Enjoy the Games, but Use Caution, Common Sense Online
Cybercriminals might use the 2012 Summer Olympic Games as an opportunity to ramp up malware, scams, data theft and DDoS attacks, as well as a platform for high-profile “hacktivism,” warns a May 17 report released by the Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center, “Strategic Outlook: 2012 Summer Olympic Games.”
Such major internationally newsworthy events have a history of attracting scams and cybercrime, so it’s no surprise that the DHS has urged businesses and individuals to use particular caution during the upcoming Olympic Games, the opening ceremonies for which are July 27 in London.
The Games’ own technological infrastructure is considered a prime target; the report estimates the 2008 Beijing Olympics were targeted roughly 12 million times a day. But the experts are warning that risks will also include “globally distributed Olympic-themed malware, spam campaigns, and scams.”
The Olympics present an opportunity for criminals to profit through malware and scams. The DHS report cites one gang that made about $3.5 million online selling fake tickets to the 2008 Olympic Games. During the same time period, the public reported an increase in Olympic-related spam and downloaded malware. A common method was redirecting users to fake phishing websites.
“Phishing and scams imitating official Olympic correspondence or offering tickets have already begun circulating in the wild,” the DHS report says. These have included Olympic travel-related scams that trick victims into sharing personal information, as well as spam with Olympic-themed attachments that download malware.
Another criminal tactic likely to increase during the games is search engine optimization (SEO) manipulation. This is not to be confused with normal SEO, which is completely legal and very beneficial to companies looking to increase their organic traffic (learn more here). When manipulation is involved, sites are promoted so that they appear high in the search results for Olympics-related keywords, with many unwitting users finding themselves on sites that distribute malware.
Malware is already commonly distributed through infected screensavers, images, and icons. Innocent fans of popular athletes should be wary when downloading such media devoted to their favorite competitor. It might be an idea for fans to use Device Fingerprinting to look out for any fraudulent activity on their personal devices.
Some might use VPNs to better protect their web traffic from malware. With many benefits to using a Disney Plus VPN such as being able to enjoy their favorite shows regardless of where they are located geographically, no wonder more and more people are turning to VPNs. Because they encode traffic, it can be a useful barrier if you do end up becoming infected with malware. Protecting yourself from this should be a top priority when opening links from anywhere – this incident has highlighted that prevention is important.
And this will be the first Olympics where live streaming coverage of every event will be widely available, including coverage via mobile device. Fake video players, media tools and apps will become the vectors of choice for cybercriminals.
Finally, these “bad guys” will no doubt use social media to drive people to fake, phishing and scam sites. One old hoax that may turn up is the alleged “Olympic Torch Virus.” This is an old email forwarding hoax that made the jump to Facebook the last time it showed up. Typically a warning about a virus that will “burn up your hard drive,” this is the social media equivalent of a chain letter. Don’t be fooled into sharing it!
With all of these warnings of dire consequences, Invision still encourages people to enjoy the 2012 Olympics online. Just be a little bit extra paranoid and follow all the usual clean and safe computing advice you’ve heard before.
Need a refresher course? Visit Stop.Think.Connect, a business and consumer resource from the Anti-Phishing Working Group (APWG) and National Cyber Security Alliance (NCSA). Businesses with particular concerns about securing their networks for the Olympic season should contact Invision for custom consulting and advice.
Photo credit: London 2012