Dangerous Plays: Web Mining in the World Cup

Worldcup

Just like the Olympics, the FIFA World Cup is a worldwide sporting event that draws millions of fans. From social media to television to print advertising, news of the different tournaments, winners, and events circulates internationally over several weeks. It’s Soccer Fan Heaven. Unfortunately, like any worldwide obsession, this phenomenon can also spawn some rather serious scams. Between increased web activity in general and an influx of wild fans eager for deals, hackers have plenty of opportunities to run their cons, and we have plenty of opportunities to find ourselves seriously compromised. Here’s what to be on the lookout for when dealing with baiting scams.

One of the most popular scams circulating is a variation on the common phishing technique known as “baiting,” which lures people (pun intended) into clicking on a link by offering them a deal or a reward too good to pass up. In order to access whatever amazing offer the baiter is offering, the victim is required to click a link and give away personal information—typically, credit card data. Baiting scams are versatile and can be optimized based on the location or time of year of the hack. In this case, hackers are taking advantage of the World Cup to create specialized phishing emails that claim to offer discounted tickets or giveaways. Soccer fans are understandably intrigued, perhaps to the point that their common sense for matters of information security flies out the window.

Another threat involves infected websites. Along the same lines as clicking on bad links that promise great deals, fans who aren’t being 100% careful might also end up visiting a less-than-savory website in order to stream otherwise unavailable content. According to Kaspersky, these sites can contain web mining that contaminate computers and leave their owners compromised. Along the same lines as baiting attacks, compromised websites feed off of our desire for immediate or inexpensive gratification.

But even if you’re not a die-hard fan looking to scalp tickets or find a back-alley channel to watch the games, you might still be at risk. Increased web traffic in general (something similar happens around the holidays) always increases the likelihood that hackers will be out looking for targets. Malicious pop-ups or emails are likely to be exponentially more common over the next few weeks, leaving even the most innocent user open to attack.

So—how should we avoid these potential attacks? First of all, the usual rules of internet safety still apply. As always, when it comes to emails, clicking on links is a massive no-no—despite how “safe” or legitimate the correspondence might seem. The same goes for visiting shady websites—no matter how appealing the end result might be, or how distant or improbable the risks, the possible results could be catastrophic. Second of all, and excuse the truism, remember as a general rule that any deal or opportunity that seems too good to be true probably is. Human nature is prone to let excitement or desire override our more rational instincts, and, unfortunately, that tendency is usually a hacker’s best friend. But nothing—not even the possibility of being able to conveniently watch the World Cup or even to see an actual game live—ought to cloud our reason when it comes to matters of security. The same rules need to apply even when the possible gains are at their highest.

Third of all, and this is perhaps the most important point, the internet is becoming more and more a wild west of possible threats. Any one of us has only to run a brief internet search on current threats—related to the World Cup or otherwise—to turn up a good number of frightening web mining results. An international soccer match is, in this case, the perfect example of how even a seemingly innocuous cultural event can create a firestorm of potential threats—and it’s exactly the sort of thing that we must be aware of. While it is undoubtedly useful and perhaps even indispensable, the internet is really not our friend. Hackers will take every opportunity they can get to manipulate us into doing something foolish. That being said, the more we understand what’s going on and how we can protect ourselves, the better chance we have of flipping the script and appreciating the good that the internet has to offer while still avoiding the bad. The current threat landscape requires that we keep our wits about us—but if we do that, we ought to be able to navigate it with only minimal and occasional hiccups. So keep your eyes peeled, and—safely—enjoy the game.

What Can You Do?

Learn more about the Anti Phishing Essentials foundation block – part of a Human Firewall 2.0 program:
Get Course Information

GLS Logo

Enjoying our cybersecurity blogs?

Try out our weekly security awareness tips, sent directly
to your inbox.
GLS Logo

Your download is complete!

Need more training?