Phishing emails themed around Qatar World Cup 2022 target Middle East

Phishing attempts themed around the World Cup in Qatar had increased by 100 percent in the last one month as per Trellix.

The email-based cyber threat increased between September and October, with double the volume of malicious emails being detected.

Threat actors and malicious entities used the FIFA and other football specific subject lines, themes and content to lure the recipients.

Look at the world cup themed phishing campaigns

For example, in one of the emails, the email was designed in such a way that it is from the FIFA transfer matching system (TMS) helpdesk with a fake alert stating that the user’s 2FA had been disabled. If the user clicks the link, it will direct the user to an attacker-controlled website with malicious phished page allowing the threat actors to steal the credentials.

In another case, an email impersonated David Firisua, Auckland City FC’s team manager asking for confirmation on a FIFA payment.

The third case had a similar impersonation of FIFA ticketing office for urgent resolution on a payment issue by clicking a malicious HTML attachment.

Trellix also found copies on Snoonu, food delivery partner of World Cup, with malicious attachment mentioning free match tickets. Trellix mentioned that it is a common practice for hackers to use popular events for phishing and social engineering attacks.

Additionally, several FIFA look alike websites and pages were created and spoofed, targeting phishing with several phishing kit with ajax request instead of form action tags or with the Base64 encoded.

Phishing campaigns supported by malware threats

Furthermore, five malware have been identified targeting the Middle Eastern Countries, including Emotet, Formbook, Qakbot, QaudAgent and Remcos as per Trellix researchers. The researchers predict that the phishing campaign targeting the World Cup 2022 will continue into Jan 2023 and the Middle East will be the sweet spot for targeted attacks.

Take extra caution while opening emails themed around the World Cup and ensure they are from the legitimate source.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.

Phishing emails themed around Qatar World Cup 2022 target Middle East

Phishing attempts themed around the World Cup in Qatar had increased by 100 percent in the last one month as per Trellix.

The email-based cyber threat increased between September and October, with double the volume of malicious emails being detected. Threat actors and malicious entities used the FIFA and other football specific subject lines, themes and content to lure the recipients.

Look at the world cup themed phishing campaigns

For example, in one of the emails, the email was designed in such a way that it is from the FIFA transfer matching system (TMS) helpdesk with a fake alert stating that the user’s 2FA had been disabled. If the user clicks the link, it will direct the user to an attacker-controlled website with malicious phished page allowing the threat actors to steal the credentials.

In another case, an email impersonated David Firisua, Auckland City FC’s team manager asking for confirmation on a FIFA payment. The third case had a similar impersonation of FIFA ticketing office for urgent resolution on a payment issue by clicking a malicious HTML attachment.

Trellix also found copies on Snoonu, food delivery partner of World Cup, with malicious attachment mentioning free match tickets. Trellix mentioned that it is a common practice for hackers to use popular events for phishing and social engineering attacks.

Additionally, several FIFA look alike websites and pages were created and spoofed, targeting phishing with several phishing kit with ajax request instead of form action tags or with the Base64 encoded.

Phishing campaigns supported by malware threats

Furthermore, five malware have been identified targeting the Middle Eastern Countries, including Emotet, Formbook, Qakbot, QaudAgent and Remcos as per Trellix researchers. The researchers predict that the phishing campaign targeting the World Cup 2022 will continue into Jan 2023 and the Middle East will be the sweet spot for targeted attacks.

Take extra caution while opening emails themed around the World Cup and ensure they are from the legitimate source.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.