Information Security|Social Engineering>Phishing|Compliance>Privacy

Phishing and FIFA

I have some friends staying with me right now from Brazil.  They arrived a few days ago, and said that, due to the world cup, the level of excitement in Brazil is very high, and that there are many foreigners that have arrived in the country to see the games.  The World Cup is all over everything in the country right now.  Apparel, food, merchandise, etc. is all branded with the World Cup (similar to how the U.S. advertises items for the World Series or the Super Bowl).  The World Cup is one of the largest sporting events in the world, and encompasses a much larger audience than any single country.

The World Cup began a few days ago, and will last for about a month.  Network teams will see their bandwidth spike in unison with the matches, and organizations will see hours lost as employees sneak peeks at the games.  The World Cup Final alone can draw 100s of millions of viewers.  In other words, much of the world is not only expecting, but anticipating news about the World Cup.  This frenzy is ripe for phishing attacks and spam.  Some of the most popular, by FIFA’s own admission, are lotteries, or requests for money, and competitions.  Now, these aren’t really different from average spam/phishing attacks, but they can play on a relaxed defense and awareness for scams.

Each game also brings additional risk.  Consider the opening game where Brazil beat Croatia, scammers could easily pray off the excitement that Brazil won, but also that there were referee controversies.  These types of events provide great leverage for newsworthy stories to the pique the interest people, all too willing to watch a video or read an article.

More so today than in many years past, a number of World Cup apps are being released into mobile device app stores.  This is a new attack vector that could provide legitimate news information, but can also harvest information such as passwords, network access, documents, etc.  Organizations need to closely examine their BYOD policies and make sure their corporate data is secure on mobile devices.

There are many people in the United States who are not interested in the World Cup and are often oblivious to the popularity around the world.  I have heard people say they don’t expect it to impact their networks that much because they don’t think many people will watch it.  We tend to forget that America is a very diverse workforce, and many organizations are global in their operations.  What other countries, where the World Cup may be a very big deal, may have access to your networks?  Does your organization have any global contractors who are in the United States?  Has your organization considered the impact the World Cup could have to the information security of these, often overlooked, back doors into your network?  At the very least, organizations should have information security awareness notifications sent to their employees.

Why the World Cup?

The World Cup is not unique to these types of information security risks.  Security risks tend follow many major sporting events, natural disasters, or trending global news headlines.  However, the World Cup is unique in the size of the global audience, the anticipation of the event, and the often overlooked security risks to a network in today’s global landscape.

What can my organization do?

First take a look at our recent article, How to Spot a Phishing Email.  As we mention in the article you can ask yourself some of these questions:

  • Do I know the sender?
  • Is this an email I expected?
  • Does my system think this email is suspicious?
  • Is a file attached to the email?
  • Does the email ask for personal information?
  • Are there links in the email and are they from trusted sources?

As organizations continue to expand their global footprint, even indirectly as many organizations utilize the cloud more and more, they must start taking a global perspective on information security and the effects world events, trends and entertainment can have on their networks.