A new cyber Criminals report has revealed a surge in malicious online activities leading up to the Paris Olympic Games, which started on July 26, 2024.
Published by cybersecurity researchers at BforeAI today, the new data shows that threat actors exploited the event’s popularity by setting up fake social media accounts, stores, and ticketing systems and launching fraudulent cryptocurrencies.
The researchers analyzed newly registered domains (NRDs) acquired two weeks before the Olympics. Their findings include:
- 166 unique domains displaying signs of DNS abuse, such as keyword stuffing and typosquatting
- Domains frequently used unconventional and suspicious top-level domains (TLDs) like .xyz, .win, .stream, .mobi, .shop, .store, and .info.
- Variations and common misspellings of “Olympics” (e.g., “Olympics,” “Olympics”) were used to catch mistyped domain names.
- To draw traffic, keywords related to the Olympics and specific years or events (e.g., “Paris 2024” and “Olympics 2024”) were heavily employed.
These tactics enhanced the search engine visibility of these malicious sites and increased their perceived legitimacy, improving their chances of successfully targeting potential victims.
Impact on Consumers:
In the report, BforeAI warned that the fake Olympic shop domains, in particular, represent a considerable risk, as they deceive fans looking to purchase official merchandise and experiences.
This could lead to significant financial losses for consumers and damage the reputation of legitimate vendors.
BforeAI also noted that cybercriminals have created fake websites selling Olympic tickets designed to harvest personal information and payment details from users. The stolen data may then be sold on the dark web or used in future financial scams.
Additional Threats:
Beyond ticketing and merchandise scams, the research highlighted the emergence of scam cryptocurrency coins and tokens marketed using Olympic-related branding.
Such schemes have previously appeared during other major events like the FIFA World Cup and often result in significant financial losses for investors.
Moreover, BforeAI noted how unauthorized live-streaming websites offering free access to Olympic events could harm official media broadcasters and potentially affect the International Olympic Committee (IOC) ‘s revenue.
Protective Measures for Fans:
To ensure a secure Olympic experience, BforeAI called on fans to:
- Only rely on official Olympic websites and social media channels
- Avoid clicking on suspicious links and purchasing tickets from unofficial sources
- Verify the authenticity of websites hosted on unfamiliar TLDs
- Steer clear of investing in cryptocurrencies created solely for the Olympics
Reporting fake Olympic-based websites on social media can also help foster a safer online environment.
Reference:
Cyber-criminals Exploited Paris Olympics With Fake Domains
Latest News:
- #CyberMonth: Software Updates, A Double-Edged Sword for Cybersecurity Professionals
Software updates are critical in protecting systems from cyber threats and providing new and improved functionality to software products. They are necessary to patch vulnerabilities that can be exploited by malicious actors, ensuring that systems remain secure. Software updates are one of the four pillars of the 2024 International Cybersecurity Awareness Month campaign. As part … - Universal Music Group Admits Data Breach
Universal Music Group (UMG), one of the world’s largest music corporations, disclosed a data breach in mid-July 2024. According to a filing with the Maine Attorney General’s Office, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, … - Sellafield Fined for Cybersecurity Failures at Nuclear Site
Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences … - Ransomware Attack Forces UMC to Divert Emergency Patients
The University Medical Center (UMC) Health System in Lubbock, Texas, has confirmed a ransomware attack that disrupted its IT infrastructure last week, forcing the diversion of emergency and non-emergency patients. UMC, the only level 1 trauma centre within 400 miles, faced significant operational challenges, with phone systems down and the patient portal inaccessible. Despite this, … - British Hacker Charged in the US For $3.75m Insider Trading Scheme
A British hacker accused of orchestrating a $3.75m insider trading scheme has been charged in the US. Robert Westbrook, 39, allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information. US authorities arrested Westbrook last week in London, and he is awaiting extradition to face multiple charges, including securities fraud …
