There’s a sucker born every minute. And for each sucker there are hundreds of scammers waiting to take advantage of them. Now, with the Olympic Games fast-approaching, fraudsters are lining up to take advantage of unwitting consumers interested in attending or simply sharing in a little bit of the excitement from the comfort of their home. A variety of scams abound from fraudulent sites selling fake tickets to the opening games to “lotteries” giving “winners” hundreds of thousands in cash and prizes. Here are the five most sophisticated scams we’ve seen to date:
Lotto: The Scam of Choice
According to the UK’s National Fraud Intelligence Bureau, two lottery-related scams are making the rounds. In the first case, “winners” are notified that they have been selected from among 10 million email addresses as the winner of an online lottery prize of £650,000 as well as a trip to Brazil to see the Olympics. The second lottery scam alerts recipients that their lottery picks have won them a trip to Brazil to attend Carnival and the Olympics, and even includes a large cash payout of £820,000. In either case, the so-called winners are asked to contact a Lottery official (whose contact info, not surprisingly, is riddled with typos) where upon they are asked to provide the details of their bank account in order to facilitate the transfer of funds. Tempting as it may be, consumers would be well advised to remember that if they didn’t play, they didn’t win.
Have a Coke and a Scam
“Congratulations! You’ve won a cash prize of $ 1,000,000.00 (one million US dollars) of Coca-Cola Foundation in partnership with the International Olympic Committee (IOC), labeled ‘RIO2016’.” That’s the opening line to one of the many email scams surrounding the upcoming Olympics that are floating around at present. The premise is simple: The recipient has been selected at random from a database of more than 250,000 email addresses, and in order to collect the prize, the “lucky” winner need only fill in some personal information and elect whether they prefer a bank transfer or to pick up their check in person in Nigeria. Given the choices, most will opt for a bank transfer, and that’s where the trouble begins.
The example above is written in Spanish and proof positive that when it comes to scams surrounding the Olympics, everyone needs to be cautious, no matter the nationality or language.
Buyer Beware
Whether you’re attending the Olympics or planning on being an armchair tourist, those in search of Olympic paraphernalia should remember “caveat emptor.” If the 2014 Olympics are anything to go by, sales of fraudulent merchandise will be rampant. According to the Better Business Bureau, a quick search for “Sochi 2014,” for example, found 5,693 items in 2014, including a $4,000 “Olympic Torch Sochi 2014.” Consumers in the market for Olympic swag are well advised to make purchases on the official Olympic site and to always use a credit card. While both debit and credit cards offer protection, in the event of a scam money lost via a debit card may take several days to be replaced, and who has that kind of time … or cash?
Phishing: An Oldie But a Goldie
When it comes to perfecting their craft, fraudsters have an endless well of creativity. Nevertheless, fraudsters continue to rely on tried-and-true phishing scams because they work. Now with the Games almost upon us, scammers are registering domains using terms such as “Rio” and “rio2016” and using low-cost SSL certificates to ensure their scam sites appear to be legitimate.
Malicious Rogue Apps
It seems as if the whole world is glued to their smartphones. That trend, in part, is thanks the abundance of useful and entertaining mobile applications available through authorized and unauthorized app stores. No doubt people will turn to apps to stay up-to-date on scores and news about the Olympics. However, not all apps about the Olympics are legitimate. In fact, downloading the app pictured below can expose the user to Trojans, viruses and other malicious code created by scammers. This app looks official enough, but our malware analysts determined this app has the same properties of Trojan apps and other fraudulent apps. Moreover, this app was found in a third-party store, which means it was subjected to less security oversight than if it had been offered through authorized stores such as the Apple Store and Google Play Store.
When it comes to staying safe online, consumers should follow the following tips:
- Be leery of unsolicited emails, especially those claiming that you are a winner, and never give out personal information in response to these emails.
- Always pay with credit cards as they afford consumers greater protection.
- Only do business with encrypted sites (those starting with “https”).
- Open attachments only when they come from known sources, and even then be aware of what you are opening. Sophisticated fraudsters can create emails that appear to be from legitimate companies but that direct recipients to fraudulent sites or introduce malware onto their system.
- Keep your password protected and never re-use the same password across multiple sites.
- Secure access to your bank and critical applications with a locked-down personal web browser such as the Detect Safe Browsing mobile app.
- Only download mobile apps from authorized app stores.
[su_box title=”About Easy Solutions” style=”noise” box_color=”#336588″][short_info id=’61384′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.