Fans attending the recent Paris Olympics were the target of cybercriminals looking to capitalize on scarce tickets and eager fans with a multitude of scams, experts have revealed.
A surge in malicious online activity before and during the games outlined the threat consumers face when navigating the games, as large sporting and ticket events often attract criminals who look to take advantage of fans wanting cheaper tickets and merch.
Researchers at BforeAI studied the Newly Registered Domains (NRDs) in the two weeks running up to the Olympics, and found 166 unique domains which displayed signs of Domain Name System (DNS) abuse. The scammers look to collect personal data such as names, emails, addresses, and card details from unsuspecting spectators.
Spot the signs
The domains the research found to employ specific buzzwords to drive traffic, like ‘”paris2024″, “olympics2024” and frequently included misspellings of keywords, such as ‘olymplics,’ and ‘olymppics’ to try and catch users who misspelled search words. The domains also commonly used suspicious and unconventional top-level domains such as .xyz, .win, .stream, .mobi, .shop, .store, and .info.
Fake ticket sites, social media accounts, and merchandise stores were all set up to trick fans into handing over their financial details. The threat with these websites is not just in the immediate financial loss, but the risk of card details being put onto the dark web and sold to other cybercriminals. This could lead to identity theft or further financial loss.
Researchers recommend relying exclusively on official Olympic social media channels and websites, as well as staying alert to unofficial content and refraining from clicking on suspicious links, especially if they offer lower prices for tickets or merchandise.
BforeAI published a list of suspicious domains to avoid to help consumers stay safe.