Qatar World Cup Cyber Attacks

FIFA World Cup trophy in Italy Creative Commons

It is no surprise that a major International event such as the 2022 World Cup would be a magnet for fraudsters and scammers.  This activity began in the lead up to the event and will probably drop off our radar after the final game but the principles behind these campaigns will apply to other events in the future. Many scammers are simply after the cash but linking to high profile events also benefits hacktivists wishing to push their own political agendas.

Many of these incidents are examples of new twists on old scams.  Postal scam letters date back to the distant past but have been recently used as a hook for Word Cup lottery scams.   The letters feature ‘official’ logos and promise big cash prizes.  Any suspect mail should be posted on to the National Trading Standards Scam Team at NTSST, FREEPOST, MAIL MARSHALS.

A more technological attack vector has been the use of scam emails allegedly from FIFA officials, the match ticketing office or other organisations closely tied to the Qatar events. These messages contained links to malicious sites or were sent with harmful attachments.

A study by the Photon Research Team into cyber threats linked to the Qatar World identified several categories of threat.

174 cases were identified of webpages impersonating legitimate domain names.  Here URLs are chosen that are similar to the original.  The destination mimics official pages mixing genuine content links with phishing or malware links. One example (now offline) directed to a malicious site when the chat box on the launch page was clicked.

53 examples of fake mobile apps were found.  FIFA is registered as an official app developer on the Google Play and IOS stores offering a range of products including the official ticketing app which unfortunately failed and delayed the entrance of some fans into games. Other developers offer football information services, some good, some bad others plainly fraudulent. Some were hosted on stores running with the scam others on the legitimate Google Play platform.  Due to the costs in registering developers and the checks put in place by Apple this category of fraud is less likely on IOS devices.  The fraudulent apps could steal personal data from the host device; install adware or malicious code.

Social media pages have impersonated assets belonging to the Qatar World Cup.  Many of these are relatively harmless.  Other pages hosted scams including impersonating the profiles high level FIFA officials; such as the president Gianni Infantino.

Many fans will see their interest in football spilling over into work time during the World Cup but they need to be aware that their enthusiasm might compromise corporate networks. Users need to recognise look-alike scams. Examine headers and links carefully, hover over them to expose the destination before clicking. There should be no need to download event specific software onto corporate machines.

More from Security


eCommerce Shop Scams

Data from Security Research Labs has revealed a China based fake shopping network that they have named ‘BogusBazaar.’  They claim that: ‘As of April …

Read post


Lockbit Ransomware Takedown

In February 2024 the UK National Crime Agency released details of how the NCA and other international policing agencies had disrupted the actions of …

Read post


UK Cyber security breaches survey 2024

Lies, damned lies, and statistics (attributed to Disraeli) The UK Cyber Security Breaches Survey 2024 was published on 9th April 2024.  Not surprisingly it …

Read post


Digital Gift Card Issues

Both Apple and Google offer gift card services for use on their App stores.  Just as it states on the tin the card can …

Read post

Sign Up

Sign up to our newsletter list here.

    Successful sign up

    Thank you for signing up to our newsletter list.

    Check your inbox for all the latest information from Kindus