A look ahead at an olympic-sized criminal competition

As official preparations for this event reach a peak, we would like to point out some of risks and the “darkside” preparations for the #Rio2016 Olympic Games:

Olympic Games – Phishing and Scam

It has happened before with the Euro 2016 and now it comes back with the Olympic Games: Cybercriminals change their tactics to take advantage of user interests. Here is just one example of an Olympic-themed email promotion:

scam

You can’t believe how lucky you are! You have won a huge amount of money! It really looks too good to be true, doesn’t it? That’s, because it is not true. It just a phishing trap. As you can see, the masterminds behind it want to know more about you (and probably not to ask you out for a date) so they are asking you to send them all this information. But the truth is that after you’ve replied, you will just be getting further trouble (lots of spam and probably even some nicely wrapped malware gifts) but not a single pound, euro or dollar.

Health scams with the Zika virus

There are a number of scams playing on the real fears of the Zika virus. This disease is primarily spread through mosquitoes and can be transmitted from pregnant women to their fetuses. A real health issue – and a great hook for criminals to exploit people’s fears and concerns.

ZIKA

This tweet on #Twitter shows how criminals are digging into this issue for another source of money. While ostensibly providing a service in tracking Zika virus cases, they are chasing user donations and promising a free shirt to contributors. It is an interesting idea on one side, but you can be sure that you won’t see the free shirt. For reputable information on Zika, it’s better to check out official sources of information such as the World Health Organization or the Center for Disease Control in the United States. Another Bonus: You won’t risk a malware infection.

Black market tickets and streaming content

Everybody wants to be part of the games. To watch it on TV or via streaming is nice but what is really cool is to go there, to Brazil, and watch them live. But beware: It’s yet another way that criminals are seeing opportunities from the games. On #Facebook, you can see groups where you can buy tickets like the one shown on the screenshots below.

fb1

On pages as this, the cybercriminals offer users an opportunity to request the URL for their ticket system. You can be sure that it isn’t an official page of a legitimate ticket shops. I highly doubt you will get much after using the credit cards in your pocket. Probably the only ticket that you will ever receive will be the credit card bill.

fb2

Free live-streaming of the Olympic Games is yet another attractive proposition. After all, what if the sport you want to watch is not covered by your local TV station? Checking both pages, we can see that they are quite similar (and were probably created by the same person/group). But as I said, you might get a lot more than a live stream; recent research by KU Leuven-iMinds and Stony Brook University found that streaming sites are a huge source of malware in the ads that come along with the video content.

The opponents

As I said at the beginning of my article, the games have their opponents, too. There is a lot of resentment when it comes to why Brazil should spend so much money to host the Olympic Games even though they have many internal social and political problems.

CaPal7NWYAEc3mu CaYK_cuWQAAgA8e

Ci58n0fWsAAhYQ9 CiMgiGXUUAAe2rI

The complaints to the world about those issues are easy to see on social media where hacktivists have announced their own intentions and reactions. Take a look yourself and search for #OpOlympicHacking. Crazy, right? So what are their possible activities? Disturbing federal services by starting Denial of Service or hacking attacks against the official Olympic Games pages and/or locations? By the way, for me, as a security expert, this is the most interesting example of what could happen during the games.

In summary, the games will be the most exciting Olympic Games ever. Therefore, be aware about what you are receiving and how you react if you should get in touch with the Games!

This post is also available in: German

Team Leader Virus Lab Disinfection Service