With the UFEA Champions League final between Liverpool and Real Madrid taking place on May 28, fake streaming services and fake tickets for the final are forecast to increase massively.
According to UEFA statistics, in 2020 the cumulative audience for live matches was 5.2 billion, with the final watched by 328 million fans. With the attention surrounding this event, fraudsters will try to use it to steal valuable personal data or money.
Below, cybersecurity researchers at Kaspersky explore the types of scams devoted to the UEFA Champions League.
Fake streaming services
Unfortunately, not everyone will be able to buy a ticket and attend the final in France. For most fans, video streaming is the best available option to watch the game. Scammers understand this and use the match to create phishing platforms for streaming.
Examples such as the one below show that fans are asked to put in personal data as the first step to register for access to match streaming. After registering, they will also be asked to put in their bank details to verify their bank card.
Such ‘unknown’ services should be considered suspicious, especially if they promise a ‘free service’, but later, during the registration process, ask people to provide bank details and other personal information.
2. Fake tickets for the final
Given the huge popularity of the Champions League and the number of fans around the world, it’s easy to imagine the huge hype generated around the purchase of tickets for the final. Obviously, not everyone will manage to get tickets. The stadium Stade de France, which will host the final, only has a capacity of 80,000 spectators.
Because of the limited number of available places in comparison to the amount of football fans, scammers are actively selling fake tickets. Fans, therefore, need to be extremely vigilant and carefully study the site that they’re going to purchase tickets from. To avoid becoming victim to a scam, the safest option is to buy tickets on official UEFA websites.
Comments Olga Svistunova, Web Content analyst at Kaspersky
“Such large and international events inevitably attract a variety of fraudsters, who skillfully take advantage of people’s trustfulness. The related scams can take a number of diverse forms – from the sale of fake tickets to bogus charities. In such situations, people should be as careful as possible and not respond to offers which appear too tempting, as we know there is no such thing as a free lunch.”
To avoid scams, save money and keep personal data private, Kaspersky experts share some simple tips:
- Check any link before clicking. Hover over it to preview the URL and look for misspellings or other irregularities. It’s also good practice to only enter a username and password over a secure connection. Look for the HTTPS prefix before the site URL, indicating the connection to the site is secure
- Sometimes fake e-mails and websites look just like real ones. It depends on how well the criminals did their homework. In particular, the hyperlinks will, most likely, be incorrect — with spelling mistakes. However, the links can also be disguised to look like valid links and redirect you to a different page, impersonating the legitimate site.
- To protect your data and finances, it is good practice to make sure the online checkout and payment page is secure. You’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP; an icon of a lock will also typically appear beside the URL and the address bar in some browsers will be green. If you don’t see these features, do not proceed
- Use a trusted security solution that can help you check the security of the URL that you’re visiting and also provides the ability to open any site in a protected container to prevent theft of sensitive data, including financial details.