Keeper Security: Protect Yourself from Cyber Attacks at the 2024 Paris Olympics
The 2024 Summer Olympic games are nearly upon us, and as millions of fans around the globe plan to watch or attend the international sporting event, organisers are preparing for unprecedented cybersecurity challenges. Hosted in Paris, and spread out across 16 other cities throughout France, the Olympics present significant cybersecurity risks to athletes, organisers and spectators – both virtually and in person. According to a recent report from Microsoft, high-profile sporting events like the Olympics offer prime opportunities for cyber attacks with increased cyber risk due to the network-connected environments and increased digital transactions.
In recent years, there has been a marked surge in sophisticated cyber attacks targeting major sporting events, including last month when the X account of French Sports Minister, Amélie Oudéa-Castéra, was hacked. The convergence of large crowds, extensive media coverage and critical infrastructure presents an attractive target for threat actors seeking to disrupt operations, steal sensitive data or generally cause widespread chaos. These threats are not limited to those attending the games in-person. High-profile events also provide limitless opportunities for scammers to launch phishing attacks against unsuspecting victims with an interest in the event.
For instance, at least 334 victims fell prey to Taylor Swift concert ticket scams in the first month of 2024, with losses amounting to at least S$213,000.
Whether you plan on attending the Olympics or watching from home, Keeper Security has identified cybersecurity threats to watch out for and offers the following advice to protect yourself and your digital assets.
#1 Beware of phishing scams.
Cybercriminals have long used phishing scams to steal personal information through emails or text messages with malicious links or attachments. During the Olympics, these scams could appear to be from official Olympic organisations, sponsors or legitimate news sources. Recipients will be enticed with promises of exclusive access to event tickets, free live streams, prize winnings or urgent account verifications. However, the links lead to counterfeit websites designed to steal personal and financial information or could contain an attachment that downloads malware onto the user’s device.
Recently, the Singapore Police Force distributed an alert on fake Singapore Pools websites and mobile applications being used by locals — resulting in unsuspecting bets and payments made to other companies rather than the legal lottery providers.
With increasingly sophisticated technologies, including the growing use of AI, cybercriminals are able to craft more believable campaigns to bait unwitting users. To avoid falling victim to a phishing attack, cybersecurity best practices remain the same. Do not open attachments or click on links from unknown sources. Verify the source requesting any information from you and check all links you receive. Scammers also use social engineering to manipulate users by finding basic information online to appear more genuine and tricking people into sending them money or disclosing sensitive information. Be on the lookout for bad actors attempting to impersonate a friend or family member in urgent need of money to buy tickets or place bets on games.
#2 Protect all of your accounts.
When creating accounts to stream the games, following news updates or placing wagers, it may be tempting to reuse passwords that are easy to remember. Make sure you are using unique, high-strength passwords for all of your accounts. This way, if one account is breached, a cybercriminal does not gain access to the rest of them. Passwords should be at least 16 characters with a mix of uppercase and lowercase letters, a variety of special characters and a random assortment of numbers. Avoid using easily guessed information such as pet names, birthdates and addresses. A password manager is invaluable for generating and securely storing strong passwords. Implementing multi-factor authentication for your accounts provides an additional layer of security that will protect against most breaches.
#3 Think twice before streaming for free.
Cord-cutters and fans trying to tune into the games often turn to the internet in search of free streams – frequently resulting in sacrificed security. While there are legitimate websites and apps that will stream the Olympics for free, the websites that host illegal streams may also host ads for questionable content and contain malicious links that could install malware on your device.
#4 Watch out for fake ticket sales.
Fans seeking to attend the games must be on the lookout for counterfeit tickets. Scammers will create convincing websites to mimic official ticketing platforms, offering seats that either don’t exist or are vastly overpriced. Only buy tickets from reputable sellers that offer a secure payment system and recourse if the tickets don’t come through. The Olympics are also a time when more fans are looking to win money on the games, and scammers are ready to take advantage. They may promise large prizes to winners but once they collect your entry fee or personal information, they disappear and the winners never receive their payout.
#5 Avoid public WiFi and charging stations.
Public WiFi is a key battleground for cybercriminals and should never be used to send any personal, financial or other sensitive information. One of the most prominent cyber threats related to public WiFi is the man-in-the-middle (MITM) attack. Since anyone can join a public WiFi network, you have no idea who is watching or intercepting your online data. Fans should also avoid public USB charging stations. Cybercriminals can load malware onto these charging stations to maliciously access your device.
Cybercriminals are always seeking new and creative ways to target their victims, especially during high-profile sporting events like the Olympics. By keeping your guard up against these threats and following cybersecurity best practices, sports fans will be far less likely to fall victim to cybercrime.