Red football with Qatar 2022 written on it

Phishing Attacks Against Arab Countries Are on The Rise in The Roll to The World Cup

Last month, just before the World Cup kicked off in Qatar, countries in the Middle East saw a two-fold increase in email-based phishing attacks. According to The Record, several of the emails spoof the FIFA support desk and booking office, along with team divisions and management.

Cybercriminals have been also targeting those working on the worldwide football event with phishing attacks to harvest for vital passwords and data.

Research by Trellix claims that announcements of FIFA bans and the faking of World Cup food delivery partner Snoonu were also part of email-based phishing attacks that took advantage of the tournament.

According to Daksh Kapur, a research scientist at Trellix:

It is common practice for attackers to utilise important and popular events as a part of social engineering tactics and particularly target organisations which are related to the event as they are far more promising victims for an attack. The aim of such attacks can be anything from financial fraud, credential harvesting and data exfiltration to surveillance and damage to the country’s and organisation’s reputation.

Most Common Phishing Attacks Techniques used in Arab Countries

Below are the top five malware variants detected targeting Middle Eastern nations have with the largest victim base. These malware outbreaks are often designed to steal sensitive data, passwords, or to obtain unauthorized access to a computer.

top 5 malware variants that target Arab countries
Top 5 malware variants that target Arab countries (Trellix)

An increase in World Cup-related phishing emails in a number of different languages has been reported, according to Jeremy Fuchs, an analyst for cybersecurity research at Avanan.

One common thread is related to betting on the World Cup, trying to entice end-users to wager. Instead, the email and resulting link steals credentials.

According to Daniel Clemens, CEO of cybersecurity company ShadowDragon, the cyber risk posed by the World Cup is like that faced by any major international event, like as the Olympics.

Phishing and activity associated with these events are continually on the rise. Ever since it was announced, playing the World Cup in Qatar has been a sensitive political issue. The gathering provides additional material and feed for spammers and phishing scams.

There are people advertising that they are buying or selling tickets for the 2022 FIFA World Cup on dark web. BeIN CONNECT, a state-owned international sport and entertainment network with its headquarters in Doha, Qatar, was the target of a sharing of two users’ potentially hacked login information that included the message “SAVE FOR WORLD CUP.”

An offer for the 2022 FIFA World Cup tickets on a dark web
An offer for the 2022 FIFA World Cup tickets on a dark web (Recorded Future)

According to Research Scientist Sparsh Jain from Trellix:

As the much-awaited football tournament gets underway, cybercriminals are expected to leverage every opportunity they get to capitalise on news trends, ticket demands, human errors due to the busy schedule and more to deliver a cyberattack. We expect these attacks to continue through January 2023 and would advise everyone to stay vigilant of any attack vectors. The organisations which are related to the event are recommended to stay extra-vigilant as they would be the most promising targets for such attacks.

During the FIFA World Cup in 2022, Qatar is expected to see a significant physical security danger and phishing attacks. Iran, China, and Russia focus and promote bilateral ties with Qatar through debate, while the US, UK, France, Italy, Turkey, and other nations are giving Qatar physical security support for the competition.

Help your colleagues keep a security-first mindset and boost your human firewall by starting your Phishing Tackle security awareness training today with our two-week free trial.

Recent posts