In the past few days, I have been in Paris to follow Samsung Unpacked 2024, and I took the opportunity to observe how the city is preparing for the upcoming Olympics, scheduled from 26 July to 11 August. Along the Seine, one notices the many bleachers set up for the opening ceremony of the 33rd Olympic Games, which for the first time will not be staged inside a stadium, as the athletes will parade on boats on the river in the French capital.
Huge crowds will be arriving in Paris to watch the start of the event and to follow the competitions, so much so that the city is the most searched for on a global scale on Airbnb, where it recorded a five-fold increase in bookings compared to the same period last year. The world’s top sporting event is also the best opportunity for cyber fraudsters to do business and then steal money and personal data.
Fake tickets
The main threat to sports fans wanting to travel to Paris is the sale of fake tickets. The level of sophistication of the traps orchestrated by cyber criminals has become very high, and it is no coincidence that the family of British swimmer Matt Richards also fell victim, losing more than €3,000 through the online purchase of tickets that never arrived at their destination. Kaspersky points out that fraudsters are multiplying phishing websites where tickets are offered at advantageous prices, even for sold-out events. In this way, the hoax is twofold because, on the one hand, money is lost, and on the other hand, personal information is given away (then eventually sold on the dark web), which is required to fill in the necessary forms during the purchase process.
A striking case was uncovered by the security company Proofpoint, which identified the fraudulent website paris24tickets.com at the top of the list of links proposed by Google to those looking for tickets to buy for the Olympics. In its favour were the accurate graphics and information on the home page, judged by experts to be very convincing.
All in all, in the last few weeks alone, the French Gendarmerie has shut down 340 fake sites dedicated to ticket sales, more than 50, two of which have been suspended by order of the authorities. It may seem obvious, but it is always best to repeat that the only way to buy tickets and not have any nasty surprises is to rely on the event’s official website. As well as checking the security of the sites one consults, especially when one intends to send personal data to buy something.
Streaming
Another slippery slope is streaming because, as Veronica Pace, Head of Marketing Trend Micro Italia, points out, there has been a proliferation of fake sites for broadcasting sports events. Watching on TV and through the official streaming service of the broadcasters that have secured the broadcasting rights to the Olympics is the best choice to watch the competitions, but even in this case, fraud is just around the corner.
Cybercriminals propose fake websites, perhaps promising exclusive content, to induce people to pay and share personal data. In addition to advising against seeking solutions other than official ones, analysing the names and domains of suspicious sites can help to avoid damage.
Deepfake
On the rise is deepfake, which uses AI to create realistic videos in order to cheat people. During sporting events such as the Olympics, one may come across appeals on social media from some athletes asking for support and money, often in the form of donations to support a charitable cause.
Most of the time, these are attempts to cheat fans, but one can defend oneself by analysing the details. From the unnatural movements of the face or body of the subject in the video (especially eyelids and mouth) to the audio/video synchronisation and lighting of the subject, you can spot fakes with a little bit of attention.
Data plans
We all use smartphones, and when going abroad, one has to think about organising communication via phone to stay in touch with friends and family. This is why the Olympic Games have caused a surge in phishing for phone and internet traffic.
One example that quickly became popular was the 48GB free data plan for all networks spread on the web by a group of scammers. Even in this one, which is all too suspicious, the scheme is always the same: those who fall for it surrender personal information and money, as some ask for credit card details for any further purchases.
Social media contests and public Wi-Fi networks
Always be cautious is the rule when it comes to exaggerated occasions to enjoy sporting events such as the Olympics and the World Cup. The list includes fake social media contests offering tickets to watch the competitions and gadgets dedicated to the Paris Games as prizes. Spending a handful of minutes researching to verify the authenticity of the contest is highly recommended before clicking and giving your personal details. Speaking of gadgets, researchers also discovered several fake sites selling Paris 2024 branded clothing and accessories. Imagine what those who made the purchase on these sites ended up with… nothing!
Last but not least is the pitfall of public Wi-Fi networks, which are sometimes not very secure. The solution is to choose a VPN, which helps keep personal and financial data safe.
‘Scammers exploit people’s enthusiasm, so it is crucial to consider each offer with a healthy dose of scepticism. You have to remember that if something sounds too good to be true, it probably is. Take the time to verify the authenticity of offers and protect your personal data. Your attention can make the difference between enjoying the event and being the victim of a scam,’ said Anton Yatsenko, Cybersecurity Expert at Kaspersky.
A warning that is always worth bearing in mind.