Only 10 football teams remain at the 2018 World Cup, with the match between Sweden and Switzerland set to reduce that number further. But fans hoping to watch a free live stream of the game may be putting themselves at risk.
Both teams are hoping to book their place in the quarter finals of the tournament to face either Colombia or England, and dozens of live streaming websites are offering links to watch the match. Cyber security experts warn that many of the sites, which are often easily accessible through search engines like Google, pose a danger to visitors.
The game is set to kick off at 3pm BST on Monday, 3 July, and will be available to people in the UK through the BBC iPlayer website.
The proliferation of illegal live streaming sites for the World Cup has prompted warnings from cybersecurity experts that people could put themselves at risk if they view matches on illegal websites.
“It’s become a lucrative business for malicious actors to host illegal streaming websites – and the World Cup is a perfect opportunity for them,” Chris Hodson from the cybersecurity firm Zscaler, told The Independent.
“While sports fans prepare to stream their favourite teams’ games, the increased interest in the tournament will also attract the attention of cyber criminals who’ve produced a variety of ways to trick fans into downloading malicious code and unwittingly giving up account credentials.”
These account credentials, Mr Hodson warned, are often used over multiple sites, meaning cyber criminals could gain access to individual’s email accounts and bank accounts.
“These sites are made to look legitimate and will often overlay a video with an ad that has a fake close or even play button,” Hoyt told The Independent. “Users will attempt to ‘close’ the ad to enable a full view of the video but behind the scenes malware will be installed on their computer or device as a result of that single click.”
Another threat posed by illegal streaming sites is something known as cryptomining, whereby people’s computers are used to secretly mine cryptocurrency.
“Illegal streaming sites are illegal by nature and are riddled with malicious software,” said Joep Gommers, CEO at EclecticIQ.
“The machines of users visiting those sites are mostly attacked in the form of drive-by-downloads, which means that malware is downloaded when visiting a website, completely without the user’s knowledge. Currently, a very common type of malware is cryptomining.”
Steve Mulhearn, director of enhanced technologies at Fortinet, told The Independent that fans who risk visiting these sites should follow certain precautions to minimise the danger.
“Running the most updated versions of your operating system, security software, apps and Web browsers is among the best defences against malware, viruses and other online threats,” Mr Mulhearn said.
“Cyber-attackers usually target flaws and vulnerabilities in outdated browsers and plug-ins. It is best to have your security software and web browser update automatically to minimise exposure to known threats.”
Other experts advised that people would be best to avoid visiting these sites entirely.
“Overall, I’d say that visiting these types of websites is not a good idea,” Leigh-Anne Galloway from Positive Technologies, told The Independent.
“You can’t be 100 per cent confident that you’re not basically walking into a trap and, for the sake of 90 minutes of free football, it will take a lot of effort to clean up.”
Richard Walters, Chief Security Strategist at CensorNet, added: “These websites are essentially cesspools of malware and viruses, and people using them do so at a personal risk to their devices and the data stored on there.
“From a personal perspective at home or at work, you should stick to trusted websites and legal streams.”