Kaspersky experts have identified phishing attacks related to the Olympics that include fake pages offering streaming services, tickets to events that will not have spectators, and fake Olympic Games virtual currency.
TechRepublic detailed some of the findings in an article that claims cybercriminals often use popular sporting events as avenues to carry out attacks, and that security experts are recommending that security teams recognize these attempts and incorporate an awareness of current events into threat monitoring.
Even with this year’s games being vastly different than those of the past, bad actors are still finding ways to use the event to carry out cyberattacks.
“This year, we discovered an interesting phishing page selling an ‘Olympic Games Official Token,'” says Olga Svistiunova a security expert at Kaspersky in the TechRepublic article. “There is no real equivalent of such a thing, that means that cybercriminals are not only faking already existing baits but also coming up with their own new sophisticated ideas.”
Experts also discovered a website selling a virtual currency that claims to be for a support fund for the Olympic athletes. This is an attempt to help athletes in need but there is no official Olympic token, which means the scammer is the only one who benefits. This is one of the many ways Kaspersky’s analysis found scammers to be taking advantage of the Olympics popularity.
COVID-19 has prevented people from attending the events in-person which means everyone will be watching online. Kaspersky found numerous phishing pages offering streaming services and the trick is that users must register to watch. The registration pages are phishing schemes and if a user enters credentials, they could be redirected to a page the distributes different malicious files.
Despite there being no live audience, scammers are also trying to sell tickets and Kaspersky even found pages offering refunds for already purchased tickets.
They also discovered phishing pages disguised as official Olympic websites where scammers look to capitalize on the games popularity by creating pages that look like they are connected to the International Olympic Committee. But the real goal is to collect Microsoft Services credentials, according to Kaspersky.
The experts have also discovered gift scams and campaigns using the Olympics theme, like phishing pages offering the chance to win free TV’s for watching the games. The “winners” only have to pay the delivery fee for a prize that they will never end up receiving.
Cyber criminals have caused many problems in the year 2021 and it is not surprise that they are using the biggest sporting event of the year to attempt to carry out many more.