The coming Paris Olympics and other major sporting events are tempting targets for cybercriminals and hacktivists looking to fatten their wallets, promote causes or pilfer secrets, federal security officials warn.
A Canadian Centre for Cyber Security bulletin published Friday says criminals operating online will very likely try to extort organizations involved in — or located near — major sporting events.
Cybercriminals will also likely try to ensnare individuals, including spectators, through phishing emails and malicious websites, the centre says.
Promises of discounted merchandise, free event tickets or access to a livestream of sporting events can be used to take advantage of people.
During the Olympics in Tokyo, sites prompted users to enter personal information to access event broadcasts, the bulletin notes. “One webpage posing as a television broadcasting schedule also tricked users into allowing browser notifications, then spammed them with malicious advertisements.”
Big organizations generate large amounts of personal and financial information through their operations that cybercriminals can attempt to sell through “dark web” marketplaces or use later in scams, the bulletin says.
“Smaller businesses may not normally be targeted by cybercriminals to the same extent as larger organizations. However, we assess that their proximity to major international sporting events very likely makes them more desirable as targets for extortion.”
It says this is especially true for the travel and hospitality sectors, which see a boost in online traffic due to events, increasing the amount of sensitive information they store.
The centre highlights a 2020 ransomware attack on an English football club that encrypted nearly all of its devices, paralyzing email, security cameras and turnstiles. Although the club refused to pay the demanded ransom, the disruption still proved costly.
Big sporting events provide an opportunity for hacktivists to widely promote their causes through website defacements, denial-of-service attacks and hack-and-leak operations, the centre points out.
“For example, the anti-government protests in France regarding controversial changes to the minimum pension age is likely a motivation for domestic hacktivism against the 2024 Paris Olympics.”
It also warns that state-sponsored cyberthreat actors could target high-profile individuals and organizations involved in events with the aim of collecting sensitive information or gathering foreign intelligence.
While at a hotel in Rio de Janeiro, an International Olympic Committee official logged into the World Anti-Doping Agency database, the bulletin says. Their credentials were then stolen by Russia-backed threat actors and used to export large amounts of data.
“The compromise disclosed personal information, undermined public trust in WADA and affected Canadian athletes, including four members of Canada’s women’s soccer team.”
The Cyber Centre encourages attendees, athletes, government officials and organizations associated with major international sporting events to take “appropriate measures to protect their systems.”
This report by The Canadian Press was first published May 31, 2024.
—
5/31/24, 8:26 AM
LJI-ONT-CRYPTO-SCAM
Norfolk resident loses $25,000 in crypto scam
By: J.P. Antonacci, Local Journalism Initiative Reporter, The Hamilton Spectator
Source: Local Journalism Initiative
The promise of a financial windfall led a Norfolk County resident to lose $25,000 in what police are calling a cryptocurrency investment scam.
According to the OPP, the victim saw an online ad for an “investment opportunity” promising “significant returns.”
The victim created an online account and was promptly contacted by an alleged employee of the investment company, who was granted remote access to the victim’s computer, police said.
Between May 24 and May 27, the victim “invested” about $25,000 in the fictitious scheme, according to police. When they tried to get their money out, the scammer allegedly told them they had to pay even more to get their initial funds back.
“Realizing they had been scammed, the victim contacted the police,” said Norfolk OPP Const. Andrew Gamble in an email.
Scammers will try every avenue to swindle a mark, from online advertisements to phone calls, texts, emails, and even letter mail and faxes, Gamble noted.
“Fraud is a multi-million-dollar enterprise that will only cease when the perpetrators stop profiting,” he said.
To avoid becoming a victim of fraud, police recommend researching any investment opportunity and finding out if it is legitimate before sending any money.
Keep your personal information private, and remember that an investment promising sky-high returns with little risk could be a scam.
To learn more about fraud prevention, call the Canadian Anti-Fraud Centre at 1-888-495-8501 or visit antifraudcentre-centreantifraude.ca.
You can support trusted and verified news content like this.
FIPA’s news monitor subscribers, donors and funders help make these available to everyone rather than behind a paywall. We appreciate every contribution because it makes a difference.
If you found this article interesting and useful, please consider contributing here.