There are already 300 fake websites offering tickets for the games. French services warn
Major sporting events, such as the FIFA World Cup or the Olympic Games, attract millions, sometimes even billions, of viewers. Such occasions never escape the attention of cybercriminals. Over the past decade, the number of documented cyber incidents involving major events has increased from 212 million during the London 2012 Games to 4.4 billion during the Tokyo 2021 Games.
Cybercriminals often have a direct financial motive behind their attacks. Excited fans fail to notice potential threats and fall victim to scams when booking tickets, arranging accommodations or buying souvenirs. Their carelessness not only results in them losing money on fake websites, but also sharing sensitive personal information that can be resold on the black market and used to commit other crimes.
– Potential victims may also include owners of websites and services associated with a given event. So-called hacktivists are keen to break into popular websites during the event to spread their messages. If they are unable to do so, they disrupt servers offering critical services in order to attract media attention – says Robert Dąbrowski, head of the engineering team at Fortinet in Poland.
Destination: Paris
The theme of this year’s XXXIII Summer Olympics, which will be held in Paris, has been exploited by cybercriminals for over a year, according to new analysis from FortiGuard Labs based on threat data collected by FortiRecon. First and foremost, there has been a significant increase in the number of activities targeting French-speaking users, local government agencies and companies, and infrastructure providers. The so-called dark web has long served as a center for cybercriminal activities, and it is there that a significant increase in activity related to the Paris Games was observed.
Among the documented malicious activity, the growing availability of sophisticated tools and services designed to quickly and fraudulently obtain sensitive personal data has emerged. There have also been offers to sell French databases of such information and sets of stolen usernames and passwords that can be used for automated brute-force attacks. There has also been a marked increase in hacktivist activity from Russia and Belarus (both countries were not invited to officially participate in this year’s games), as well as from other countries, including Sudan, Indonesia, Turkey, and India.
Any way is good
Every conscious Internet user has probably become accustomed to the presence of phishing scams in the digital space. It is a relatively easy form of attack to conduct, but many novice “hackers” do not know how to create or distribute phishing messages. These more advanced cybercriminals have sensed new business opportunities – they have created and started offering on the black market toolkits that easily help compose a convincing email, add malicious code, create a phishing website address, its content, and obtain a list of potential victims.
– Generative artificial intelligence services have proven to be an ally in this procedure. They facilitate the creation of text that is free of grammatical and spelling errors, so recognizing an email as malicious has become much more difficult. The emergence of such tools is accompanied by an increase in the popularity of services for creating phishing pages, mass sending of SMS messages and phone number spoofing – Fortinet expert warns.
The report also documents a significant number of registered domains related to the Games that could be used in typosquatting attacks. This involves using a domain similar to the original in phishing campaigns, but containing a common mistake (e.g. oympics(.)com, olmpics(.)com, olimpics(.)com, etc.) or visually similar (e.g. oIympics(.)com – the spelling is capitalized with an “i” instead of a lowercase “L”). These addresses could host clones of the original sites, including payment forms from which payment card details end up directly in the hands of cybercriminals. In cooperation with Olympic partners, the French National Gendarmerie identified 338 fraudulent websites offering fake tickets. According to their data, 51 sites have already been closed down and 140 have received formal notices from law enforcement.
Several Olympic lottery scams have also been identified, impersonating well-known brands such as Coca-Cola, Microsoft, Google, and the World Bank. The main targets of these scams were users in the United States, Japan, Germany, France, Australia, the United Kingdom, and Slovakia.
Travel Tips
Those planning to attend this year’s games should prepare themselves in terms of security both for travel and for visiting the Olympic arenas. The goal is to minimize the risk of cyber threats, especially attempts to manipulate internet users to steal their data and money.
– The group of people who are potentially exposed to risk is large – warns Robert Dąbrowski. – Based on the data collected by FortiRecon and analyzed by FortiGuard Labs, it should be assumed that there will be an increased number of targeted attacks also on VIPs, including government officials, senior management and key decision-makers, and therefore additional precautions should be taken.
Experts from Fortinet’s FortiGuard Labs recommend installing antivirus or EDR software on all end devices and exercising extreme caution when connecting to public wireless networks. The operating system and all applications should be regularly updated. It is advisable for information exchange between the traveler and his workplace to take place via encrypted connections (VPN or SASE service).