Cyber-Criminals Are On The Offensive During the World Cup: Wallchart Phishing Campaign Exploits Soccer Fans

Keeping track of the World Cup can get overwhelming.


Cyber criminals are keenly aware of this pain point, seeking to use the buzz around the World Cup as cover for their sneaky attacks.


Check Point researchers have identified a phishing campaign targeting soccer fans, using the email subject line of ““World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager.”  This type of phishing scheme exploits victims by downloading an infected FIFA World Cup schedule and results checker onto their PCs. When opened, the attachment uses a malware variant called ‘DownloaderGuide,’ a known downloader of potentially unwanted programs (PUPs) that is most commonly used as an installer for applications such as toolbars, adware or system optimizers.


Cyber-criminals generally see these massively popular events as prime-time opportunities to launch malicious campaigns. With so much anticipation and hype around the World Cup, cyber-criminals are banking on soccer fans being less vigilant in opening unsolicited emails and attachments… particularly when it comes to a seemingly-helpful tracking tool.


Check Point anticipates even more online scams and phishing attacks throughout the month-long tournament. Protect yourself and your organization during the 2018 FIFA World Cup – refresh your cyber hygiene with the following tips:


  • Keep software updated – Ensuring that your PC or device’s operating system, security software, apps and web browsers are all updated with the latest versions will protect against unpatched vulnerabilities.
  • Beware of fake websites – Cyber-criminals often create fake websites and domains for large public events – despite their official appearance, they’re often used to deliver malware or capture sensitive information.
  • Beware of emails from unknown senders – Emails from total strangers promising free offers or entries into ticket draws – in the form of hyperlinks or attachments – are likely to be malicious and an attempt to steal your personal data. Avoid opening emails or attachments from unrecognized senders, especially when the offer seems too good to be true.
  • Beware of public Wi-Fi hotspots – With matches taking place throughout the day, many will be tempted to use public Wi-Fi hotspots to watch games on mobile devices. Insecure hotspots are easy targets for hackers to compromise and intercept personal data such as emails and passwords, or plant malware on mobile devices.


Stay vigilant during the games and don’t let the cyber-criminals break away into your personal data – follow us below and check out our interactive, live, World-Cup themed Threat Map.


Follow Check Point via: