Going for Your Gold: Cybercrooks Launch Olympic-Themed Attacks
Bad guys are recycling a number of tried-and-true scams for the 2012 Olympic Games including the the 419 Nigerian email. They've also put up web sites offering to sell you bogus live feeds of the games.
By Constantine von Hoffman, CIO
An estimated 1 billion people will follow the Olympic Games online using PCs and mobile devices. Thanks to the growing ubiquity* of mobile devices that’s a significant jump from the 2010 games.
Where there are huge numbers of people there are huge numbers of crooks. This year’s games are just starting and so are the swindle attempts.
Although the bad guys have had four years to prepare for this particular giant, pre-scheduled, world-attention-grabbing event, some of them have definitely just phoned their work in. How else to explain the return of the Invitation FACEBOOK/Olympic Torch email? This is an email claiming to warn of another email with “an attachment called: Invitation FACEBOOK, regardless of who sent it. It is a virus that opens an OlympIc torch that burns the whole hard disc C of your computer.”
It seems harmless because all it asks you to do is forward this email to your friends. Or maybe not so harmless, as Naked Security points out:
“This morning, Naked Security received a copy of this hoax that had been forwarded seven times, counting the last hop to us. It included nearly 100 names and email addresses in the many To: and Cc: fields it had accumulated along the way. That means that those 100 email addresses are now lying around on 100 PCs where they might be scooped up by real malware, sent off to cybercrooks, and sold on to spammers and scammers.”
The unfortunately named security firm Zscaler ThreatLabZ points out that there is also an Olympic-themed version of the ever-popular Nigerian 419 email scam circulating. So don’t be surprised if you get something saying you’ve won a large sum of money through the Olympics Lottery and to collect you only need to share some personal information – like a copy of your passport, phone number, full name, etc.
In fact, there are so many stupid, Olympic Games-related email scams that the organizers of the Olympic Games have a page on their website listing an amazingly large number of them, each less-original than the one before. Sadly, many will probably fall for them, according to new research. A McAfee survey by OnePoll shows only 13 percent of Brits have even considered a cyber-threat could spoil the Olympic Games for them.
Not everyone is this lazy, however. Some have gone to all the trouble of putting up bogus websites.
Trend Micro is warning of sites allegedly selling live video streams of events. One offered online viewing packages for $29.95 and $49.95, payable with credit cards and PayPal. Zscaler is also reporting an increasing number of sites selling bogus tickets. This is bound to be even more effective than usual because of the large number of empty seats we’ve been seeing on TV.
* Can ubiquity grow? Either something is ubiquitous or it isn’t, right? Sheesh, who writes this stuff?