Posted by Mumbai: After a year long delay the Tokyo Olympics 2020 kicked off last week. But the 2020 Olympics Games are underway without physical presence of spectators due to the pandemic. In the very long history of Olympics, this is for the first time the Olympic Games are being played with no spectators
And that has forced viewers, sports enthusiasts and even the general public around the world to watch this mega sports event live either on television or online.
With more and more accessing the live broadcast of Tokyo Olympics 2020 on different online and live streaming platforms and apps, they have are the new targets of cybercriminals. These fraudsters are exploiting these sports enthusiasts and fans with various online frauds and phishing scams.
Many Tokyo Olympics related phishing websites have surfaced on the internet. These fake websites are designed to steal users’ credentials and personal data, according to Kaspersky experts.
After analyzing these Olympic related websites, Kaspersky researchers found fake pages running different schemes. These pages claiming to offer live streaming of various Olympic events, selling tickets for competitions that won’t have spectators, various giveaways and even the first fake Olympic Games virtual currency.
·Live Streams
With more people watching the games online, Kaspersky experts found various phishing pages offering to stream the Olympic Games. Some of them ask users to register before watching. After user enters credentials in such phishing pages, they might be redirected to a page that distributes different malicious files.
Through those files, the scammers install malware on users device, which collects their identifying information. And then, scammers may start using such data for bad purposes or sell it on the Dark Web.
·Fake Tickets
Fraudsters are trying to sell offline events tickets to users, even when there’s no physical presence of spectators in this year’s games. Kaspersky experts also discovered pages offering refunds for already purchased tickets.
·Olympic-Related Entities
Analyzing discovered pages, Kaspersky experts also found examples of phishing pages disguised as official Olympic ones such as a page pretending to be an official website for the Tokyo Olympics 2020 and a page mimicking the International Olympic Committee. The last one, for instance, collects users’ MS Services credentials.
·Gifts
Fraudsters are luring the people with extremely generous giveaways and gifts. Kaspersky experts also found phishing pages offering to win a TV, ideal to watch the Olympic Games on. This is quite popular and, usually, each user becomes a lucky winner; the chosen ones only need to pay for the delivery fee.
·Olympic Games Token
Kaspersky researchers found the first-ever virtual currency, which is a support fund for Tokyo Olympics athletes. A fake one. If a user buys the token, the scammers offer to support financially talented sportsmen around the world who are in need.
“Cybercriminals always use popular sports events as bait for their attacks. This year’s Olympics is being held without spectators – thus, we do not expect a big number of related attacks. Still, we observe that fraudsters have no limit when it comes to creating new ways to take advantage,” said Olga Svistiunova, Security Expert – Kaspersky.
“For example, this year, we discovered an interesting phishing page selling Tokyo Olympic Games Official Token. There is no real equivalent of such thing, that means that cybercriminals are not only faking already existing baits but also come up with their own new sophisticated ideas,” added Svistiunova.
To protect yourself and your close ones from Olympics-related phishing Kaspersky experts recommend:
·Сheck the link before clicking. Hover over it to preview the URL, and look for misspellings or other irregularities.
·Check the authenticity of websites before entering personal data and only use official web pages to watch the Olympic Games. Double-check URL formats and company name spellings.
·Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites.