World Cup raises phishing attacks against Middle East countries

Countries in the Middle East experienced a twofold increase in email-based phishing attacks last month prior to the kickoff of the World Cup in Qatar, with many of the emails spoofing the FIFA help desk and ticketing office, as well as team departments and managers, reports The Record, a news site by cybersecurity firm Recorded Future. Email-based phishing attacks exploiting the World Cup also involved notifications regarding FIFA bans and the spoofing of World Cup food delivery partner Snoonu, according to a Trellix report. Qakbot, Emotet, Formbook, Remcos, and QuadAgent were the most prevalent malware families leveraged in the attacks, which were aimed at exfiltrating confidential information and credentials, as well as facilitate device takeovers. Threat actors could leverage the World Cup in phishing attacks until January, noted Trellix Head of Threat Intelligence and Principal Engineer John Fokker. Meanwhile, ShadowDragon CEO Daniel Clemens noted that cyber threats usually increase during global events, such as the World Cup and the Olympics. "There is always a rise in phishing and activity related to these events. Holding the World Cup in Qatar has been a hot-button political issue since its announcement. The event offers more fodder and content for spammers and phishers," Clemens added.