After a one-year delay due to the Covid-19 pandemic, the Tokyo 2020 Olympic Games, also called the 2021 Olympics, officially began this Friday (23). Although the event does not have an audience at the site this year, some fraud they can take advantage of the situation in an unusual way.
Without a doubt, the lack of public reduces the risks – in terms of health and from a cybersecurity point of view (in the case of data theft based on the vulnerabilities of Public Wi-Fi in the stadiums). However, according to Kaspersky, a technology company specializing in the production of security software for the Internet, this does not mean that cybercriminals are not interested in the topic.
To understand how fraud is happening, the company's experts analyzed phishing campaigns related to the 2021 Olympics. As a result, they found, for example, fake websites designed to steal Internet users' credentials.
As main disguises, the scammers range from broadcasting the Games, selling tickets to competitions that would not have spectators, gifts and even the first fake virtual currency of the Olympic Games.
- 2020 Olympics: 'Akira' anime “predicted” empty stadiums in Tokyo
- Definitely understand what phishing is and don't be the next victim
- New phishing attack can hack and steal passwords on Windows
Check out details of these online scams related to the 2021 Olympics
According to Kaspersky, with more viewers migrating from stadiums to the online environment, several phishing pages have been created to offer broadcasting of the Olympic Games. Some require prior registration to release the transmission. Then, after the user enters their credentials, they are directed to a page that tries to install malware on the device.
In addition to the device being infected, personal information is stolen, which is used in future fraud or sold in the illegal market.
Although this year there is no audience at the games, fraudsters have not stopped using “hit” (but somehow still effective) scams, such as ticket sales. Kaspersky has even discovered websites that offer refunds for tickets purchased, giving the false impression of credibility.
Fake pages of entities related to the Olympic Games
Some phishing pages are disguised as official Olympics websites. One of the examples found by the cybersecurity company pretends to be an official website for the Tokyo 2020 Olympic Games. Another page mimics the International Olympic Committee, aiming to collect the victim's corporate credentials.
No major public event is complete without scammers offering extremely lavish giveaways. To give you an idea, experts discovered phishing pages offering televisions, in other words, the perfect gimmick: an ideal product for watching the Olympic Games.
This is very popular and, if the internet user “wins the prize”, he will only need to bear the costs of shipping the product. Needless to say, the television will obviously never make it to the victim's home.
Olympic Games fake virtual currency
Finally, the biggest highlight: Kaspersky researchers found a fake moeda virtual of the event. To convince people to buy it, the scammers say that the fundraiser will support athletes who are in need of financial support.
“Cybercriminals always use popular sporting events as bait for cyber attacks,” says Olga Svistiunova, security expert at Kaspersky. “We see that fraudsters have no limits when it comes to creating ways to profit. For example, the phishing that sells an Olympic Games virtual currency shows that cybercriminals are not only using existing baits, but are also creating sophisticated and creative ideas.”
To guard against Olympic-related phishing, Kaspersky experts recommend:
• Always check links before clicking. Hover over it to view the URL and look for spelling errors or other irregularities;
• Check the authenticity of the websites before entering personal data and only use the official pages to watch the Olympic Games. In addition to checking URL formats, it is important to pay attention to the spelling of the company name;
• Use a trusted security solution capable of identifying malicious files and blocking phishing websites.
Have you watched our new videos on UAF YouTube? Subscribe to our channel!