In 2008 we had the Beijing Olympics. In 2010, everybody awaited the FIFA World Cup in South Africa. Now, the Olympics are coming to Rio de Janeiro in a few months. All of these events have something in common, and we are not talking about sport. Cybercriminals routinely treat any popular global going-on as an excellent occasion to target hundreds and thousands of sports fans.
Recently, Kaspersky Lab experts detected a new wave of spam emails dedicated to the upcoming Olympic Games in Rio de Janeiro. Spammers picked up on people’s desire to watch the games live and created a message about a (fake) lottery allegedly organized by the International Olympic Committee and the Brazilian government. The spammers tried to convince victims that they had won, and all they had to do was reply to the email and provide some personal information.
This story is not as new as it seems: Bad guys started the spam campaign devoted to the Olympic Games 2016 in the summer of 2015, and now we are observing another wave. What’s worse, spam emails are not the only threat sport fans face.
Looking for #RioOlympics2016 tickets or info? Beware crooks are gearing up to steal your $ https://t.co/N3Ln2Bt6QK pic.twitter.com/gQwHvbmvFw
— Kaspersky Lab (@kaspersky) May 16, 2016
Fake ticketing services have also emerged, and they are even more dangerous. The Kaspersky Lab team constantly detects and blocks new counterfeit domains with ‘rio’ or ‘rio2016’ in the title. Malicious websites that sell fake tickets look very convincing. Savvy con artists even buy the SSL certificates that allow secure connections between a web server and a browser and show the “https” at the beginning of the address bar. Seeing the “s” after http, many users believe that these fake websites are legal and transfer their money to the criminals.
To gain time and calm down users, fraudulent ticket services assure victims that they will receive their tickets two or three weeks before the actual event. In the meantime, a phishing website sends user bank card details to criminals, and they use this data to steal money.
Spammers gearing up for #Euro2016 https://t.co/6hoxW6xrlT #Spam #email #fraud pic.twitter.com/QkQXKmUu2U
— Kaspersky Lab (@kaspersky) April 22, 2016
I’m going to buy tickets to the Olympic Games. How can I protect myself?
Buy tickets securely: The majority of fake ticketing services are advertised via emails or using online banners on various websites, or even on social media. That is why it’s a bad idea to buy anything relating to the Olympics — from tickets to souvenirs — in unofficial online stores. Use the official Rio Olympics page: https://www.rio2016.com/.
In addition to carefully navigating to the official site, a prudent user should create a separate credit card for online purchases and keep there a small amount of money. If you need more you can add money any time by perforce.
How to pay for the Olympics and never get your tickets (or your money back) #Rio2016Tweet
Stop spam emails related to major news events: To protect your email accounts from malicious spam, install a security solution which includes an anti-phishing tool. As well, update your antivirus regularly, and be sure to follow its recommendations; no security solution can protect you if you’ve turned it off or ignored its warnings.
In conclusion, we’d like to note that Kaspersky Internet Security has built-in email, web, and file antivirus protection, so it filters spam, detects phishing websites, and disables malware if it somehow gets to your computer and tries to do something nasty.