Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

2014 FIFA World Cup: What should we expect?

Guillaume Lovet, senior manager of FortiGuard Labs’ Threat Response Team at Fortinet

While thousands of Brazilian workers were trying to complete the stadium on time for the opening match, Brazilian cybercriminals were already at work. Now that the 2014 FIFA World Cup is underway, Fortinet’s FortiGuard team is warning Internet users against online scams that they may face.

2014 FIFA World Cup: What should we expect? 1

With a population of approximately 201 million in 2013, Brazil is the world’s fifth most populous country and has one of the largest cybercriminals communities. Until 2003, Brazilian hackers were focused on website defacements, without attacking their users. Since then, they have become increasingly more professional by attacking the websites of local banks, a choice target as three-quarters of Brazilians carrying out the bulk of their financial transactions online.  According to a survey conducted by the Brazilian Banks Federation (Febraban) in 2011, the banking sector reported losses of R$1.5 billion thanks to phishing, online theft, identity theft, online scams and credit card fraud. But the banking sector is not the only target of Internet threats across the country. Indeed, fraudsters are applying what they have learned over the past ten years of attacking banks to monetize their expertise by  hacking in other areas such as directed attacks on high-net worth individuals, airline mileage programs, and utility bills …

Beyond the Brazilian cybercriminal community, now a few days into the World Cup, we can expect an onslaught of Internet scams and attacks from the global cybercriminal community in the coming days and weeks.  It is important for football fans to remember a few tips to avoid unpleasant surprises:

  • Unsolicited emails: Spam email targeted at Internet users announcing that they are the lucky winners of a lottery for 2 tickets for the final of the World Cup, or they can access web sites to watch the matches live.….  While it is very tempting to a fan to click on an email link that says : “You’ve won 2 tickets for the final of the World Cup”, be careful! By clicking on that link, you could be taken to a compromised Website that downloads malware onto your computer. That malware could be used as a keylogger on your computer to retrieve all your personal information such as your passwords or other credentials, or download additional malware, such as fake antivirus applications, or simply turn your computer into a spam generator. Spammers and scammers love this kind of event because they know, during the duration of the World Cup, all football fans will be using the Internet looking for attractive offers.
  • 2014 FIFA World Cup: What should we expect? 2

    Online retailers offering discounted tickets: If you discover an online store that’s offering unbelievable specials for tickets, do some digging to make sure it’s a legitimate store and not a false front that will disappear later that day along with your credit card information. Even if they are legitimate, you’ll want to make sure their site hasn’t been unknowingly compromised by SQL injection or other server attacks. Compromised websites won’t always redirect you to a malicious site, but often will phish or try to surreptitiously install other forms of malware on your computer, such as Trojans, bots, keyloggers and rootkits, all of which are designed to harm systems and steal personal information. Similarly, avoid believing marketplace websites such as eBay or others offering tickets at low prices for the event. Being suspicious of deals that appear to be too good to be true is key during this hot event period, as the good deals are often pure frauds.

  • Phishing and identity theft: Users may receive an email from their bank and/or Paypal highlighting that a payment for the purchase of 2 footballs tickets is in progress while the Internet user has in fact not made any purchase. To cancel the transaction, the Internet user must click on the link where it will be asked to complete a form with its bank login details.  Users should not reply and keep in mind that their bank would never ask for their banking ID by email. If they give away their banking credentials, their account could be completely emptied by scammers. This technique, called phishing, is also used by scammers to acquire other sensitive information like social security numbers. This scam can quickly become a major issue that affects more people than just the victim: damage can snowball when stolen credentials are used in second-stage attacks.
  • Unsecured WiFi hotspots in Brazil: While the Brazilian government has strengthened the safety for the World Cup, the thousands of fans in Brazil must remain vigilant. Fans who will not have the chance to watch the matches at the stadium will use the Internet to view the results in real time, by connecting to WiFi hotspots at hotels, bars… Do not connect to an unknown unsecure hotspot. An unsecure hotspot allows hackers to capture any and all data that’s flowing from the hotspot, enabling them to intercept logins and passwords, email messages, attached documents and other personal and confidential information.

2014 FIFA World Cup: What should we expect? 3

All of these types of scams are flooding the Web and even well-informed Internet users could be trapped. So, here are some basic but important tips to avoid losing key personal information or money:

  • Requests for password or credit card information should set off alarm bells, double check before you comply
  • Be very wary of links that either lead to applications or external websites
  • Believe the popular saying: “If it’s too good to be true, then it probably is”.
  • If you haven’t entered a lottery, you can’t win it.
  • By connecting even to secure access points, check that the connections to your favorite websites are well secured HTTPS connections.