The hype and popularity of the FIFA World Cup has attracted audiences from across the globe. And this, in turn attracts a variety of cybercriminals, who want to exploit the varied fan following, and the organizations participating, to make a quick buck.
Advanced persistent threat (APT) campaigns, phishing, credit card/cryptocurrency fraud, DDoS attacks, and identity theft are among the threats faced by organizations and audiences, CloudSEK reports. The cybercriminals are motivated by financial gain, ideology, or geo-political affiliations.
Recommendations for FIFA fans
- Buy FIFA tickets and Hayya cards only from the official website.
- Validate the legitimacy of cryptocurrencies before investing in them.
- Don’t avail FIFA related services from Telegram or social media.
- Do not share your PII or banking details with unknown persons or websites.
- Don’t install applications shared via Telegram, social media, or from third-party app stores.
- Review permissions requested by apps and disable permissions that are not necessary for the app’s functionality.
- Be wary of schemes that seem too good to be true.
Recommendations for participating organizations
- User load balancers or services like Cloudflare to avoid DDoS attacks.
- Use a firewall and keep your software updated to the latest version.
- Run awareness campaigns to educate fans and users about legitimate portals and websites.
- Real-time monitoring and takedown of phishing sites, fake apps, and copy-cat social media pages.
- Report the findings to relevant authorities who can take action against the threat actors.
