Story image

Domain fraud rife during PyeongChang Winter Olympics

27 Feb 2018

The 2018 Winter Olympic Games in PyeongChang have been a demonstration of sports prowess, but also malicious activity prowess as cybercriminals do their best to make the most of the chances for fraudulent activity.

According to Proofpoint, it’s not just the PyeongChang Olympics that are attracting criminals, but also the upcoming 2020 Olympics in Tokyo, the 2022 Olympics in Beijing and the 2024 Olympics in Paris.

Proofpoint researchers Harold Nguyen and Roman Tobe have been following domain registrations for each of the events. Since 2010, 105 domains related to pyeongchang2018.com have been registered – and registrations started the same year the official site was registered.

Registration activity of ‘lookalike domains’ started to pick up in 2014, and since the beginning of 2017 at least 20 new suspicious domains have popped up.

Those domains may be used for a variety of purposes, including advertising and monetizing web traffic. Others are used to profit from illegal streaming and paywalls and some are profiting through non-sanctioned ticket sales.

Only three of the 105 domains were legitimate (although unofficial) domains, which are being used for Olympic medal tracking purposes.

One particular site, pyeongchang2018tickets.ru is an unauthorized ticket reseller, which increases risk through the possibility of ticket fraud. The National Olympic Committee lists all authorized ticket resellers by country and has guidelines on reseller requirements.

“Pyeongchang2018live.com is a live-streaming site, which is likely neither official nor legal. It asks for payment in PayPal, indicating a potential scam,” researchers note.

However, more than 35% of domains are ‘parked sites’, which researchers are suspect are being used for cybersquatting or to put up for sale in the future.

Typosquatting is also present in at least one example, pyeongchang2o18.com, where the 0 was substituted for the character o.

Researchers say the statistics seem to be in line with current trends. They explain:

“From January through August 2017, brand-owned defensive domains have fallen while suspicious domains registered by someone other than the brand have grown. In that same time period, suspicious domain registrations rose 20% vs. the year-ago period as brand-owned defensive registrations fell 20%.

While it is too early to tell how many of the Tokyo, Beijing and Paris Olympic domain lookalikes will be used will be used for malicious activity, it is likely that domains such as these will continue to surface.

So far registrations related to ‘tokyo2020’ have reached more than 500, while ‘beijing 2022’ has reached 100 registrations and ‘paris2024’ registrations have reached 200.

“.A sign that brand-owned, unofficial and fraudulent domain registrations need to be persistently monitored for consumer protection and reputational risk,” researchers conclude.

Story image
Today
FireEye rolls out threat intelligence platform for industrial systems
Now industrial control systems (ICS), operational technology (OT), internet of things devices, and other equipment used to manage interconnected physical processes, can be secured from cyber threats.More
Story image
29 Nov
CISOs: Dedicated investment in security is still lacking
Nine out of 10 CISOs say the board asks them for advice, but half of companies still lump cybersecurity into IT budget.More
Story image
13 Nov
Microsoft showcases innovations in new Asia Pacific HQ
Almost 145,000 metres of cabling, 200 display screens, 179 Bluetooth beacons and 900 sensors make up Microsoft’s new Asia Pacific headquarters in Singapore, which is now home to the region’s first Microsoft Experience Centre.More
Story image
04 Dec
Gartner names SAI Global as IT Vendor Risk Management leader
SAI Global feels the Gartner report confirms a competitive market with demand growing for cloud-first software solutions. More
Story image
02 Dec
Barracuda opens APAC headquarters in Hong Kong
Building on its research and development center in Bangalore, the APAC headquarters in Hong Kong will be a center for sales, marketing and team recruitment.More
Story image
27 Nov
Interview: Microsoft's Diana Kelley talks talent gaps and D&I
Kelley recently spoke at Microsoft Asia’s new Experience Center, where she talked through her experience as a security CTO, as well as IoT security, what’s ahead in 2020, and diversity and inclusion both in the cybersecurity sector, and in technology.More