After an almost year-long delay, the Tokyo 2020 Olympic Games are taking place without spectators to stem the spread of the coronavirus.
From a cyber security perspective, the move has minimised chances of data theft by criminals who could exploit vulnerabilities within the public Wi-Fi networks in the stadiums.
However, industry experts urged greater caution as cyber criminals become more creative with ways to take advantage of unsuspecting sports fans.
In the past few weeks, online schemes to steal victims’ identities, confidential data and money were launched, Moscow-based cyber security firm Kaspersky said.
“Cyber criminals always use popular sports events as bait for their attacks … [they] have no limit when it comes to creating new ways to take advantage,” said Olga Svistunova, a security expert at Kaspersky.
“We discovered an interesting phishing page selling Olympics Games official [virtual currency] tokens … cyber criminals are not only faking existing bait but also coming up with their own sophisticated ideas.”
Phishing campaigns, one of the most common attacks, are usually designed to steal personal information.
The National looks at five tactics that cyber criminals are using to target Olympics followers.
Malicious live streams
Most spectators are following the Olympic Games online and relying on streaming websites. Kaspersky found phishing pages offering free streaming of the Games. They ask users to register before watching and collect their confidential details, which are sold in dark web to other criminals. Moreover, when users attempt to create accounts on these suspicious pages, they are directed to other malicious websites, too.
Selling counterfeit tickets
Despite a ban on spectators at this year's Games, fraudsters are trying a well-tested trick - selling fake tickets. Kaspersky said there are fake pages offering refunds for already purchased tickets.
Fake entities representing Tokyo Olympics
Pretending to be Olympics officials, cyber criminals are approaching businesses and individuals with sponsorship offerings. Kaspersky found a page masquerading an official website for the Games and a page mimicking the International Olympic Committee. These websites were created to collect personal and financial information.
Offering free gifts
There are many phishing pages offering users a chance to win a television that would be ideal for watching the Games.
“This is quite popular and, usually, each user becomes a lucky winner … with the chosen ones only needs to pay for delivery fee. No need to say, the TV never gets to the deceived user,” Kaspersky said.
Tokyo Olympics online tokens
Cyber researchers found the first fake online currency, which is purported to be used to support a fund for athletes participating in the Tokyo Olympics. If a user buys the token, the scammers offer to support talented sportsmen and woman in need.
What sports fans should do to avoid attacks
- Сheck the link before clicking on it. Always look for misspellings or other irregularities.
- Check the authenticity of websites before entering personal data and only use official webpages to watch the Games.
- Use a reliable security solution that identifies malicious attachments and blocks phishing sites.