Webroot analyzed links posted on social networks that were relaying European football matches without authorization.
Security firm Webroot released a report saying it found fraud and malicious code in almost all illegal football broadcasts on social media.
According to experts, 92% of the analyzed pages took visitors to some fraud or malicious code, although the type of scam was different in each case.
The survey was carried out between April 19 and 25 and was concentrated in English-language pages. The period was chosen to monitor links related to the clash between Manchester City and Tottenham, who played in the English League Cup final on the 25th.
Security experts know that current events and facts are often used by hackers to attract more victims. People’s interest in watching the game, for example, may have driven visits to fraudulent websites.
Therefore, the company decided to follow links shared on social media channels.
To reach the numbers obtained in the survey, Webroot used a tool to filter potentially malicious domains and performed a human analysis on the pages to account for the frauds present in each one.
Cryptocurrency scams and fake apps
Many of the frauds promoted by the websites depended on direct action by the victims to be successful. According to Webroot, the following frauds have been identified:
Bitcoin scams: the sites promised cryptocurrency gains and asked for the victims’ bank details. To make the scam more convincing, the sites directed the visitor to other addresses that passed through news portals that spoke of the alleged profits that the scheme could yield.
Fake and fraudulent apps: the pages indicated the download of apps that charged up to 115 pounds (about 860 reais) for functions available in free apps or much cheaper. This is called the “signature scam” or “fleeceware”. Some of the apps also captured data from the phone without justifying the need for that information, or trying to impersonate security software that offered no real protection.
Search hijacking in the browser: if successful, the search hijacking adulterates the browser settings so that user searches are redirected to a website defined by scammers, presenting irrelevant or dangerous results.
Unwanted notifications: the user is convinced to authorize the sending of notifications to the browser. Subsequently, the cell phone or browser may be “bombarded” with unwanted notifications, disclosing links to obscene content or malicious websites.
Webroot’s search was limited to sites with unauthorized broadcasts of European football, similar problems have also been identified in Brazil.
In 2018, antivirus maker Kaspersky found an app that used the user’s phone to mine cryptocurrency, consuming the phone’s battery and data package. Months after this alert, it was Trend Micro’s turn to point out the existence of fake apps that promised free access to TV channels.
The website “TorrentFreak”, which specializes in contributing to issues related to piracy, points out that sites with unauthorized transmissions tend not to obtain legitimate sources of income. That is, they are required to cede traffic to advertisers who turn a blind eye to the type of content they are sponsoring.
The result of this is that many ads run advertise criminal activity or scams, as Webroot noted, even when the site owner itself is not intent on defrauding his visitors directly.
In order to be free of these dangers, users must seek the official sources of matches transmissions.