Infosec Cloud
Solutions. Services. Training.

The 'chat' from the cloud

Keep up-to-date with the latest trends, hints and tips on cloud-based security

Rio Olympics Phishing Attacks

Date: May 31, 2016

Category: Blog

Take care! There’s a spike in phishing attacks, email scams and spam messages with Summer Olympics’ themes.

Kaspersky Labs researchers are reporting on this even now. Scammers are registering domains that have words like “Rio” and “Rio2016”, combined with low-cost SSL certificates to make their fake sites look real.

Here is a link to the Kaspersky blog, which states that the attacks use DOC or PDF attachments and use social engineering tricks that make users open these documents.

Kaspersky Researcher Andrey Kostin was quoted in SC Magazine: “Users may receive a phishing or malicious email, they might click a phishing link or advertising banner, or they might using a search tool and choose a fake website selling tickets”. He said the most effective scams were conducted using phishing websites that emulate ticket sale services.
Click here to read the full article.

There are also scams going around claiming that users have won Rio-related lotteries.

In other words, nothing really new here, but it’s important to be alert. And to make sure all your end users are also aware (see our Security Awareness Training).

Here’s six examples, but the possibilities for scams are endless:

  • * Emails with DOC or PDF attachments related to tickets or other special offers related to Rio
  • * Advertising banners on websites that are poisoned and infect your workstation
  • * Scam phone calls trying to sell you Rio-related travel or even products
  • * Links to controversial Rio-related videos
  • * Claims that the whole event will be moved because of the Zika virus
  • * Complete fake websites which claim they will sell you cheap tickets to the event

Remember, anything to do with the Olympics in Rio in the coming months… Stop. Think. Before You Click!

Comments are closed.

  • Employee GDPR Awareness Training

  •  Identity-as-a-Service (IDaaS) solution

  • Tokenless Strong Authentication (MFA)

  • Next Gen Endpoint Security

  • Enquiry LinkedIn Spiceworks