A look ahead at an olympic-sized criminal competition
As official preparations for this event reach a peak, we would like to point out some of risks and the “darkside” preparations for the #Rio2016 Olympic Games:
Olympic Games – Phishing and Scam
It has happened before with the Euro 2016 and now it comes back with the Olympic Games: Cybercriminals change their tactics to take advantage of user interests. Here is just one example of an Olympic-themed email promotion:
You can’t believe how lucky you are! You have won a huge amount of money! It really looks too good to be true, doesn’t it? That’s, because it is not true. It just a phishing trap. As you can see, the masterminds behind it want to know more about you (and probably not to ask you out for a date) so they are asking you to send them all this information. But the truth is that after you’ve replied, you will just be getting further trouble (lots of spam and probably even some nicely wrapped malware gifts) but not a single pound, euro or dollar.
Health scams with the Zika virus
There are a number of scams playing on the real fears of the Zika virus. This disease is primarily spread through mosquitoes and can be transmitted from pregnant women to their fetuses. A real health issue – and a great hook for criminals to exploit people’s fears and concerns.
This tweet on #Twitter shows how criminals are digging into this issue for another source of money. While ostensibly providing a service in tracking Zika virus cases, they are chasing user donations and promising a free shirt to contributors. It is an interesting idea on one side, but you can be sure that you won’t see the free shirt. For reputable information on Zika, it’s better to check out official sources of information such as the World Health Organization or the Center for Disease Control in the United States. Another Bonus: You won’t risk a malware infection.
Black market tickets and streaming content
Everybody wants to be part of the games. To watch it on TV or via streaming is nice but what is really cool is to go there, to Brazil, and watch them live. But beware: It’s yet another way that criminals are seeing opportunities from the games. On #Facebook, you can see groups where you can buy tickets like the one shown on the screenshots below.
On pages as this, the cybercriminals offer users an opportunity to request the URL for their ticket system. You can be sure that it isn’t an official page of a legitimate ticket shops. I highly doubt you will get much after using the credit cards in your pocket. Probably the only ticket that you will ever receive will be the credit card bill.
Free live-streaming of the Olympic Games is yet another attractive proposition. After all, what if the sport you want to watch is not covered by your local TV station? Checking both pages, we can see that they are quite similar (and were probably created by the same person/group). But as I said, you might get a lot more than a live stream; recent research by KU Leuven-iMinds and Stony Brook University found that streaming sites are a huge source of malware in the ads that come along with the video content.
As I said at the beginning of my article, the games have their opponents, too. There is a lot of resentment when it comes to why Brazil should spend so much money to host the Olympic Games even though they have many internal social and political problems.
The complaints to the world about those issues are easy to see on social media where hacktivists have announced their own intentions and reactions. Take a look yourself and search for #OpOlympicHacking. Crazy, right? So what are their possible activities? Disturbing federal services by starting Denial of Service or hacking attacks against the official Olympic Games pages and/or locations? By the way, for me, as a security expert, this is the most interesting example of what could happen during the games.
In summary, the games will be the most exciting Olympic Games ever. Therefore, be aware about what you are receiving and how you react if you should get in touch with the Games!
This article is also available in: German