Written by 10:37 pm Security News

Cyber Criminals Exploited Paris Olympics With Fake Domains

Cyber-criminals Exploited Paris Olympics With Fake Domains

A new cyber Criminals report has revealed a surge in malicious online activities leading up to the Paris Olympic Games, which started on July 26, 2024. 

Published by cybersecurity researchers at BforeAI today, the new data shows that threat actors exploited the event’s popularity by setting up fake social media accounts, stores, and ticketing systems and launching fraudulent cryptocurrencies. 

The researchers analyzed newly registered domains (NRDs) acquired two weeks before the Olympics. Their findings include:

  • 166 unique domains displaying signs of DNS abuse, such as keyword stuffing and typosquatting
  • Domains frequently used unconventional and suspicious top-level domains (TLDs) like .xyz, .win, .stream, .mobi, .shop, .store, and .info.
  • Variations and common misspellings of “Olympics” (e.g., “Olympics,” “Olympics”) were used to catch mistyped domain names.
  • To draw traffic, keywords related to the Olympics and specific years or events (e.g., “Paris 2024” and “Olympics 2024”) were heavily employed.

These tactics enhanced the search engine visibility of these malicious sites and increased their perceived legitimacy, improving their chances of successfully targeting potential victims.

Impact on Consumers:

In the report, BforeAI warned that the fake Olympic shop domains, in particular, represent a considerable risk, as they deceive fans looking to purchase official merchandise and experiences. 

This could lead to significant financial losses for consumers and damage the reputation of legitimate vendors. 

BforeAI also noted that cybercriminals have created fake websites selling Olympic tickets designed to harvest personal information and payment details from users. The stolen data may then be sold on the dark web or used in future financial scams.

Additional Threats:

Beyond ticketing and merchandise scams, the research highlighted the emergence of scam cryptocurrency coins and tokens marketed using Olympic-related branding. 

Such schemes have previously appeared during other major events like the FIFA World Cup and often result in significant financial losses for investors.

Moreover, BforeAI noted how unauthorized live-streaming websites offering free access to Olympic events could harm official media broadcasters and potentially affect the International Olympic Committee (IOC) ‘s revenue.

Protective Measures for Fans:

To ensure a secure Olympic experience, BforeAI called on fans to:

  • Only rely on official Olympic websites and social media channels
  • Avoid clicking on suspicious links and purchasing tickets from unofficial sources
  • Verify the authenticity of websites hosted on unfamiliar TLDs
  • Steer clear of investing in cryptocurrencies created solely for the Olympics

Reporting fake Olympic-based websites on social media can also help foster a safer online environment.

Reference:

Cyber-criminals Exploited Paris Olympics With Fake Domains

Latest News:

  • Highline Public Schools Forced to Close By Cyber-Attack
    A cyber-attack forced a group of schools in the US Pacific Northwest to close for at least two days. Highline Public Schools has more than 17,500 students in grades K-12. The district has 34 schools and 2,000 staff in Washington State. On Sunday, the school district reported that it had suffered a cyber-attack and that …
  • Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details
    Electronic payment gateway Slim CD has been hit by a cyber-attack, potentially exposing the credit card details of 1.7 million individuals. The firm, which handles electronic payments for US and Canadian-based merchants, revealed that it became aware of suspicious activity in its computer environment around June 15, 2024. A subsequent investigation identified system access between …
  • Most Targeted DDoS Attacks Double With Governments
    New research says the number of distributed denial of service (DDoS) attacks continues to grow, doubling year over year (YoY). According to StormWall’s DDoS Attacks Report, attacks globally rose by 102% in the first half of this year compared to 2023. The government sector was the most brutal hit, with a 116% YoY increase. StormWall says …
  • Ransomware Attacks Exposed 6.7 Million Records in US Schools
    Ransomware attacks on US schools and colleges have surged in recent years, with 491 incidents recorded since 2018. These attacks impacted over 8,000 educational institutions and exposed 6.7 million individual records. According to a new report by Comparitech, estimated costs exceed $2.5b in downtime alone as schools struggle to restore systems, recover data and strengthen cybersecurity measures. …
  • Georgia Tech Sued Over Cybersecurity Violations
    The US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations. The Department of Justice (DoJ) has joined a whistleblower to file a “complaint-in-intervention” against the institutions for “knowingly” failing to implement cybersecurity controls as required by their Department of Defense (DoD) contract. This contract related to …