Olympic Games and cyber attacks - be on your guard

Filed Under: Data loss, Featured, Law & order, Privacy, Spam, Vulnerability

London 2012The Olympic Games are coming to London this summer, and there's plenty of talk in the British newspapers about the chances that hacktivists, mischief-makers and or even terrorists might try to make a high profile attack against the event's computer systems.

Clearly, there may be some who might be tempted to launch denial-of-service attacks against Olympic-related websites to gain some notoriety or headline inches, and there may even be identity thieves and malware authors who attempt to hack their way into Olympic servers to steal information or plant malicious code.

And don't discount the chances of attack. It was reported that the 2008 Beijing Olympics were on the receiving end of 12 million online attacks per day.

Hopefully, the "war games" simulations run by the Olympics' Technology Operations Centre (TOC) located in London's Canary Wharf, will have put both systems and staff on a good footing to repel any attacks.

But what they can't do very much about are the attacks which take place away from the official Olympics systems. It's not difficult for anyone to create a website which might claim to offer much-prized tickets to the top Olympic events (but actually steal your credit card details), to poison search results with links to malicious Olympic-related webpages, or to spam out emails which may pretend to be official Olympic-related communications.

For instance, see this email I just received claiming that I have been awarded £950,000 in a lottery.

It claimed to come from "2012 Olympic games promo" and had a subject of "2012 Olympic games,Please view the attached for details"

Olympic spam email

The attached PDF file says in part:

"We will like to inform you that your e-mail address has won the sum of £950.000.00 from monthly British National Lottery Promotion held this March 13th 2012. Your e-mail address was chosen from this promotion as one of the lucky e-mail address through our computer ballot system in British national lottery."

Spammed out PDF

Things which should set the alarms bells ringing in your head:

  • They give you an 070 telephone number to ring. The thing is, it might look like a UK mobile phone number, but in fact 070 numbers are "follow me" or "personal numbers" that can be redirected anywhere, and can cost around 50 pence per minute.
  • They list your winning lottery numbers. But do you remember entering any lottery with those numbers?
  • They want you to hand over your personal information - such as your full name, address, nationality, contact details, etc.
  • Worst of all - they want you to send this information.. to a Hotmail address!

Take care folks. The security team working for the Olympics will work hard to keep its systems up-and-running and, hopefully, avoid a serious attack. But only you can ultimately take care of your home computer and your personal finances and information.

, , , ,

You might like

2 Responses to Olympic Games and cyber attacks - be on your guard

  1. Tim · 834 days ago

    I can't help but crack up seeing some of the design work of this scam, especially the seven google image copy/pastes at the bottom. I have this funny feeling this may of been made on MSpaint

  2. Richard · 833 days ago

    Not just any Hotmail address - a South African Hotmail address!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.