Security News > 2022 > November > World Cup phishing emails spike in Middle Eastern countries
Phishing attempts targeting victims in the Middle East increased 100 percent last month in the lead up to the World Cup in Qatar, according to security shop Trellix.
Trellix's phishing net also caught emails spoofing Snoonu, the official food delivery partner of the World Cup, that offered fake free match tickets and contained a malicious xlsm attachment.
Trellix also highlighted World Cup-themed phishing pages that look like the legitimate FIFA pages they spoof, and warned that miscreants are using "Multiple phishing kits where the post URL is either obfuscated, Base64 encoded or present in the ajax request instead of form action tags."
Germany says nein to Qatari World Cup spyware, err, apps World Cup apps pose a data security and privacy nightmare Robin Banks crooks back at the table with fresh phish from Russia French-speaking voleurs stole $30m in 15-country bank, telecoms cyber-heist spree.
Of course, the nearly 3 million people who bought tickets to attend a match in Qatar have a whole other set of cybersecurity threats to worry about once they are in the country - in addition to a litany or moral and ethical concerns related to attending the World Cup in a country with a horrible human rights' record that built its stadiums using migrant workers whose treatment has been described as "Modern slavery."
Two World Cup apps have come under increased scrutiny from security researchers and various countries' data protection agencies, which have labeled the apps spyware and encouraged visits to use burner phones.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/11/21/world_cup_phishing_emails/
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)
- European companies hit with effective DocuSign-themed phishing emails (source)