As many of you already know, the 2014 FIFA World Cup kicked off in Brazil on June 12th and goes through July 13th. The World Cup features the top 32 National teams competing on the World stage. Before and after all my son’s Father’s Day weekend tournament games, everyone’s conversations centered around the 2014 FIFA World Cup: “How do you think the USA will fair in their first match against Ghana?”, “Will the United States make it out of Bracket G?”, “Where’s everyone meeting for the England vs. Italy game?”, and the questions continued. However, as I continued to overhear conversations at the fields pertaining to searching the latest cool soccer video’s online (ie. Nike: Risk Everything) and people’s plans to watch a certain match at a bar while live streaming another match, my internal Security Feelers got a bad vibe. As a security expert I became concerned.
Cyber-criminals are notorious for exploiting world events and world news and trying to capitalize on them. The 2014 World Cup provides them a perfect opportunity to achieve their goals. With all 64 matches being broadcasted and getting streamed to mobile devices, the World Cup will generate a huge audience with many people checking the latest scores and schedules on their smart phones and tablets.
With World Cup hysteria now well underway, I have compiled a few areas for you to proceed with caution in order to help prevent cyber attackers from scoring on you.
Live streaming of match games – If you are streaming the matches live from your smartphone, tablet or other mobile device while at a restaurant, bar or another public venue, it is recommended that you verify the network connection name. Hackers will setup fake Wi-Fi networks to attract unknowing users. Additionally, use extreme caution when searching for streaming websites that are carrying the soccer matches, as cybercriminals often utilize an old technique called Search Engine Optimization Poisoning to get their malicious pages on top of search pages. A quick search on Google for 2014 FIFA World Cup live streaming websites resulted in over a thousand pages. Here’s a tip from your Uncle Steve: they are NOT all legitimate!
Be wary of World Cup themed e-mails – Only open attachments coming from a trusted source. Resist the temptation to open emails claiming you won free tickets to a World Cup game in Brazil or clicking on embedded links promising insider information on Team USA or never-before-seen footage of Messi, Ronaldo or the Brazilian star Neymar. Here in our Thirtyseven4 Security labs, we are noticing daily increases in emails targeting soccer fans around the World. Such emails include phishing style emails requesting online payment for streamed games and insider information on player and team stats, etc. Another observed phishing email claimed the system was infected due to the World Cup and the only way to clean it was installing a noted piece of software.
Downloading World Cup apps – Currently there are thousands of apps available in Google Play that center around the World Cup. Apps include wallpaper of your favorite National Team or player, ringtones (imagine every incoming call producing the famous “GOOOOAAALLLLLLLL!!!” shout), games, live streaming apps, apps with player statistics, etc. There are also thousands of apps being distributed outside of Google Play, and Thirtyseven4 has already updated for many malicious World Cup themed apps. These malicious apps have been observed to have the capability to push unwanted advertisements, charge high premium service fees to the user, retrieve passwords and abuse stolen user information.
In a World where we have enough differences, it’s enjoyable to have something like the World Cup to discuss and get excited about on a common level. Sports provide camaraderie, unity and sometimes hope, to the teams involved and also those involved with the teams. I say: cheer for the Goalie when he saves that shot; wince for the player that gets that nasty injury, but don’t “Risk Everything” to do so. Nike’s FIFA commercial entitled “Risk Everything” is a must-see, but it also provides an irony that I urge you to be aware of before falling prey to.
Play it smart with 2014 FIFA World Cup coverage and online hoopla related to it. Don’t “Risk Everything” by failing to be diligent to basic online guidelines that you already know. Like an expert player: be alert, aware, and stay on your toes!