The business of the games will provide cybercriminals with countless options to scam participants, sponsors, and spectators using contextual details and social engineering.
So, you’re all set to go to the games this summer and then get an email about your hotel booking: the credit card came back invalid and you need to re-enter in a card number to keep your reservation. Whether your attending the Olympics as an attendee, participant, vendor, sponsor, or athlete, this simple scam could be all that needed to infect your computer with malware, steal your logon credentials to web-based email, or trick you into offering up credit card details.
"Events like the Olympics serve as an amplifier for cybercrime," said Emily Wilson, vice president of research at Terbium Labs. Everything from travel details, to ticketing, to winning a trip to the Olympics, to invoicing, and more are all viable scams organizations should be warning users to expect.
So, if your organization is planning on participating at the summer Olympics in some capacity, it’s imperative to educate users via Security Awareness Training of the possible attacks and scams that users may encounter in the coming months. Employees need to be "hypervigilant about any messages—whether email or text messages—anything you receive and be incredibly suspicious of that and assume it's fraudulent by default," Wilson said.
This security-conscious mindset is what’s needed not just as we approach the Olympics, but every day; the Olympics serve as just another storyline in a scammers arsenal. Users need the same levels of vigilance everyday, regardless of the underlying “story”.
We’ve seen very sophisticated phishing scams revolving around the Olympics in previous years; there’s every reason to believe we’ll see them again.
Here's how it works:
