For football enthusiasts, the FIFA World Cup Qatar 2022TM, which begins on November 20, is the most anticipated sporting event of 2022. Along with thrilling millions of fans across the world, it has also piqued the curiosity of cyber criminals trying to earn quick cash.
Kaspersky specialists have examined World Cup-related phishing websites from around the world that are intended to steal users’ identifying and financial information to have a better understanding of how criminals are attempting to capitalize on football fans’ passion. Researchers from Kaspersky have uncovered a variety of freebies and NFT scams that take advantage of the World Cup, as well as phony pages advertising anything from tickets or event merchandise to match streaming services.
World Cup ticket scams
The most common viral bait used to entice victims at big international sporting events, like this World Cup, is bogus tickets. Furthermore, Qatar 2022 solely sells digital tickets, which raises the possibility of coming across harmful materials. Numerous phishing pages purporting to acquire tickets for FIFA games have been found by Kaspersky specialists. Users will undoubtedly lose money, financial information, and personal information. Scammers may begin utilizing the data they have obtained for other activities or sell it on the Dark Web.
NFT and crypto scams
The active proliferation of numerous crypto frauds, which primarily take advantage of the popularity of NFTs, has been a defining characteristic of the threat environment in the run-up to the 2022 World Cup.
Some give the chance to wager on a game and earn cryptocurrencies, while others offer the chance to win NFT artwork that is relevant to all countries.To transfer the “prize,” the user only needs to input their crypto wallet’s credentials.
Scammers have access to all funds and linked wallet information in such a situation.
A shining example of a shady investment is the cryptocurrency investment scam scheme. Real coins are actively created by fraudsters, who then actively persuade a victim to invest in them by promising the victim prospective financial development. Such efforts nearly never succeed in real life because consumers have invested money in ideas that will never materialize.
A major public event would not be complete without scammers faking incredibly substantial gifts. Additionally, Kaspersky investigators discovered phishing pages promising to give away two World Cup tickets. This is highly popular since typically every user is a “lucky” winner, and those who are picked merely have to pay a delivery cost.
Accommodations and Flights
The 2022 World Cup will also include several offline activities with live viewers, involving thousands of travelers in Qatar, due to pandemic-imposed restrictions, something fraudsters have not missed. Numerous phishing pages impersonating airline websites and selling tickets to Doha have been discovered by Kaspersky scientists. The examined homepage exhibits all the telltale indicators of a fraud, including a polished appearance, incorrect spelling, a recently registered domain, and restricted site functionality. Despite the fact that the website resembles a worldwide airfare aggregator, the user may only select Qatar from the list of destination nations. The victim is given the option to add personal information along with ID and credit information once the flight details have been provided.
Major sporting events often get the eye of hackers. Scammers were quite inventive with this World Cup, as we have seen a number of fraudulent tactics being used. We see their attempts to take advantage of the circumstance and capitalize on as many current events as they can, including the rising number of World Cup-related NFT frauds. In addition, there are several more conventional frauds out there, ranging from retail businesses to fraudulent tickets and prizes. These simple yet successful strategies are the reason why such phony pages are always present during significant events. We advise users to be wary of offers that appear too good to be true and to thoroughly verify the authenticity of any messages they receive.
By using phony FIFA-related retail stores, customers’ data can also be stolen. While the offer of a T-shirt from your favorite club, phone covers with well-known players, or autographed soccer balls may seem appealing, after providing your info and sending money to complete the transaction, customers instead lose their money to scammers.
How to avoid the scams at the 2022 Qatar World Cup.
Kaspersky suggests the following for consumers to do to prevent falling for a scam:
- Checking the URL first will make clicking safe. To preview the URL, hover over it and check for typos or other issues.
- It’s best to avoid clicking any links in emails altogether. You can also open a new tab or window and manually type the URL of your bank or other location.
- Think about the type of data being sought.Legitimate businesses won’t randomly email you asking for sensitive information like your social security number, banking or credit card information, etc.
- In general, you should exercise care when responding to unsolicited messages asking you to “check account data” or “update your account information.”
- Use a trustworthy security program that can spot harmful attachments and stop phishing websites, such as Kaspersky.
- A grammar and spelling check is a good technique to spot a con artistGrammar mistakes and typos raise red flags. Strange wording or syntax is also unacceptable, which may happen as a result of the email being translated multiple times by the translator.
Distributed by APO Group on behalf of Kaspersky