Kaspersky Lab has recently discovered World Cup 2018 phishing scams, with many of the early scams being carried out through emails to bring soccer fans to malicious websites offering the opportunity to purchase tickets for the games.
With tickets for the big matches short in supply, many fans are turning to touts to secure tickets to the big matches. Measures have been taken by FIFA to make it more difficult for ticket touts to operate, such as only permitting one ticket for a game to be bought by any football fan. That person is also named on the ticket. However, it is still possible for individuals to buy tickets for guests and touts are taking advantage. The price for guest tickets is extremely high – up to ten times face value – and that price will likely increase as the event draws closer.
Such high prices mean the chance of snapping up a cheaper ticket may seem too good to miss out on. However, there are a large number of hackers who have registered websites and are pretending to be touts and third parties that have spare tickets.
Buying a ticket through any site other than the official FIFA is very dangerous. The only guarantee is that the price paid will be much higher, but there are no guarantees that a ticket will be given to you after payment is made. Even if a ticket is purchased from an unofficial seller, it may turn out to be a fake. Worse, paying with a credit or debit card could see bank accounts drained.
Kaspersky Lab discovered large numbers of malicious domains developed with phishing pages to take advantage of the rush to buy tickets ahead of the tournament. The websites are often clones of the real site.To add more credibility, domains have been purchased that include the words worldcup2018 and variations of it. Cheap SSL certifications have also been bought, so the fact that a website starts with HTTPS is no guarantee that a site is genuine. Tickets should only be obtained through the official FIFA website.
Many competition-themed World Cup 2018 phishing emails have been also been recorded. These emails are issued in millions offering soccer fans the opportunity to win a free ticket to a match. To be in with a chance, the email recipient must submit their contact details. Those details are then used for further phishing and spamming campaigns. Stage two of the scam, where the ‘lucky’ registrant is advised they have won tickets, includes opening an email attachment, which downloads malware.
Alerts from FIFA and Prizes from FIFA World Cup 2018 Partners
Be careful with any communications from FIFA or any company stating that they are an official World Cup Partner. Kaspersky Lab has discovered many several emails that appear, at first glance, to have been shared by FIFA or its World Cup 2018 partners. These emails normally ask the recipient to update their account for security purposes.
Visa is one brand that is regularly being spoofed in World Cup 2018 phishing emails for obvious reasons. Fake security alerts from Visa require credit card details to be entered on spoofed websites. If any security alert is registered, visit the official website by typing in the official domain into the browser. Do not visit the links included in the emails.
Cheap Travel Accommodation Campaigns
Airline tickets to venue cities hosting World Cup matches may be difficult to find, and with more than 5 million fans expected in Russia for the World Cup, accommodation will be short in supply. Hackers take advantage of the scarcity of flights and accommodation and the high prices being charged and provide cheap deals, usually through spam email. A host of malicious websites have been established mimicking official travel companies and accommodation providers to trick the unwary into disclosing their credit card information. Retail brands are also being spoofed, with offers sent through email for cut price replica shirts and various other World Cup apparel.
These World Cup 2018 phishing scams can normally be identified from the domain name, which needs to be reviewed carefully. These websites are usually clones and are otherwise indistinguishable from the authentic websites.
Avoiding World Cup 2018 Phishing Scams
These are just a few of the World Cup 2018 phishing scams that have been discovered so far and a many more can be expected by the time the World Cup winner is presented the trophy on July 15.
Standard security best practices will allow soccer fans avoid World Cup 2018 phishing scams. Ensure you:
- Only purchase tickets from the actual FIFA website
- Only reserve travel and accommodation from trusted vendors and review the vendors online before making handing over money
- Never purchase products or services advertised in spam email
- Never click on attachments in World Cup-themed emails from unknown senders
- Do not visit hyperlinks in emails from unknown senders
- Never visit a hyperlink until you have reviewed the true domain and avoid visiting shortened URLs
- Ensure all software, such as browsers and plugins, is patched and remains fully up to date
- Ensure anti-virus software is downloaded and is kept up to date
- Think about implementing a third-party spam filtering solution to stop spam and malicious messages from being sent – Something especially important for businesses to prevent employees from being duped into installing malware on workstations.
- Always remain alert – If an offer seems to good to be true, it most likely is too good to be true
