The 2024 Olympic Games in Paris promise to be a thrilling spectacle. Athletes from around the globe will compete in a range of events that will bring together a massive international audience excited to tune in to the celebrations.
However, some are interested in more than just watching one of the most anticipated sporting competitions of the year. Significant events like the Olympics have become a prime target for scammers and cybercriminals who are set to exploit the excitement and attention of the media, online and offline attendees, and even the partner and organizational committees.
Bitdefender Antispam Lab persistently monitors email-based threats to help keep internet users well-informed and mindful of the most recent scam trends and other phishing campaigns targeting sensitive data such as credentials and financial information.
Here’s what we’ve found:
Our research also taps into the spamvertising trend surrounding the upcoming Olympic Games which can turn into a particularly problematic issue for several reasons:
- High global interest in the Olympics may lead to a surge of spam emails exploiting user interest in the event
- Increased spam volume can overwhelm email systems and make it harder for recipients to distinguish between legitimate communications and scams
- Constant interruptions from spam emails that can decrease user engagement with genuine content
This form of advertising is unsolicited and relies on sending spam emails en masse without the recipient’s consent. The spamvertising business is cheap and gives unscrupulous marketers the opportunity to use harvested email addresses from public sources to target an unlimited number of recipients with minimal cost or effort. Spamvertising also allows spammers to use collected data to create detailed profiles of targeted individuals which can end up in the hands of malicious actors who can then use the data in fraudulent schemes.
Additionally, spamvertising often targets vulnerable individuals including seniors and less cyber-savvy individuals who are, unfortunately, more likely to fall victim to email scams.
Lottery scams have existed since the dawn of the internet, and years of practice have taught fraudsters that these schemes are highly versatile and can be promoted alongside numerous topics (for example, the pandemic). Making matters worse, people still fall for these antiquated schemes.
Bitdefender researchers have spotted multiple Olympic Games-themed lottery scams in the past weeks. Cybercrooks use the names of national lotteries, financial institutions, and big tech giants to lure unsuspecting internet users.
Common impersonated brands include Coca-Cola, Microsoft, Google, the Turkish National Lottery, and the World Bank. The top destinations for this kind of lottery scams include the US, Japan, Germany, France, Australia, the UK and Slovakia
Note: The top destinations for Olympics-themed lottery scams are solely based on the scam samples analyzed below. To date, we’ve noticed that scammers prefer sending lottery scams en masse, writing the body of the emails in English - This doesn’t mean that cybercriminals won’t begin tailoring or localizing future schemes.
Alleged winnings range from $550,000 USD to $850,000 USD, depending on the campaign, and the body of messages is similar to your run-of-the-mill email lottery scam messages, with fraudsters simply adapting the text to suit the event.
As expected, the bogus messages inform recipients that their email address was part of a global lottery draw for the upcoming Paris Olympic Games. The scammers even add fake reference numbers or list the lucky numbers “drawn” in the fictitious lottery.
Other tactics and red flags include:
- Recipients must contact a “representative” via email (this agent has a Gmail account) or phone number
- They are required to provide additional information such as full name, address, age, and phone number
- Typos and uncommon phrasing
Scam samples:
We urge consumers to be aware that these campaigns might be part of a bigger plan, with scammers potentially bombarding inboxes with poorly and more “obvious” scam attempts to verify the validity of their email database and give potential victims a sense of security and self-confidence that they would never fall for such a poorly fashioned email scam.
Cybercriminals are using a different approach in targeting sports fans in Brazil. A campaign impersonating financial service provider Visa baits unsuspecting users with a chance to win tickets to the Olympic Games by entering their CPF number (Cadastro de Pessoas Fisicas).
While the initial message displays plenty of indications of a scam, the cybercrooks did an excellent job in manufacturing a fake visa website.
Customers who take the bait are directed to a page where they are required to enter their CPF number to either register or check their participation.
1. Phishing Attacks: Cybercriminals may begin sending messages that may appear to be from official Olympic Games partners, asking recipients to click on malicious links or provide personal information.
Example: unsolicited emails may offer last-minute ticket deals to Olympic events to steal your credit card details.
2. Fake Websites and Apps: Threat actors may begin promoting fraudulent websites and mobile apps that mimic official Olympic platforms, tricking users into downloading malware or providing sensitive information.
Example: Cybercrooks may advertise a fake app promising live-streaming of Olympic events that instead serves up credential-stealing Trojans and spyware.
3. Ticket Scams: Scammers may begin peddling counterfeit tickets to Olympic events at inflated or too-good-to-be-true prices.
For example, you may see a website offering heavily discounted tickets that do not exist, costing you time and money.
4. Public Wi-Fi Risks: Public Wi-Fi networks at Olympic venues and surrounding areas can be hotspots for cybercriminals to intercept your data.
Example: Checking your bank account while connected to an unsecured Wi-Fi network can result in a hacker stealing your login credentials.
5. Last-Minute Travel and Hotel Booking Scams: Scammers use fake travel and accommodation deals that lure consumers into paying for services that don’t exist.
Example: You see a great offer for a last-minute hotel deal in Paris at a great price, but after you pay, you discover the booking was fake.
6. Merchandise Scams: Fraudsters create fake ads and platforms to sell counterfeit Olympic merchandise.
Example: You see an ad on social media for an online shop selling fake Olympic Games merchandise, including T-shirts and plushies.
1. Pickpocketing and Theft: Crowded places and venues always present an increased risk of physical theft, so keep your valuables secure and be aware of your surroundings.
2. Fake Officials: Scammers might pose as Olympic officials to steal personal information or money. Whenever in doubt, verify the identity of any official by checking credentials and contacting the organization directly.
1. Be on the lookout for scams and phishing attempts
Olympics-themed scams may come in the form of emails, social media messages, or fake websites designed to steal your personal information.
Safety tips to avoid scams:
Use Bitdefender Scamio, our AI-powered tool dedicated to helping you identify and avoid potential scams. When unsure about an email, you can check it with Scamio on WhatsApp, Facebook Messenger, or a web browser for free! Copy/ paste a text or link, describe the situation, and upload the image or the QR code you want to verify. Scamio will analyze the data and tell you if anyone is trying to scam you. You can also help others stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia and the UK.
2. Conduct a password checkup
Use strong and unique passwords for your online accounts to protect against fraud and unauthorized access to information. If you are thinking of creating new accounts specifically for the Olympic games don’t recycle old passwords or use easily guessable ones such like “password123”. “paris2024” or “olympicgames2024”.
Tips for creating strong passwords:
3. Be cautious of public Wi-Fi connections
Public Wi-Fi networks, such as those found in cafes, hotels and Olympic venues, can be convenient but are often insecure, allowing threat actors to intercept data transmitted over these networks.
Tips for using public Wi-Fi safely:
4. Stay Updated on Cybersecurity Threats
Cyber threats are constantly evolving, and staying informed about the latest scams and security vulnerabilities can help you stay ahead of cybercriminals.
Tips for staying updated:
5. Use official sources
When looking for any information about the upcoming Olympic Games, such as event schedules, results, or live streams, always use official sources.
Tips for finding official sources:
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsNovember 14, 2024
September 06, 2024