16,000+ scam domains targeting FIFA World Cup fans in Qatar

16,000+ scam domains targeting FIFA World Cup fans in Qatar

As fraudsters readily jump to exploit events of great global interest, it comes as no surprise that Group-IB discovered a number of frauds and phishing attacks targeting football fans invested in buying tickets, official merchandise and jobs during the 2022 FIFA World Cup in Qatar.

Before the tournament even began, researchers from the Group-IB Digital Risk Protection team identified scam domains, fake social media accounts, ads and mobile applications that lured users into entering personal information and bank credentials.

One of the fraud schemes identified was a counterfeit goods website that in some cases directed the money from the transaction to the fraudsters and in other cases stole the user’s bank credentials. In any case, the users never received the national team shirt.

The fraudsters also used more than 130 ads on social media apps to drive traffic to the website.

FIFA World Cup tickets were another opportunity for fraudsters to try to sell fake tickets to unsuspecting users who wanted to buy tickets for the matches. By tracking five websites and more than 50 social media accounts created no earlier than September 2022 and mentioning the words “FIFA”, “World Cup” and “tickets”, Group-IB identified potential fraud. Again, fraudsters either received money from the transaction or stole the bank card details.

In the report shared with Hackread.com, Group-IB noted that up to 40 fake applications were found on the Google Play Store, promising users access to tickets to the games.

16,000+ scam domains targeting FIFA World Cup fans in Qatar
Fake Application Steals Money (1) Fake Ticket Website (2) Fake FIFA World Cup 2022 Merchandise Website (3) Facebook Group Selling Fake Tickets (4) – Images provided by Group-IB

Another five scam websites were found using keywords such as “job” and “Qatar”, which used the official tournament logo to make the website appear credible to those looking to find work during the World Cup. Another 30 social media pages were created by threat actors to promote their scam sites.

See also  The Callisto Protocol review: As a fan of Dead Space, I am disappointed

Furthermore, it was not only the World Cup that was targeted, but also major brands, including thousands who used the branding of the FIFA World Cup in Qatar. Group-IB identified and analyzed more than 16,000 fake surveys impersonating such brands.

  1. Brand protection is critical to cyber security
  2. Hundreds of shoe stores with fake brands hacked with skimmers
  3. Phishing: Italian football club tricked into sending out 2 million euros to crooks
  4. 42,000 phishing domains detected masquerading as popular brands
  5. Microsoft, PayPal and Facebook most targeted brands in phishing scams

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *