Kaspersky Lab experts found the first spam emails mentioning the Olympic Games in Rio de Janeiro in early 2015, a year before the event is set to take place. The majority of spam emails are in English, but some are also in Portuguese because of the location of this year’s Olympic Games. According to Kaspersky Lab research, international fraudster gangs are also behind the creation of fake ticketing services for the Olympic Games.
Major events attract spammer attention because they are a good opportunity to earn money from credulous people. However, it is only recently that Kaspersky Lab experts have detected spam emails dedicated to the upcoming Olympic Games in Rio de Janeiro. The most frequent topic of these emails is fake lottery wins for the ticket lottery organized by the International Olympic Committee and the Brazilian government. Spammers are attempting to convince victims that their email address has been chosen randomly from a large list. To receive their prize, the victim must reply to the email and provide personal information.
Spam emails are not the only threat faced by users. Ticketing services are also appearing for the Rio de Janeiro 2016 Olympic Games, and these are the most dangerous threat. The Kaspersky Lab team constantly detects and blocks counterfeit domains with «rio», «rio2016» in the title.
Malicious web pages discovered by Kaspersky have been very well made. Fraudsters often buy the cheapest and simplest SSL certificates, which allow secure connections between a web server and a browser and provide "https" at the beginning of the address bar. This makes it harder for users to distinguish fake pages from the official Olympic ticketing services.
The business model used by fraudsters is fairly simple. On phishing websites users have been asked to provide personal information – including bank account details - to pay for the fake Olympic Games tickets. After extracting this information, criminals use it to steal money from victim bank accounts. To sound even more convincing, fraudsters are informing their victims that they will receive their tickets two or three weeks before the actual event.
“According to our research, the creation of fake sites usually involves well organized, fraudulent, international gangs. They split tasks, so that each small group is responsible for a separate part of the work. For example, one group creates websites, the other registers domains, another collects and sells the victims’ personal information, etc. In order to avoid falling victim to these fraudsters, sports fans should be savvy when they buy tickets. They should only trust authorized resellers, no matter how attractive the low prices from other resources can be” - warns Andrey Kostin, Senior Web-Content Analyst at Kaspersky Lab.
To make your Internet purchasing safe, Kaspersky Lab recommends not buying anything – from tickets to Olympic souvenirs - on the online stores advertised through spam or suspicious advertising banners. The company also recommends having a separate bank account, and a card with a small amount of money on it, for online payments.
To learn more read the blog post available at Securelist.com