Super Bowl XLIX Commercial Searches and NFL Mobile App Use May Spoil Big Game for You

The most-watched television event in the U.S. is taking place this weekend as the New England Patriots and Seattle Seahawks lace up for Super Bowl XLIX. Those who are looking for Super Bowl XLIX commercials over the Internet could encounter malicious links or take use of an NFL mobile app that has a vulnerability allowing hackers to obtain personal data.

There is no doubt that the Super Bowl is one of the most widely watched TV programs in the United States for one day. Advertisers from major U.S. companies have put in their multi-million dollar bids to advertise their product through a clever Super Bowl commercial. For some, watching Super Bowl commercials is more entertaining than the actual game or half time show. In knowing how many people will be glued to the TV set, it is naturally the duty of hackers/scammers to manipulate search keywords on the Internet to attract those who are searching for anything related to the Super Bowl.

It has long been a commonality among hackers to manipulate search results through sneaky SEO poisoning. Such SEO poisoning campaigns are initiated at the dawn of popular news stories or events, such as Super Bowl XLIX. Hackers are able to produce posts on their own sites as well as ones that have been compromised only to redirect computer users to a malicious source. Through such a source, the user thinks they are clicking on a harmless Super Bowl commercial video link. Not so much.

In the past, we have warned computer users of what may come out of Internet searches related to the Super Bowl. As explained in the video below, we have seen surges of malware during the Super Bowl by as much as 21% and that was back in the year 2012. Fast forwarding to three years later, we could see that number nearly doubled.

Hackers, for obvious reasons, have no feelings or remorse when it comes to a potential victim's unforeseen tragedy. Just like how sex sells on the Internet, hackers sell their own propaganda in it being manipulated search results through clever SEO techniques. Some of the methods we have seen recently have been cases where popular keywords are injected into made-up sites or ones known for spreading malware. It isn't any surprise to get a search result mixed in a query that is titled "Superbowl" when the link is, in fact, one to a porno site containing malware or something completely unrelated.

Fortunately, for the search engine company and conglomerate we know as Google, they have cracked down on hackers abusing SEO methods and shrewd keyword placements to have their results listed on the first few pages of a search query. No longer is it an easy walk in the park for hackers to poison search results with their filth.

Social engineering is a newer method that hackers have adopted over the past few years to spread their malicious love effectively. The use of social networks and linking on various pages or Facebook user walls has transfigured the tasks of poisoning search results to a simpler method. Those seeking a hyped multi-million dollar Super Bowl commercial preview on the Internet probably won't have to look much further than their Facebook news feed. In doing so, users run the risk of clicking on an enticing update posted on Facebook or Twitter that claims to offer a Super Bowl XLIX commercial, but instead redirects their browser to a site that downloads malware directly to a PC.

Super Bowl Malware Goes Mobile

Sports sites and sports mobile apps instantly become the most popular thing to hit the world wide web surfing waves whenever there is a professional game on TV. With the Super Bowl being the big number-one game, it will draw flocks of users to utilize the latest NFL and sports apps available.

An avenue, which hackers are exploiting during Super Bowl XLIX, is through an NFL mobile app for iOS and Android devices. The app, NFL Mobile App, contains a vulnerability that may be exploited to expose a user's personal data to man-in-the-middle attacks. Attackers are able to use the mobile app's vulnerability to get a trio of details about the user, which is just enough to get the full profile of a user of the NFL webpage. Due to this lack of encryption for the mobile app, connecting to its designated server may not be secure. The profile information contains the user's address, date of birth, gender, occupation, and phone number. Not only will everyone know the stats of Tom Brady and Russell Wilson's game, but they may find your own listed on some hacker website selling it to the highest bidder. Not exactly "Super" is it?

Before, during and after you watch Super Bowl XLIX this weekend, be sure to be aware of what may come of your internet searches. Additionally, be cautious during use of mobile apps to either view the cute commercial with the horses and puppies, or look up the stats of the new Super Bowl champions.