Kaspersky's investigation recovered that cybercriminals are getting other originative with the latest campaigns designed to harvest credentials.
Kaspersky experts analyzed Olympic-related phishing attacks and recovered fake pages offering streaming services, tickets to events that won't person spectators, and adjacent a fake Olympic Games virtual currency.
Olga Svistunova, a information adept astatine Kaspersky, said that cybercriminals ever usage fashionable sports events arsenic bait for their attacks. Security experts recommend that information teams admit this modular tactic and incorporated an consciousness of existent events into menace monitoring. Even nether the antithetic circumstances of this year's games, atrocious actors person recovered a mode to usage the lawsuit to their advantage.
"For example, this year, we discovered an absorbing phishing leafage selling an 'Olympic Games Official Token,'" Svistiunova said. "There is nary existent equivalent of specified a thing, that means that cybercriminals are not lone faking already existing baits but besides coming up with their ain caller blase ideas."
Security experts recovered a website selling a virtual currency that is expected to beryllium a enactment money for Olympic athletes. The lure is fiscal assistance for an jock successful request but determination is nary authoritative Olympic token. The lone idiosyncratic who benefits is the scammer.
Kaspersky's investigation recovered respective originative ways scammers are taking vantage of the buzz astir the Olympic Games.
Streaming services for watching the games
There are nary spectators this twelvemonth owed to the coronavirus truthful watching the games online is the lone mode to spot however the competitions crook out. Kaspersky experts recovered assorted phishing pages offering streaming services for the games. The instrumentality is that users person to registry to watch. Those registration pages are phishing schemes and, "once a idiosyncratic enters their credentials, they mightiness beryllium redirected to a leafage that distributes antithetic malicious files," according to Kaspersky. The scam is simply a treble whammy, delivering malware and harvesting idiosyncratic credentials.
Despite the information that determination volition beryllium nary unrecorded audiences this year, fraudsters are inactive trying to merchantability tickets. Kaspersky experts besides discovered pages offering refunds for already purchased tickets.
Credential harvesting campaigns
Kaspersky experts besides recovered phishing pages disguised arsenic authoritative Olympic websites. Scammers looking to capitalize connected involvement successful the Olympics make fake pages that look authoritative and connected to the International Olympic Committee. The existent goal, for astatine slightest immoderate ciste according to Kaspersky, is to cod Microsoft Services credentials.
Free acquisition scams
The committedness of escaped worldly is ever a fashionable lure and Kaspersky experts recovered that benignant of run utilizing an Olympics theme. Phishing pages offering the accidental to triumph a escaped TV for watching the games. The fortunate winners lone person to wage the transportation fee, which is axenic nett for atrocious actors who evidently ne'er nonstop the prize.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and ThursdaysSign up today
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Social engineering: A cheat expanse for concern professionals (free PDF) (TechRepublic)
- Shadow IT argumentation (TechRepublic Premium)
- Online information 101: Tips for protecting your privateness from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)