Bogus London Olympics 2012 Ticket Site Spotted
The much-anticipated 2012 London Olympics is set to kick off this Friday.
As the event draws nearer, we expect to see online attacks riding on different Olympics-related activities. Sure enough, we saw this interesting Facebook wall post regarding the said event:
The site, hosted on the domain liveolympictickets(dot)com, appears to offer tickets for sale. Moreover, the site uses the colors and look and feel of the official site:
Exploring the site, I found that clicking on the blue tab Olympic Tickets – Buy Tickets for the London 2012 Olympics leads to other pages within the site that mimics normal online transaction pages, such as details about the items to be purchased. In this case, if the user proceeds with the transaction, he/she can choose which games to watch:
However, towards the end, the user is asked for their personal details:
After this, the site asks the user to continue with the payment by entering credit card details or choosing another payment method:
The final page shows that the user’s order has been “confirmed.”
We checked the official website of the London Olympics, where it was possible to check if the ticket vendor was legitimate. However, the site was not recognized and therefore unauthorized to sell tickets. The rest of our investigation shows that it is indeed a phishing page set up to capture user information.
Additionally, we also saw a lot of newly created domains related to this event that included keywords like “2012 london summer games,” “2012 olympic ticket,” “britain olympics 2012,” “olympic 2012 ticket” and other variations thereof.
We already block all malicious URLs involved via the Web Reputation Service; therefore Trend Micro customers are now protected via Trend Micro Smart Protection Network.
For complete information on the latest Olympic-themed threats—including quizzes and safety guides, you can visit Race to Security, the Trend Micro security guide to major sporting events such as the Olympics, by clicking the banner below:
Post from: TrendLabs | Malware Blog – by Trend Micro
Bogus London Olympics 2012 Ticket Site Spotted
Spotlight
Cloud Computing
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
- FBI trying to train financial execs on cyber threats
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet
The comments are closed.