LONDON: Fans and businesses taking part in this year’s FIFA World Cup in Qatar have been warned about being targeted by cybercriminals.
Experts anticipate an increase in the number of scams and similar crimes in the weeks leading up to the tournament, due to start on Nov. 20.
“There has been an increase in malicious online scams and phishing campaigns around international sporting events in recent years,” said Henry Wilkinson, chief intelligence officer at security intelligence firm Dragonfly.
“Given the global popularity of the FIFA World Cup and the high demand for tickets and travel, cyber criminals will probably pursue similar activities over the next few months,” Wilkinson added.
He noted that “there has already been a spike in newly-registered websites impersonating the FIFA 2022 World Cup page, showing that phishing campaigns are already up and running.
“We expect this to increase in the coming months ... we expect phishing campaigns to revolve around the sale of tickets, travel and accommodation at ‘discounted’ prices ... the installation of fake World Cup-related apps, malicious links offering promotional deals and illegal football streaming sites embedded with malware.”
While fans may be the target of accommodation and travel-related frauds, Wilkinson warns that companies may be subject to more sophisticated threats with the biggest risk presented by cyber attackers attempting to steal customer data in return for money.
“For businesses, we expect online threats to be much more sophisticated, especially for hotel, aviation and technology firms given their importance to the logistical success of the event. These companies hold large amounts of customer data, and will therefore be perceived as financially-lucrative targets by cybercriminal groups,” Wilkinson said.
“These groups are increasingly using coercive methods to extract payments from businesses. For example, cyber groups such as LockBit encrypt and disrupt access to victim’s systems, and then threaten to publish sensitive company information online (known as double-extortion). Businesses involved with the logistics of the Qatar World Cup should watch out for, and prepare for, cyber attacks in the coming months,” he added.
Emad Fahmy, systems engineering manager for the Middle East at cybersecurity firm NETSCOUT, suggested a number of ways fans can mitigate the risk of cybercrime including avoiding clicking on suspicious emails or website links and always use the most recent versions of web browsers.
“Organizations that are involved in these events should assume additional responsibility in developing and operating the necessary security to create a more secure software system,” said Fahmy.
“There is no better way to mitigate cyberattacks (during) such prominent events than to first thoroughly understand them,” he added.
The tournament, regarded as one of the most important events on the global sporting calendar, will draw millions of visitors from all over the world to Qatar with billions of people across the globe expected to watch the 64 games of the tournament on television.
According to FIFA, almost 2.5 million match tickets have been sold so far, with roughly 500,000 still available, which will go on sale in late September.
Saudi Arabian and UAE fans are among the top ten for number of ticket-holders of this edition, being held for the first time in a Middle East country.