The 2024 Olympic Games in Paris promise to be a thrilling spectacle. Athletes from around the globe will compete in a range of events that will bring together a massive international audience excited to tune in to the celebrations.
However, some are interested in more than just watching one of the most anticipated sporting competitions of the year. Significant events like the Olympics have become a prime target for scammers and cybercriminals who are set to exploit the excitement and attention of the media, online and offline attendees, and even the partner and organisational committees.
Bitdefender Antispam Lab persistently monitors email-based threats to help keep internet users well-informed and mindful of the most recent scam trends and other phishing campaigns targeting sensitive data such as credentials and financial information.
Hereโs what weโve found:
- Scam campaigns leveraging the 2024 Paris Olympic Games were spotted beginning at the end of May
- Cybercriminals are mainly focused on stealing personal information and money
- At this point, fake giveaways, lotteries and sweepstakes are among the most common Olympics-themed scam trends noticed by our researchers
- The top destinations of the scams include the US, Japan, Germany, France, Australia, the UK, Brazil and Slovakia
ย The Paris Olympic Games 2024 Lottery Draw is a Sham
Lottery scams have existed since the dawn of the internet, and years of practice have taught fraudsters that these schemes are highly versatile and can be promoted alongside numerous topics (for example, the pandemic). Making matters worse, people still fall for these antiquated schemes.
Bitdefender researchers have spotted multiple Olympic Games-themed lottery scams in the past weeks. Cybercrooks use the names of national lotteries, financial institutions, and big tech giants to lure unsuspecting internet users.
Common impersonated brands include Coca-Cola, Microsoft, Google, the Turkish National Lottery, and the World Bank.
Alleged winnings range from $550,000 USD to $850,000 USD, depending on the campaign, and the body of messages is similar to your run-of-the-mill email lottery scam messages, with fraudsters simply adapting the text to suit the event.
As expected, the bogus messages inform recipients that their email address was part of a global lottery draw for the upcoming Paris Olympic Games. The scammers even add fake reference numbers or list the lucky numbers โdrawnโ in the fictitious lottery.
Other tactics and red flags include:
- Recipients must contact a โrepresentativeโ via email (this agent has a Gmail account) or phone number
- They are required to provide additional information such as full name, address, age, and phone number
- Typos and uncommon phrasing
We urge consumers to be aware that these campaigns might be part of a bigger plan, with scammers potentially bombarding inboxes with poorly and more โobviousโ scam attempts to verify the validity of their email database and give potential victims a sense of security and self-confidence that they would never fall for such a poorly fashioned email scam.
Use your Visa for a chance to win tickets to the Paris Olympic Games 2024 scam
Cybercriminals are using a different approach in targeting sports fans in Brazil. A campaign impersonating financial service provider Visa baits unsuspecting users with a chance to win tickets to the Olympic Games by entering their CPF number (Cadastro de Pessoas Fisicas).
While the initial message displays plenty of indications of a scam, the cybercrooks did an excellent job in manufacturing a fake visa website.
Below is a machine-translated version of the message:
โUse your Ourocard Visa debit or credit cards for your purchases and compete for a travel package to the 2024 Paris Olympics and prize miles. Participate also using the Mastercard and Elo brands.โ
Customers who take the bait are directed to a page where they are required to enter their CPF number to either register or check their participation.
Hereโs what else you can expect in anticipation of the 2024 Paris Olympic Games
- Phishing Attacks: Cybercriminals may begin sending messages that may appear to be from official Olympic Games partners, asking recipients to click on malicious links or provide personal information.
Example: unsolicited emails may offer last-minute ticket deals to Olympic events to steal your credit card details.
- Fake Websites and Apps: Threat actors may begin promoting fraudulent websites and mobile apps that mimic official Olympic platforms, tricking users into downloading malware or providing sensitive information.
Example: Cybercrooks may advertise a fake app promising live-streaming of Olympic events that instead serves up credential-stealing Trojans and spyware.
- Ticket Scams: Scammers may begin peddling counterfeit tickets to Olympic events at inflated or too-good-to-be-true prices.
Example: a website offering heavily discounted tickets that do not exist, costing you time and money.
- Public Wi-Fi Risks: Public Wi-Fi networks at Olympic venues and surrounding areas can be hotspots for cybercriminals to intercept your data.
Example: Checking your bank account while connected to an unsecured Wi-Fi network can result in a hacker stealing your login credentials.
- Last-Minute Travel and Hotel Booking Scams: Scammers use fake travel and accommodation deals that lure consumers into paying for services that donโt exist.
Example: You see a great offer for a last-minute hotel deal in Paris at a great price, but after you pay, you discover the booking was fake.
- Merchandise Scams: Fraudsters create fake ads and platforms to sell counterfeit Olympic merchandise.
Example: You see an ad on social media for an online shop selling fake Olympic Games merchandise, including T-shirts and plushies.ย
On-Site Scams and Physical Security
- Pickpocketing and Theft: Crowded places and venues always present an increased risk of physical theft, so keep your valuables secure and be aware of your surroundings.
- Fake Officials: Scammers might pose as Olympic officials to steal personal information or money. Whenever in doubt, verify the identity of any official by checking credentials and contacting the organisation directly.
Staying Safe Online During the Olympic Games
- Be on the lookout for scams and phishing attempts
Olympics-themed scams may come in the form of emails, social media messages, or fake websites designed to steal your personal information.
Safety tips to avoid scams:
- Verify the source: Only open emails and messages from known senders. If you receive a suspicious message claiming to be from an official Olympic source, verify its legitimacy by checking the official website or contacting the organisation directly.
- Look for red flags: Be wary of emails that contain spelling errors, generic greetings, or urgent requests for personal information.
- Do not click on suspicious links: Hover over links to see the actual URL before clicking. If the link looks suspicious or unfamiliar, do not click on it.
- Use a security solution: A trustworthy security solution can protect you from malicious software, phishing attempts and fraud.
- Use dedicated scam detection tools such as Bitdefender Scamio
Use Bitdefender Scamio, our AI-powered tool dedicated to helping you identify and avoid potential scams. When unsure about an email, you can check it with Scamio onย WhatsApp,ย Facebook Messenger, orย a web browserย for free! Copy/ paste a text or link, describe the situation, and upload the image or the QR code you want to verify. Scamio will analyse the data and tell you if anyone is trying to scam you. ย You can also help others stay safe by sharing Scamio with them inย France,ย Germany,ย Spain,ย Italy,ย Romania,ย Australiaย and theย UK.
Conduct a password checkup
Use strong and unique passwords for your online accounts to protect against fraud and unauthorised access to information. If you are thinking of creating new accounts specifically for the Olympic games donโt recycle old passwords or use easily guessable ones such like โpassword123โ. โparis2024โ or โolympicgames2024โ.
Tips for creating strong passwords:
-
- Use a mix of characters: Combine upper- and lower-case letters, numbers and special characters.
- Avoid common words and phrases: Do not use easily guessable words or personal information like your name,ย date of birth or petโs name.
- Use a password manager: A password manager can help you generate and store complex passwords securely.
Be cautious of public Wi-Fi connections
Public Wi-Fi networks, such as those found in cafes, hotels and Olympic venues, can be convenient but are often insecure, allowing threat actors to intercept data transmitted over these networks.
Tips for using public Wi-Fi safely:
-
- Avoid accessing sensitive information: Do not log into your bank account, email, or other sensitive accounts while on public Wi-Fi.
- Use a VPN: A VPN encrypts and secures your internet connection, protecting your data from prying eyes.
- Turn off file sharing: Ensure file sharing is turned off and your device is not set to connect to nearby Wi-Fi networks automatically.
Stay Updated on Cybersecurity Threats
Cyber threats are constantly evolving, and staying informed about the latest scams and security vulnerabilities can help you stay ahead of cybercriminals.
Tips for staying updated:
-
- Follow reputable cybersecurity blogs and news sources: Bitdefenderโs Hotforsecurity blog provides valuable insights and updates on current threats, scams and important industry news.
- Enable automatic updates: Ensure your devices and software are set to update automatically to receive the latest security patches.
Use official sources
When looking for any information about the upcoming Olympic Games, such as event schedules, results, or live streams, always use official sources.
Tips for finding official sources:
-
- Visit the official Olympic website: It will have accurate and up-to-date information.
- Use trusted news outlets: Stick to reputable news organisations for updates and eventsโ coverage.
- Download official apps: If youโre using a mobile app to follow the Games, make sure itโs the official app recommended by event organisers.