• Home
    • What is
    • Computer security
      • Windows security
      • Mac security
      • Linux security
    • Mobile security
      • Android security
      • iOS Security
    • Data security
    • SCCM
    • Reviews
      • Case studies
    • Advertise
    • Contact
      • Privacy Policy
  • Subscribe now

    Loading
  • Home
  • What is
  • Computer security
    • Windows security
    • Mac security
    • Linux security
  • Mobile security
    • Android security
    • iOS Security
  • Data security
  • SCCM
  • Reviews
    • Case studies
  • Advertise
  • Contact
    • Privacy Policy
Home » Breaking Computer security Cyber Security data security Device security Latest Cybersecurity News Windows security

Phishing emails themed around Qatar World Cup 2022 target Middle East

John Greenwood Posted On November 22, 2022
0



World Cup 2022

Phishing attempts themed around the World Cup in Qatar had increased by 100 percent in the last one month as per Trellix.

The email-based cyber threat increased between September and October, with double the volume of malicious emails being detected.

World Cup 2022
source: Trellix

Threat actors and malicious entities used the FIFA and other football specific subject lines, themes and content to lure the recipients.

Look at the world cup themed phishing campaigns

For example, in one of the emails, the email was designed in such a way that it is from the FIFA transfer matching system (TMS) helpdesk with a fake alert stating that the user’s 2FA had been disabled. If the user clicks the link, it will direct the user to an attacker-controlled website with malicious phished page allowing the threat actors to steal the credentials.

In another case, an email impersonated David Firisua, Auckland City FC’s team manager asking for confirmation on a FIFA payment.

World Cup 2022
source: Trellix

The third case had a similar impersonation of FIFA ticketing office for urgent resolution on a payment issue by clicking a malicious HTML attachment.

World Cup 2022
source: Trellix

Trellix also found copies on Snoonu, food delivery partner of World Cup, with malicious attachment mentioning free match tickets. Trellix mentioned that it is a common practice for hackers to use popular events for phishing and social engineering attacks.

Additionally, several FIFA look alike websites and pages were created and spoofed, targeting phishing with several phishing kit with ajax request instead of form action tags or with the Base64 encoded.

Phishing campaigns supported by malware threats

Furthermore, five malware have been identified targeting the Middle Eastern Countries, including Emotet, Formbook, Qakbot, QaudAgent and Remcos as per Trellix researchers. The researchers predict that the phishing campaign targeting the World Cup 2022 will continue into Jan 2023 and the Middle East will be the sweet spot for targeted attacks.

Take extra caution while opening emails themed around the World Cup and ensure they are from the legitimate source.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.

Phishing emails themed around Qatar World Cup 2022 target Middle East

Phishing attempts themed around the World Cup in Qatar had increased by 100 percent in the last one month as per Trellix.

The email-based cyber threat increased between September and October, with double the volume of malicious emails being detected. Threat actors and malicious entities used the FIFA and other football specific subject lines, themes and content to lure the recipients.

Look at the world cup themed phishing campaigns

For example, in one of the emails, the email was designed in such a way that it is from the FIFA transfer matching system (TMS) helpdesk with a fake alert stating that the user’s 2FA had been disabled. If the user clicks the link, it will direct the user to an attacker-controlled website with malicious phished page allowing the threat actors to steal the credentials.

In another case, an email impersonated David Firisua, Auckland City FC’s team manager asking for confirmation on a FIFA payment. The third case had a similar impersonation of FIFA ticketing office for urgent resolution on a payment issue by clicking a malicious HTML attachment.

Trellix also found copies on Snoonu, food delivery partner of World Cup, with malicious attachment mentioning free match tickets. Trellix mentioned that it is a common practice for hackers to use popular events for phishing and social engineering attacks.

Additionally, several FIFA look alike websites and pages were created and spoofed, targeting phishing with several phishing kit with ajax request instead of form action tags or with the Base64 encoded.

Phishing campaigns supported by malware threats

Furthermore, five malware have been identified targeting the Middle Eastern Countries, including Emotet, Formbook, Qakbot, QaudAgent and Remcos as per Trellix researchers. The researchers predict that the phishing campaign targeting the World Cup 2022 will continue into Jan 2023 and the Middle East will be the sweet spot for targeted attacks.

Take extra caution while opening emails themed around the World Cup and ensure they are from the legitimate source.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.

Share the article with your friends


CybersecurityPhishing


Author

John Greenwood

He has been working with Cybersec and Infosec market for 12+ years now. Passionate about AI, Cybersecurity, Info security, Blockchain and Machine Learning. When he is not occupied with cybersecurity, he likes to go on bike rides!

You may also like
Recast Software: Advanced Endpoint Management and Security Tools for IT Teams
November 16, 2024
Patch My PC: Streamlined Software Management for ConfigMgr and Intune
November 9, 2024
Best Microsoft Intune Alternatives: Top 5 MDMs to Consider
November 4, 2024
Leave A Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Subscribe to our newsletter

    Loading
  • Windows security

    • Recast Software: Advanced Endpoint Management and Security...
      November 16, 2024
    • Patch My PC: Streamlined Software Management for ConfigMgr...
      November 9, 2024
    • Best Microsoft Intune Alternatives: Top 5 MDMs to Consider
      November 4, 2024
    • Top 11 Log Management Tools for Efficient System Management
      September 20, 2024
    • Top 5 Threat Intelligence Tools For 2024
      September 19, 2024


  • About us

    Our vision is to deliver the trending and happening cyber events to the enthusiasts.

    We believe in delivering educational and quality content for hassle-free understanding of the subject.

  • Subscribe to our newsletter

    Loading
  • Follow us

  • Advertise with us

    You can reach us via Facebook, Linkedin, or Twitter for advertising purposes.


© The Cybersecurity Times 2022. All rights reserved.
Press enter/return to begin your search