As the Olympic Games in Rio draw nearer, cybercriminals are preparing more and more traps for sports fans. They make use of all kinds of tactics: phishing letters and fake sites, hacked Wi-Fi networks, card skimmers, and even fake ATMs. Criminals also clone credit cards and steal data with the help of USB charging ports in airports. In this post, we are going to speak about all of these threats.<\/p>\n
Kaspersky Lab has thoroughly analysed how things stand in Rio and on sites devoted to the Olympics. You can have a look at our findings in this post or read a detailed review on Securelist<\/a>.<\/p>\n Criminals see global sport events as times of bountiful harvest, and the 2016 Olympic Games are no exception. Criminals created many fake sites to steal personal data from sports fans and International Olympic Committee (IOC) employees working in Brazil. For example, February some crooks made a copy of the IOC\u2019s Intranet portal (in fact, we detected a series of such attacks).<\/p>\n Sports fans\u2019 banking data is also considered fair game. Some credit card numbers were obtained by mail: E-mail messages tantalised with giveaways such as new cars and tickets to the Games. Users followed the links, entered their data, and helped criminals to clone their credit cards.<\/p>\n Stealing banking data is all well and good, but direct money transfers are even better for criminals. We posted earlier<\/a> about criminals who made fake ticket sites \u2014 with promotions, sales, giveaways, and other goodies. We saw well-thought-out frauds as well: For example, some criminals offered direct (fake) ticket sales to the people of Brazil (when people living in the country can acquire them only through official lotteries).<\/p>\n Altogether we detected and added 230 domain addresses that were registered by criminals for phishing, fraud, and theft during the Olympics.<\/p>\n Unfortunately, it\u2019s already too late to purchase tickets to the Olympics through official channels. We do not recommend buying them through unofficial markets \u2014 you simply cannot know what you\u2019ll be getting. Of course you can watch the Olympic Games on TV or online, but beware of malicious streaming websites<\/a>. We have already detected and blocked domain addresses that targeted Olympic fans, and no doubt there will be more soon.<\/p>\n \u00a5 Be alert for fake websites, and always check the URLs carefully for \u201ctypos.\u201d<\/p>\n Sometimes it seems mobile devices drain faster when we travel. It\u2019s no wonder: We often take photos, turn on location services, use the Internet to get directions, chat, and post things on social networks. To help tourists, many cities invest in charging points, and you\u2019ll find many such spots in airports, shopping malls, and taxis.<\/p>\n At the free charging spots, you can charge your phone using a cable that sticks out of a terminal or use a USB port. Some also provide a traditional power supply that you can use with your own charger. The latter is the safest option. Remember, if you connect your device to a hacked USB port, criminals can connect to your phone<\/a> and download your personal data.<\/p>\n \u2022 Always use your own charger and connect to traditional electrical outlets, not USB ports.<\/p>\n Roaming is costly, so travellers often connect to free Wi-Fi<\/a>. That\u2019s a mistake: Criminals hack legitimate Wi-Fi networks or create their own to intercept and manipulate the content victims see in their browsers.<\/p>\n Hundreds of thousands of fans will flock to Brazil to see the Olympics \u2014 and many of them will need the Internet. We checked Wi-Fi networks in areas in Rio that are likely to attract tourists: the Brazilian Olympic Committee building, Olympic Park, and the stadiums (Maracan\u00e3, Maracan\u00e3zinho and Engenh\u00e3o).<\/p>\n These areas have about 4,500 unique access points. They are mostly new, and they handle multimedia streaming particularly well. However, we discovered that 18% of them are insecure and openly configured, and 7% are poorly protected. The upshot is, about a quarter of Wi-Fi networks in the areas of the Olympic Games are vulnerable to hackers.<\/p>\nPhishing party<\/h3>\n
Expensive \u201ccyber-literacy\u201d tests<\/h3>\n
USB-charging traps<\/h3>\n
Dangerous Wi-Fi<\/h3>\n
\n
Skimmers, fake ATMs, and clones<\/h3>\n