Kerala Police Warns World Cup 2026 Fans of Fake Streaming App Cyber Fraud

As excitement builds for the 2026 FIFA World Cup, co-hosted by the USA, Canada, and Mexico, with an expanded 48-team format, a significant cybersecurity alert has been issued. The Kerala Police have cautioned football fans, particularly in India, about a growing threat of cyber fraud through counterfeit streaming applications. These malicious apps, disguised as legitimate platforms offering free access to the global tournament, aim to compromise users' financial security.

The elaborate scheme reportedly begins with enticing advertisements circulated across popular social media platforms including Facebook, Instagram, Telegram, WhatsApp, and YouTube. These ads promise perks like "FIFA World Cup Live Free" or "1000+ TV Channels Free," luring users with seemingly irresistible offers. Clicking these advertisements leads to fake download links for applications bearing names similar to legitimate services, such as HZ TV, OPEN TV, NB TV, MAX TV, XM TV, and TUBI TV, creating a false sense of authenticity.

Once installed, these fraudulent applications prompt users to accept various permissions under the guise of software updates, subscription activations, or enabling essential services. Critically, these requests often include gaining access to Accessibility Service, Screen Overlay, and Notification Access. Granting these permissions severely undermines the security of the user's device, effectively handing over control to the fraudsters.

With elevated permissions, the perpetrators can operate various applications on the victim's phone without their knowledge or consent. This illicit access is then exploited to illegally withdraw money from bank accounts, frequently targeting UPI (Unified Payments Interface) applications. Police are urging fans to exercise extreme caution, advising them to download applications exclusively from official app stores and to be highly vigilant about the permissions requested by any new software.