"Experts Find 16,000+ Scam FIFA World Cup Domains"

Security researchers at Group-IB have warned of a deluge of phishing scams, fake apps, and malicious merchandising sites spoofing the branding of the FIFA World Cup in Qatar to target football fans.  The researchers tracked over 16,000 scam domains and 40 malicious apps in the Google Play store that were using FIFA World Cup 2022 branding to lure users.  The researchers stated that scammers are using a range of tactics to part football fans from their money, personal information, and credentials.  They’ve launched fake merchandising sites and spoofed ticketing sites designed to harvest money and/or bank details from victims.  The researchers noted that in both cases, social media marketplace ads and malicious social media accounts help to direct traffic to the fake sites.  The researchers said that the fake apps are set up to do a similar job, stealing banking and account credentials by promising access to purchase tickets.  In other cases, scam job sites have been set up using the World Cup as a lure to steal victims’ personal data.  The researchers spotted at least five of these, using keywords such as “job” and “Qatar” and driving traffic to the sites from over 30 specially designed social media pages.  The researchers stated that another tactic to obtain personal information is to create fake surveys impersonating major brands, as well as the World Cup itself.  These promise a gift for filling out the form with personal information and phone numbers.  Victims are also often asked to share a link to the scam on WhatsApp.  The researchers identified more than 16,000 of these fake surveys.  The security company also revealed that over 90 users of the official fan ID app, Hayya, had their accounts hijacked after passwords were lifted via commodity info-stealing malware such as RedLine and Erbium.

Infosecurity reports: "Experts Find 16,000+ Scam FIFA World Cup Domains"