With the ICC Cricket World Cup 2019 having kicked off in England, Sophos reminded cricket fans of how cybercriminals have been using people’s interest in the sport to launch cyber attacks.
Cricket has been targeted before by those who want to turn international community events into attacks. Unfortunately, cyberattacks often go hand in hand with major sporting events, including the World Cup, as they give cybercriminals easy access to a frequent stream of online activities from incautious cricket fans.
“Big events, especially professional sporting tournaments, often mean big opportunities for cybercriminals. While device users should always be on the lookout for phishing attacks, it’s especially important when there is a popular global event happening,” said Sunil Sharma, Managing Director – Sales, Sophos India & SAARC . “Even though it might be tempting to score cheap online tickets, consumers really need to pause and evaluate the source before they click to buy. This also applies to any type of cricket-related correspondence during this exciting event. Remember, while the cybercriminals might also be cricket fans, they are mostly fans of ripping you off.”
Recent history of World Cup cyber threats
In 2006, German malware Zasran-D infected users with a backdoor (remote access) virus under the pretense of free tickets, while South Africa 2010 saw a Frankfurt man successfully blackmail three online betting sites (and attempting to extort money from three others) by threatening them with distributed denial-of-service (DDoS) attacks which could have blasted them off the internet. Also, in 2014, we saw websites associated with the World Cup struck by a DDoS attack ahead of the tournament’s opening match in Brazil.
This year’s World Cup is set to be the most streamed cricket event in history and it is important that organisations and individuals alike be more cautious about potential cyber threats and follow these simple tips to stay protected against cybercrime:
- Do not click on links in emails, texts, instant messaging or social media posts if they come from people or organizations you don’t know, or have suspicious or unusual addresses.
- It is better to install a reliable security solution with up-to-date databases of malicious and phishing sites.
- Avoid using public Wi-Fi.
- Watch broadcasts only on official ICC partner websites.
- If you are going to England, use a VPN to connect to the Internet. To avoid the anguish of not being able to post a selfie of your grinning face against the backdrop of your team’s victory celebration, get connected to a VPN in advance.
- Always evaluate modern email protection services like anti-phishing, URL protection or detonation, spoofing protection, and user activity profiles for unusual or out-of-policy activities.