. Cybercriminals have used SEO poisoning for years trying to position their malicious website among the top results to lure victims to visit their pages for different nefarious purposes, from stealing credentials to installing malware. Don’t blindly trust search results and take a look at the URLs before proceeding to click on them. All social networks will be flooded with football content, from TikTok to Facebook. More and more people use social networks as their main source of news, and we can expect some abuse by the bad guys, from spreading misinformation to malicious offers like the ones described above. Expect to get messages via ads or email using news about the World Cup, inciting to click on links or download and run files, all with the aim of stealing your credentials or infecting your devices. Finally, here are some tips that will help you stay safe online during the upcoming event and beyond:Ticket scams
Lottery scams
SEO poisoning
Social networks
Phishing and malware