Wednesday, July 20, 2016

Hackers Use the 2016 Rio Olympics to Target Potential Victims

With the 2016 Rio Olympics just a couple weeks away we are seeing new warnings of potential threats from hackers that include anything from malware and ransomware, to full blown interruptions of sites and services associated with the events. These potential threats mean that visitors to the Olympics and you viewers/followers at home should be extremely diligent and cautious when it comes to opening emails, viewing videos and visiting sites related to the 2016 Olympic Games.

It is fully expected that cyberthreats related to the games will escalate over the coming weeks and meaning you could see phishing emails pushed to your inbox or malicious attacks potentially affecting and infecting the websites you visit.

Malicious Apps and Sites

While we all like to think of our app stores and favorite sites as being secure, history shows us that is not always the case. Malicious apps can sneak past the gates and even our favorite sites can be hit with malicious ads or code that injects links for bad downloads. Add to that the warnings about phishing attempts above and users are likely to face the real threat of malicious downloads.

Again this all comes down to 'think before you click' mentality. When visiting sites related to the 2016 Olympics or installing applications to follow the games be sure you are using official applications on your smartphone rather than low-rated ones with small user bases.

If you are visiting a site from your phone or computer and you see pop-up boxes for things like Flash Updates, app installs or anything else that might not seem right, be sure that you use caution. Back out of the page, if you can, and download any and all updates directly from the source. If you are on your smartphone and an app is asking to install from '"Unknown Sources" stay away!

Beware Phishing Emails and Malicious Social Media Posts or Messages

 Major sporting events have always attracted the attention of would be scammers, targeting the public in just about any way imaginable. Over the years these world wide events have become very lucrative targets for hacking groups using tools like phishing emails, social media posts and malicious downloads.

Phishing emails and social media posts are particularly popular ways for hackers to spread malware and other malicious software. They offer high reward and returns for little work and are seen as highly effective. A favorite among hackers are messages and links, sending would be victims to a site tp view high profile video of a favorite star, record breaking event or something similar. Another favorite phishing scam are links to bargains on great seats to events, or fake confirmations for reservations, service or seating to events. In reality these emails and links contain, things like malicious downloads of ransomware or fake sites that utilize realistic looking log-in pages to steal your passwords and log-in information.

The old adage “Think before you click, especially if something looks too good to be true!” rings loud and clear when it comes to emails involving the 2016 Olympic Games and is one most security researchers are trying to reiterate to everyone!

Thomas Fischer, a security researcher at Digital Guardian, has already been noticing an increase in phishing scams trying to take advantage of the Olympics. Typically, a user will receive an email loaded with an attachment that invites them to an Olympics ticket lottery. Inside the attachment, however, is malicious code that will download the Locky ransomware and begin encrypting all the user’s files. Hackers are already blanketing email addresses with this kind of attack. They’ll also pretend to be an organization like an Olympics committee.

Banks and Banking Data Are A Popular Target

For those that are luck enough to visit Rio for the games you should use extreme caution when using banks and point of sale machines. We know that anks and banking data are always popular targets, however we are seeing several warnings that Brazilian hackers are developing applications that install Trojans (back door access to your computer or phone) that pretend to be legitimate banking software, but in actuality can steal the victim’s payment information.

These apps tend to target local users more than anything, but they may evolve into something more and could be potential threats to travelers. 

Dmitry Bestuzhev, the head of global research for security firm Kaspersky Lab has warned that visitors to the Rio Olympics be wary of ATM and point-of-sale machines in the country. They often can be infected with malicious code that can secretly steal payment data once a banking card is swiped. “The attacker has the capability to intercept the data and then to clone the card,” he added.

Another danger Bestuzhev is warning users of is the use of public Wi-Fi spots in Brazil to access important person, financial or business data. These access points are often times insecure. A hacker can use them to eavesdrop on victims and steal their passwords, Bestuzhev said, adding the recommendation that users buy a VPN service to encrypt their Internet communications.

The Office of the Director of National Intelligence, in a recent awareness campaign, took even more drastic step stating that visitors should consider leaving all of their devices at home. Instead uggesting that travelers carry a burner phone, which doesn't contain personal data or secure information might be a good idea.It was also suggested that you change your passwords often while you are there.

In the end all of these warnings are meaningless unless the user actually implements a good plan. If you are traveling to Rio for the games you should make sure all your data is backed-up, not only in-case of security breach but of loss or theft (another real threat). You should, as always, make sure your devices and security software are fully updated with the latest patches, virus definitions ect. You should also run frequent scans just in-case.

The most important thing though is to be DILIGENT! Don't open odd emails, click links without confirming them, use odd sites or download software from unknown places and you should be fine!

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you