Scams and malware found on 90% of illegal football streaming sites

Research from cyber resilience company Webroot has exposed the extent of scams and malware found on illegal streaming sites that were shared on social media channels during a big weekend of football across Europe.

Football fans trying to watch the Carabao Cup Final or major clashes across the Premier League, La Liga, Serie A and Bundesliga for free on 24-25 April are likely to have been exposed to a sophisticated Bitcoin scam targeted at gaining financial details, various different types of malware and mobile app scams.

In fact, 92% per cent of illegal streaming sites analysed by Webroot were found to contain some form of malicious content.

Some of the more unusual activities discovered also included hijacking users’ web browsers and notifications through the sites. Once users’ browsers were hijacked cybercriminals were able to influence users’ search results and use notifications to bombard them with junk, scams and explicit or extreme content.

Fans using the sites on mobile devices were also at risk from a range of cyber threats, including fake and malicious mobile apps.

Kelvin Murray, senior threat researcher at Webroot, said: “These illegal streaming sites are a maze of scams, malware and dangerous content. Simply put there’s no ‘safe’ way to use them without putting yourself at risk. The level of sophistication and detail behind the Bitcoin scam we found is a hallmark of a well thought-through and well-resourced criminal operation. These sites are purposely built to trap users into clicking on something nasty – whether that’s a scam or fake app, or serving up explicit and dangerous content.

“It’s a common misconception that you’re safe using your mobile, tablet or smart TV on these sites, but that’s simply not true. The behaviour we’ve seen on these sites is a big red flag.”

Webroot’s recent 2021 Webroot BrightCloud Threat Report found that consumer devices saw twice as many malware infections when compared to business devices.

Threats highlighted included targeted and localised bitcoin scams promising riches and asking users for banking details, apps that push notifications for junk and that scam their users, and browser hijacking that allows cybercriminals to switch users’ default browser and take over their browser notifications. This means different search results are served up or users can be spammed with junk notifications and explicit content.

Fleeceware, a type of malware mobile application that comes with hidden, excessive subscription fees, and notification hijacking, whereby users looking to watch a stream are tricked into allowing notifications which bombards users with explicit and extreme content as well as scams and links to other malicious sites, were also found.

Subscribe and Get SVG Europe Newsletters