England fans have been warned to keep their phones in airplane mode while at the World Cup as the event is likely to be targeted by hackers.
George Avetisov, chief executive of US-based cyber security firm HYPR, said even the most amateur “bad apples” could look to target football supporters in Russia to enjoy the sporting spectacle.
He likened the event to major hacking conferences, such as DEF CON and Black Hat, where he said those attending take “burner” phones free of personal data.
Up to 10,000 England fans are expected to head to Russia for the tournament this month, with the Three Lions kicking off against Tunisia in Volgograd on Monday.
Mr Avetisov said: “First of all I don’t think it’s just Russia but any large event at this scale will be the target of malicious hackers.
“These large events are targets for malicious hackers of any skill level to try methodologies in a spray and pray kind of fashion.
“At an event like this that’s when the bad apples come out.”
Even fans who think they will be safe if they avoid public WiFi could be open to data theft as hackers could intercept their phone signal.
He said: “Keep your phone in airplane mode – people who come to hacker conferences bring burner phones, disposable phones for the duration.
“The stingray is a device typically used by government agencies that can intercept your cell phone signal.
“Hackers use them to intercept cell phone signal and steal their data.
“Your phone is constantly looking for cell phone towers – it has no way of knowing if it’s legitimate.”
Data thieves could also easily set up “spoof” WiFi connections that looked legitimate but are not, while malicious software, malware, could be inadvertently installed if users plugged in USB drives offered as freebies, he said.
Mr Avetisov’s top tips for keeping cyber safe include:
- Stay in airplane mode unless you need to make a phone call.
- Blanket rule, don’t connect to any public WiFi, just don’t.
- The only WiFi you should be connecting to is the one where you know who’s providing it and they give you a password – one rule: if it’s not password protected, don’t use it.
- Don’t pick up any flash drives, or thumb drives or USB sticks.
- And if you believe you have been hacked, “the best thing you can do is turn it off and change your passwords