While millions of people around the globe are following the FIFA World Cup taking place in North America, it’s not only the fans that are looking forward to exciting encounters and shocking results. Cybercriminals view any kind of global sporting event as an ideal opportunity to launch their attacks. The experience gathered by the experts at Retarus clearly indicates that the number of phishing-based fraud attempts and other email threats tend to increase significantly against the backdrop of large tournaments.
The most dangerous opponent is not the one on the pitch
Major sports events create ideal conditions for carrying out cyberattacks. People generally respond more quickly to messages that resonate with their interests. At the same time, they’re often more inclined to click on links or download information in a hurry.
Right now, we’re witnessing a particularly high volume of social engineering attacks. To lure victims in, attackers typically use streaming services, betting and sweepstakes promotions, the latest news about players or national teams, match reports and analyses, as well as supposed special offers (e.g., last-minute tickets) for fans.
As this content appears relevant and time-sensitive, it ticks all the boxes for a successful phishing attack. The context and emotional impact of the subject matter increase the likelihood that recipients will carelessly click on links or open attachments.
Especially prevalent email threats
The classic patterns of attack largely remain unchanged, with criminals simply tailoring the topics to focus on the tournament.
For example, cybercriminals may send phishing emails that appear to come from FIFA, national soccer associations, or media companies, and are designed to look deceptively authentic in terms of layout and content.
Another risk also needs to be considered. In the run-up to the World Cup, countless new websites have sprung up in a very short time – many of them offering news, analysis, or streaming services. Because these sites are often set up under tight deadlines, they don’t always meet adequate security standards. This means that even legitimate websites may become compromised and spread malware without anyone noticing.
What your users need to keep in mind
During the World Cup it’s more important than ever to remember that awareness is your most important line of defense.
When searching for information about the tournament, users should stick to well-known and trustworthy websites. Rather than clicking on links in emails, users are advised to navigate to the desired website directly through their browser or the official app.
Consistently handling passwords with care remains crucially important. Login credentials should never be reused across multiple services.
And, as always, it’s important to bear in mind that if an offer seems too good to be true, it probably is.
Keeping a clean sheet: What companies can do
To prevent attackers from converting the scoring opportunities presented to them, organizations are advised to factor the heightened threat level during the World Cup into their technical security measures.
Even if it almost seems too banal to mention: First, ensure that all available security mechanisms are fully activated. If certain user groups or applications are subject to less stringent security policies or exceptions, it may be advisable to temporarily tighten their security settings.
State-of-the-art URL protection mechanisms with time-of-click protection are particularly effective. With this approach, links are not only analyzed when an email is received but also re-assessed the moment a user clicks on them. This provides an additional layer of protection against newly registered or compromised websites which may have recently been launched in connection with the World Cup.
Cybercriminals often modify their campaigns very quickly based on current events. As a consequence, other security mechanisms like post-delivery protection or AI-assisted sandboxing provide additional protection. These solutions help companies identify previously unknown threats at an early stage, even before conventional security solutions are able to provide the corresponding threat signatures.
Beyond these measures, we recommend that you review your rules for email attachments (for more on this, see our Attachment Blocker). Companies need to ensure that potentially harmful file formats are consistently blocked or subjected to especially rigorous screening.
The World Cup has an end, but the threat continues
Even after the new champions have lifted the trophy, the heightened threat situation remains. Every major sporting tournament, international competition, or high-profile media event gives rise to similar attack strategies aimed at exploiting heightened emotions, current events, and public interest in the accompanying news and information. Like strikers, cybercriminals are always looking for new ways to breach your defenses.
Businesses that review and update their security measures on a regular basis maintain a consistently higher level of protection – both during global events and beyond.
Get in touch with us to find out how you can stay on the ball, boost your protection and ensure that you remain on the winning side when it comes to email security.
