The FIFA World Cup 2018, currently in full swing in Russia, is a wellspring for cyberthreats, says CyberInt, which provides Managed Detection and Response services to some of the top finance, retail, and telecommunications organizations worldwide.
Applying its outside-in approach, the managed detection and response innovator recently looked at the cyber environment of the annual international soccer tournament and has detected multiple layers of criminal activity including fraud, scams, and targeted attacks.
“A global sports event of this magnitude, much like the PyeongChang 2018 Olympic Winter Games, is always a tempting target for cyber threat actors,” said Amir Ofek, CEO, CyberInt. ”Unfortunately, in the case of FIFA, the criminals raised the bar as expected.”
CyberInt researchers uncovered the following disturbing findings related to FIFA World Cup Russia 2018:
? 797 domains using FIFA-related terminology and identified as registered during June 2018 hosted the following websites including: 175 parked domains, 76 unofficial streaming video sites, 32 unofficial merchandise sites, 12 suspended hosting accounts, 11 gambling sites, and 9 suspicious sites.
? While no specific World Cup phishing links are hitting email boxes, unofficial merchandise, streaming, and gambling sites are often fronts for making fraudulent charges or stealing personal or financial data from unsuspecting victims. So much for finding a bargain.
? Most, if not all, of the video streaming sites are redirecting to suspicious, low-reputation “download” sites that claim to offer access to potentially copyright-infringing content or charge payment cards after a “trial period.”
“Criminals will always try to exploit a major event that attracts thousands, all of whom are viewed as sheep waiting to be fleeced for huge profits. The world’s upcoming biggest sporting event is the 2020 Tokyo Olympic games, and the threat actors are already preparing their grounds and tool sets to attack ticket buyers, fans, and VIPs,” concluded Ofek.
As always, early detection and ongoing monitoring in context enable companies, as well as world sports associations, to be well prepared to mitigate increased cyber threats before they impact their reputations, bottom line and experience.
About CyberInt
Recognized by both Gartner and Forrester as an innovator in securing digital businesses CyberInt’s Managed Detection and Response services allow its customers to combat and respond to advanced cyber threats that would normally go unnoticed by standard security controls - while protecting their brand, digital assets, and customers. CyberInt specializes in looking at all online activities and assets from an attacker’s perspective, enabling it to achieve a comprehensive understanding of what needs to be monitored and safeguarded, and provide safety beyond the perimeter.