A new eMarketer report projects that an expected 1 billion people worldwide will follow the London Games on PCs and mobile devices – including smartphones and tablets. This is a significant jump from the 2010 games, as smartphone ownership worldwide is now estimated by eMarketer to be about 24 percent. There will be heightened risk for those using mobile devices, tablets and third-party applications – any malware can penetrate these devices just as easily as PCs, contrary to popular consumer thought.
“With such a large audience seeking information on the Olympic Games, cybercriminals will seize this opportunity to attack PCs, mobile devices and even tablets,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “Cybercrime today is so advanced that in many cases users are completely unaware they are being attacked. The Olympic audience needs to be vigilant when browsing the Internet and researching the games. Whether you are searching for Michael Phelps or real-time medal count updates, make sure you are using sites that can be trusted – mainstream news sites, or better yet the official Olympics website.”
Consumers Beware: Top Cybercrime Strategies for the Olympic Games
In order to prepare for the tremendous amount of cyber threats, the London Organising Committee of Olympic Games has allocated a quarter of its $3.1 billion budget to be spent on technology alone. While money and time are being spent to make the games as secure as possible, consumers should still be on the lookout for potential danger associated with watching and tracking the Olympics online or through a mobile device.
ThreatMetrix has identified the top five cybersecurity threats for consumers to be aware of during the Olympic Games:
• Mobile and Tablet Risk – Those who are watching the games via their smartphones or tablets should be aware of third-party applications that are not authorized by the Olympics. Consumer devices can be attacked when malicious applications are downloaded, as evidenced by recent news around spam-distributing iPhone applications.
• Drive-by-Downloads – Malicious software can automatically begin downloading to consumers’ devices during a visit to an infected website, email or pop-up ad. Cybercriminals can easily link this software to seemingly authentic Olympic websites, for example the Flashback Trojan for Mac.
• Information Phishing – Disguised links from Facebook and Twitter are abundant, leading consumers to malware infected sites. Twitter links, for instance, are always shortened (e.g. bit.ly/…) and users cannot tell where these links will lead – unless clicked upon, which in turn could instantly infect users’ devices. Another security concern is whether a particular account is legitimate – does the @CNNInternatDesk Twitter handle really belong to CNN?
• Search Engine Poisoning – When conducting online searches for information or images about the games, cybercriminals can redirect consumers to malicious websites. Rather than seeing an image of their favorite Olympian, the photo can actually infect consumers’ devices if the page containing the image is laced with malware.
• Ticketing Scams – Consumers should be wary when researching game tickets, and of emails offering ticket deals from third-party sources. These can lead to fraudulent transactions and stolen credit card information.
“All of the cybercrime risk associated with the Olympics can be overwhelming to consumers,” said Baumhof. “However, simple steps can be taken to avoid malware attacks associated with the Olympics. These steps include keeping all software up-to-date, using only official Olympic sites and applications and being hyperaware of all web and mobile device activity. Don’t click on any link that comes your way, even if it looks interesting – it may be a costly click.”
• Malware Examples: Search Engine Poisoning
• Malware Examples: Targeted Emails
• Malware Examples: Drive-By Downloads
ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, malware protection with TrustDefender™ Cloud and TrustDefender™ Client, as well as TrustDefender™ Mobile for smartphone applications. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments, social networks, government, and healthcare.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.