Fans attending the recent Paris Olympics were targeted by cybercriminals looking to cash in on ticket shortages and eager fans with a host of scams, experts have revealed.
A surge in malicious online activity before and during games highlighted the threat consumers face when browsing games, as major sporting and ticketing events often attract criminals looking to take advantage of fans who want cheaper tickets and merchandise.
BforeAI researchers studied recently registered domains (NRDs) in the two weeks leading up to the Olympics and found 166 unique domains that showed signs of Domain Name System (DNS) abuse. Scammers are looking to collect personal data, such as names, emails, addresses, and credit card details, from unsuspecting viewers.
Detect the signs
Domains found to be using targeted keywords to attract traffic, such as “paris2024” and “olympics2024,” frequently included misspellings of keywords, such as “olymplics” and “olymppics,” in an attempt to catch users misspelling search words. The domains also frequently used suspicious and unconventional top-level domains, such as .xyz, .win, .stream, .mobi, .shop, .store, and .info.
Fake ticketing sites, social media accounts and merchandise stores were set up to trick fans into handing over their financial details. The threat from these websites is not just immediate financial loss, but the risk of card details being published on the dark web and sold to other cybercriminals. This could lead to identity theft or further financial loss.
Researchers recommend relying exclusively on official Olympic social media channels and websites, as well as staying alert for unofficial content and refraining from clicking on suspicious links, especially if they offer lower prices for tickets or merchandise.
BforeAI published a list of suspicious domains to avoid to help consumers stay safe.