The FIFA World Cup Qatar 2022 is the most anticipated sporting event of 2022, and it begins on November 20. In addition to enthralling hundreds of millions of fans worldwide, it has piqued the interest of cybercriminals looking to make a quick buck.
Kaspersky experts examined World Cup-related phishing websites from around the world in order to gain a better understanding of how scammers are attempting to monetize football fans’ interest. Kaspersky researchers discovered fake pages offering everything from tickets or event merchandise to match streaming services, as well as numerous giveaways and NFT scams that take advantage of the World Cup.
Fake tickets, as with all major global sporting events, are the most common spread bait used to lure victims, and the World Cup is no exception. Furthermore, Qatar 2022 only provides digital tickets, increasing the risk of encountering malicious resources. Kaspersky experts discovered a slew of phishing sites offering to sell FIFA tickets. Needless to say, users will lose personal information, banking information, and money. Furthermore, scammers may begin using stolen data for other purposes or selling it on the Dark Web.
An example of phishing page
No large public event is complete without impersonators of extremely generous giveaways. Kaspersky experts also discovered phishing pages promising two World Cup tickets. This is quite popular, as each user is usually a ‘lucky’ winner, with the chosen ones only having to pay a delivery fee.
An example of a phishing page offering to win 2 FIFA tickets
Another method for stealing users’ data is through bogus FIFA-related merchandise stores. While the offer of a T-shirt of your favorite team, phone cases with popular players, or signed soccer balls sounds appealing, fans lose their money to fraudsters after entering their data and transferring money to make a purchase.
The active spread of various crypto scams, mostly exploiting the popularity of NFTs, has been a distinguishing feature of the threat landscape on the eve of the 2022 World Cup. Some offer to bet on a match and win cryptocurrency, while others offer to win NFT art from around the world. All the user has to do is enter their crypto wallet credentials, and the ‘prize’ will be transferred directly to them. Scammers gain access to all savings and wallet data in this scenario.
An example of the World Cup related crypto scam
Another scheme is crypto investment fraud is a bright example of a dubious investment. Fraudsters actively create real coins and convince a user to invest in it while promising the victim potential currency growth. In real life, such initiatives are almost never a success as users have spent money on something that will never develop.
An example of the World Cup related NFT scam
Pandemic imposed limitations will also see the 2022 World Cup stage many offline events with live viewers, involving thousands of tourists in Qatar – something scammers have not missed. Kaspersky experts have observed numerous phishing pages imitating airline services offering tickets to Doha. The analyzed webpage shows all the classic signs of scam – nice appearance, wrong spelling, freshly registered domain, and limited functionality of the site. Although the site mimics a global airfare aggregator, the user can only choose Qatar in the list of destination countries. Once flight details are entered, the victim is offered the chance to enter personal data along with ID and credit information.
An example of phishing page offering to buy a plane ticket
‘Major sport events always attract the attention of cybercriminals. With this World Cup, scammers got very creative, as we have observed a variety of fraudulent schemes employed. We see how they are trying to benefit most from the situation and exploit as many trendy topics as possible, including a growing number of NFT scams related to the World Cup. At the same time, there are many so-called traditional scams out there from giveaways and fake tickets to merch stores. These schemes are simple, yet, effective and is why such fraudulent pages are eternal companions of big events. We encourage users to be attentive when they receive offers that seem too good to be true and carefully check the validity of the messages they receive,’ comments Olga Svistunova, a security expert at Kaspersky.
To avoid falling victim to a scam, Kaspersky advises users to: