The upcoming Paris Olympics have attracted the attention of cybercriminals, with a spike in phishing scams, particularly related to fraudulent ticket sales, merchandise offers, and mobile data recharge schemes. These scams exploit the popularity of the Olympics, using sophisticated and convincing websites to deceive potential victims. Affected: Consumers, sports fans, Olympic participants
Keypoints :
- Cybercriminals have begun preparations for the Paris Olympics, targeting consumers with scams.
- Phishing schemes related to ticket sales are rampant, with many fraudulent websites replicating legitimate ones.
- Scammers are also offering fake merchandise and mobile recharge plans linked to the Olympics.
- Lookalike domains further complicate the recognition of legitimate sites and pose a risk to unsuspecting users.
- Historical data indicates a likelihood of more sophisticated attacks during the Olympics based on past events.
MITRE Techniques :
- T1071.001 – Application Layer Protocol: Threat actors utilize email and web applications to distribute phishing lures.
- T1078.001 – Valid Accounts: The use of lookalike domains may suggest attempts to impersonate legitimate account registrations.
- T1530 – Data from Information Repositories: Attackers gather personal information from the victims through fraudulent sites.
Indicator of Compromise :
- [Domain] ticketsparis24[.]com
- [Domain] 2024olympics[.]shop
- [Domain] shop-olympics[.]shop
- [Domain] parissummerolympics2024[.]online
- [Domain] olympics2024[.]cc
Full Story: https://blogs.infoblox.com/threat-intelligence/olympics-scammers-take-their-marks-get-set-and-go/