The 2014 Fifa World Cup may have been the most connected in the history of the tournament, but it was also the most dangerous event – at least in terms of online security – according to Trend Micro.
The security company says World Cup-themed threats, from phishing websites to spam to malicious mobile apps, popped up left, right and centre.
One particular phishing scheme, using an existing promotion by an online banking website as bait, managed to snare more than 3000 users in a span of 72 hours, Ryan Certeza says on Trend Micro’s Security Intelligence Blog.
Most of the victims came from well connected countries such as the United States (19%), Japan (14%), Germany (12%) and France (9%), he adds. New Zealand didn’t rate a mention in a list of the 18 countries most affected by the attack.
The message lured users into handing over their login details using a fake USD200 prize, as well as a legitimate promo with a hefty cash prize.
Certeza says the promo itself was themed to take advantage of the World Cup, ‘and this in itself may have resulted in such a large amount of victims in a small amount of time’.
Brazilian telecommunications company Oi said it provided connections to all 12 host stadiums across Brazil, resulting in 32 terabytes of data being generated by media, sponsors, volunteers and Fifa officials in 10 days.
More than 152,000 unique devices have reportedly been connected to the public Wi-Fi networks installed in the host stadiums.
Says Certeza: “Online users all over the world looked for news and updates about the World Cup and made themselves targets for cybercriminals and their socially-engineered threats.
“Public Wi-Fi networks may keep sports fans online, but their insecurity may lead to them being hacked and their personal information being siphoned.
“We’re not saying that sporting events becoming more and more connected is inherently a bad thing.
“However, being connected in this day and age without being secure is inviting trouble. While telecom providers can help, the ultimate responsibility of being secure is on users.
“They must protect themselves so that at the end of the event, they’re left with fond memories and souvenirs—not malware infections that will result in depleted bank accounts and compromised devices.”