As the Paris Olympic Games draw closer, a recent report has highlighted a surge in malicious online activities preying on unsuspecting fans. Cybercriminals are capitalizing on the event’s popularity by creating fake social media profiles, online stores, and ticketing systems, as well as launching fraudulent cryptocurrencies. This wave of cybercrime has not only resulted in significant financial losses for fans but has also damaged the reputation of legitimate vendors.
The report, conducted by cybersecurity researchers at BforeAI, meticulously analyzed newly registered domains (NRDs) acquired in the two weeks leading up to the Olympics. The findings are deeply concerning:
- The researchers identified 166 unique domains exhibiting signs of DNS abuse, such as keyword stuffing and typosquatting.
- These domains often utilized unconventional and suspicious top-level domains (TLDs) like .xyz, .win, .stream, .mobi, .shop, .store, and .info.
- Variations and common misspellings of “Olympics” (e.g., “olymplics,” “olymppics”) were employed to capture mistyped domain names.
- Keywords related to the Olympics and specific years or events (e.g., “paris2024”, “olympics2024”) were heavily used to draw traffic.
These tactics not only enhanced the search engine visibility of these malicious sites but also increased their perceived legitimacy, thereby improving their chances of successfully targeting potential victims.
BforeAI has issued a stark warning about the risks posed by fake Olympic shop domains, noting that these fraudulent sites deceive fans looking to purchase official merchandise and experiences. The financial losses for consumers can be substantial, and the reputation of legitimate vendors may suffer as a result. Cybercriminals have also created fake websites selling Olympic tickets, which are designed to harvest personal information and payment details from users. The stolen data often ends up being sold on the dark web or used in future financial scams.
In addition to ticketing and merchandise scams, the research uncovered the emergence of scam cryptocurrency coins and tokens marketed under Olympic-related branding. Such schemes are not new and have previously surfaced during other major events like the FIFA World Cup, often leading to significant financial losses for investors. Unauthorized live-streaming websites offering free access to Olympic events pose another threat, potentially harming official media broadcasters and affecting the revenue of the International Olympic Committee (IOC).
To mitigate these risks and ensure a secure Olympic experience, BforeAI advises fans to take several precautionary measures:
- Rely exclusively on official Olympic websites and social media channels.
- Avoid clicking on suspicious links and refrain from purchasing tickets from unofficial sources.
- Verify the authenticity of websites hosted on unfamiliar TLDs.
- Be cautious about investing in cryptocurrencies created solely for the Olympics.
Reporting fake Olympic-based websites on social media can also contribute to fostering a safer online environment.
As the anticipation for the Paris Olympic Games intensifies, so too does the risk of falling victim to cyber scams. Fans must remain vigilant and take necessary precautions to safeguard themselves from financial losses and identity theft. By relying on official sources and exercising caution with suspicious links and offers, fans can enjoy the Olympic experience without becoming casualties of cybercriminals. The key to a safe and enjoyable Olympic event lies in awareness and proactive protective measures.