FIFA World Cup Scams Abound (June 12, 2014)


The 2014 FIFA World Cup has begun. This month-long tournament brings together the best soccer players in the world to battle for their countries. Unfortunately, cybercriminals are also taking advantage of the many fans. As the excitement builds up, the unsolicited advertisements for free live online streaming of the event and fake world cup related promotions are also increasing. These often yield to fraud, phishing and even malware.

Over the last week, the Dell SonicWALL threats research team has been tracking down all World Cup related spam emails. The emails have a common theme of trying to lure users of providing their personal information in exchange for access to live streaming videos or to claim prizes from a FIFA lottery.
sample fifa email

The following are some of the common email subjects we have seen:

  • CONGRATULATION……_Your_winning_Reference_No:_FIFA/BRA/14/FFBR04563?
  • Copa do Mundo Fifa 2014
  • Save Big On World Cup Jerseys Cheap,Up To 80% Off World Cup Jerseys Wholesale.Fast Free Express.
  • World Cup 2014 – Time to get in on the action
  • World Cup Screenings 2014

But for some of the fans that can not be in front of a TV to watch the games, they will be streaming the matches on their computers, laptops or mobile devices. Unfortunately, there are a lot of bogus online streaming sites on the web. Some of these sites will redirect to another URL requiring the user to provide their credit card information for full access to live streaming.
fifa fake streaming

While others will require users to download a special video playback software or install “missing plugins” that often install malware.

fifa fake streaming
fifa fake streaming

We urge our users to always be vigilant and cautious with installing unknown applications, browser extensions, addons or plugins, particularly if you are not certain of the source. If you want to stream the games, you can do so via legitimate websites such as ESPN or BBC.

Dell SonicWALL Gateway AntiVirus provides protection against these threats via the following signatures:

  • GAV: InstallIQ.A_5 (Adware)
  • GAV: RocketFuel.A_2 (Adware)
  • GAV: RocketFuel.A (Adware)
  • GAV: OutBrowse.D_8 (Adware)
  • GAV: OutBrowse.D_7 (Adware)
  • Security News
    The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.