Sometimes cyber crooks can achieve impressive feats of evil. They can create masterful illusions that dupe people out of their money, whether that’s through phishing sites like Olympic scams pretending to be ticket services or with some clever social engineering tricks.
With the Olympics opening ceremony taking place this evening, TechWeekEurope thought it would be a good idea to award the most convincing Olympic-themed scams in the traditional style. It’s less a promotion of cyber crooks’ technical proficiency, however, than a way of highlighting the kinds of threat that will cause the most economic harm to Web denizens during the Games.
Taking a different angle on the Olympic Scams theme, cyber criminals have taken to creating fake mobile games to infect users. Over in Russia, crooks have created some convincing ads for an official London 2012 mobile game, on what appear to be legitimate stores.
They aren’t of course, the scammers didn’t even bother to provide a game for the users to mess around with whilst their phones sent SMS messages to premium rate numbers, GFI found. That’s just plain mean.
With so many people desperate to get their mitts on Olympics tickets, it’s no surprise that scammers have set up sites claiming to sell them. Many fake sites look comically amateur, as if a four-year-old had been let loose on Adobe Dreamweaver, but one was spotted this week that looked like it could have duped a few naive souls.
Trend Micro even seemed impressed by liveolympictickets(dot)com, noting it had the same aesthetic quality as the official Olympics site, with some of those lovely pink and blue hues. Although the weird official graphic that looks like a robot humping a tree was nowhere in sight…
The fiendish crooks didn’t just create a few webpages to trick the most moronic of web users, they made a site that takes people through what appears to be a typical transaction process, even up to the final stage where victims are told their order is pending. They even took to Facebook advertise their nasty work.
With a little bit of investigation work, Trend discovered it was just a phishing site. But it just goes to show how cyber criminals aren’t jokers. As web users get more aware, the crooks get craftier.
The most impressive attempt at using the Olympics as bait for an attack was spotted by F-Secure in May. TechWeekEurope hasn’t seen many direct attempts to get malware onto people’s machines by luring suckers in with Olympics goodies, so this one gets the top prize.
This attack saw emails sent out offering a download of the official Olympics schedule. The best/worst bit of this scam was that the PDF did show the official schedule. But in the background it was dropping executables that exploited holes in old versions of Adobe Reader and Acrobat. The exploits then attempted to make a connection with a site registered in China, presumably to drop malware onto the target’s system.
This was as clean and simple as a Tom Daley dive into the Olympic pool. Nice work, you nasty scammers. And watch out you good sports lovers…
Think you’re an IT Olympian? Try our sporty quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
I think everybody should check out the Scam Detector app. I believe they're online as well.