Cyber security lessons learnt from the 2022 FIFA World Cup

The FIFA World Cup is one of the biggest sporting events on the planet, drawing thousands of spectators from around the world. Qatar hosted this year's tournament and while most of the attention was focused on social-cultural norms expected to be observed, many worried about security risks associated with such a high profile event. This included concerns around cybercriminals who could take advantage of increased online traffic due to more applications being used for entry into both matches and the country itself.

Attendees were wary of what data these apps were collecting, yet at the same time downloading them was essential to watch matches in person or remotely. The potential dangers led to an emphasis on cyber security during this World Cup that applies even beyond match days. Based on the insights gained from this year’s competition, here are four important lessons we can all benefit from:

Be vigilant when using new apps

The official World Cup apps for ticketing and entry at Qatar were essential for all visiting supporters. However, several global authorities highlighted concerns about the extent of access that these apps demanded. Always check the access and data you are sharing with new apps, only have them installed for as long as you need them, and use a ‘blank’ phone for them if you’re unsure.

Only install apps from legitimate stores

There were many apps inspired by the FIFA World Cup released in 2022: ticketing, results apps, fantasy games and much more. However, there was also a spike in malicious app distribution, where apps downloaded away from app stores or from direct social media links lead to adware, malware and credential theft that is often undetectable. Make sure you only download apps from official app stores.

Watch out for phishing attempts

As with every major entertainment event, phishing attacks about the FIFA World Cup were rampant in 2022. If a cheap ticket, travel or hospitality deal seems too good to be true, it almost certainly is - especially relating to ‘corporate packages’ targeting businesses. If you receive any emails like this, always verify the sender and hover over links to check the destination. Delete the email if you aren’t 100% certain of its authenticity.

Only watch using verified sources

While many people wanted to watch the matches on a free stream, there were many malicious URLs online and on social media posing as streaming channels. They mainly targeted the countries where the tournament is being shown behind a paywall, and can carry highly damaging malware. When watching any entertainment events online, always stick to watching them on legitimate, verified sources.

While these security tips have been inspired by a sporting event, they are just as applicable outside of it – both at home and travelling abroad. Overall, knowing what steps to take when it comes to online safety can reduce your risk of a data breach or malicious attack so keep these lessons in mind both at work and at home.