/cloudfront-eu-central-1.images.arcpublishing.com/larazon/VP4FQGUAEBAV3L6HMIOHISGXMU.jpg "The Five Most Dangerous Olympics Scams")
After an unprecedented delay due to the pandemic, the Tokyo 2020 Summer Olympics began on July 23, 2021. All tests will be held without spectators, which reduces physical risks, both from a health and cybersecurity point of view (such as the theft of data by exploiting the vulnerabilities of the stadium’s public Wi-Fi).
However, sports enthusiasts should not forget that cybercriminals will try to take advantage of fans’ craving to see the Olympics through various online scam strategies.
To find out how scammers try to monetize viewers’ interest, Kaspersky experts analyzed the websites of phishing related to the Olympics designed to steal users’ credentials.
As a result, Kaspersky researchers found fake pages that offered the broadcast of various Olympic events, the sale of tickets for competitions that will not have spectators, several of gifts and even the first false virtual currency of the Olympic Games.
1. Live broadcasts
Unsurprisingly, as more and more viewers are on the Internet, Kaspersky experts found several pages of phishing that offered to broadcast the Olympics. Some of them request a prior registration.
Normally, on these pages of phishing, once the user enters their credentials, they can be redirected to a page that distributes different malicious files.
In addition to installing malware on your device due to such files, users are leaving their identifying information in unreliable hands. The scammers can then use that data for malicious purposes or sell it on the Dark Web.
2. Fake tickets
Even though there are no events open to the public this year, scammers don’t shy away from trying options like event ticket sales as they are still effective for some reason. Kaspersky experts have also discovered pages that offer reimbursement for tickets already purchased.
3. Entities related to the Olympic Games
Analyzing the discovered pages, Kaspersky experts have also found examples of pages of phishing disguised as official pages of the Games, as a page that pretends to be an official website of the Tokyo 2020 Olympic Games and another that masquerades as that of the International Olympic Committee. The latter, for example, collects the users’ MS Services credentials.
4. Gifts
No big public event is complete without scammers creating very generous giveaway pages. Kaspersky experts have also found pages of phishing offer to win an ideal television to watch the Olympics. This is quite popular and usually each user becomes a lucky winner; the chosen ones only have to pay the shipping costs. It goes without saying that the TV never reaches the deluded user.
5. Virtual currency of the Olympic Games
Finally, and most importantly, Kaspersky researchers found the first virtual currency in history to be proposed as an aid fund for Olympic athletes. Completely false, of course. The scammers offer to financially support athletes around the world in need if users purchase the currency.
“Cybercriminals always use popular sporting events as bait for their attacks. This year, the Olympics will be held without spectators, so we do not expect a large number of related attacks. However, we find that scammers have no limits when it comes to creating new ways to profit. For example, this year we discovered an interesting page of phishing that sold virtual currency of the Olympic Games. There is no real equivalent of such a thing, which means that cybercriminals not only counterfeit existing baits, but also develop their own ideas,” says Olga Svistiunova, security expert at Kaspersky.
To protect yourself and those close to you from phishing related to the Olympic Games, Kaspersky experts recommend:
- Check the link before clicking. Mouse over to view the URL and look for misspellings or other irregularities.
- Check the authenticity of the websites before entering personal data and use only the official pages to watch the Olympic Games. Double check the formats of the URLs and the spelling of the company name.
- Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites.