The 2016 Summer Olympics was officially kicked off as Rio de Janeiro welcomed the world to the first ever Olympics held in South America with a spectacular opening ceremony on Friday (5 August). And, as the Olympic fever sweeps the world, cybersecurity risks are continuing to rise with threat actors actively targeting fans and brands worldwide with social media scams and malicious apps.
According to Proofpoint research, the expected increase in content related to the Summer games, "likely to be the most digitally-enabled Olympics in history" has also presented "as many opportunities for attackers as it does for the viewing public."
"As with many major events, whether holidays, elections, or sporting events, threat actors look to capitalize on our curiosity and willingness to engage via digital media," researchers wrote in a blog post. "As a result, both consumers and brands need to be exceedingly cautious in their interactions with Olympic-themed social media and mobile applications, both of which are prime targets."
Analyzing more than 1,300 Olympics-related social media accounts, thousands of mobile apps across Facebook, Twitter, Instagram, YouTube, Google+ and various app stores, researchers found that overall social content increased by 200% in the two months leading up to the games.
However, they also found that potentially malicious content increased by 60% during the same time including "profanity, pornography, trademark violations and spam posts" with embedded links leading to suspicious or compromised sites. Around 15% of this content posed a security risk, while about 42% included profanity and adult content.
The firm also expects negative Olympic-related content to increase by another 40% by the start of the games, based on observations from the 2014 Winter Olympics in Sochi.
Research also showed that around 15% of social media accounts tied to the Olympics and sponsoring brands were found to be fraudulent, sporting over 400,000 subscribers or followers collectively. While about 82% of these accounts were imposter accounts with "misleading use of brand elements relating to the Olympic Games or sponsors to attract followers and interaction," 6% offered viewers illegal live streaming of the Games. About 4% involved some form of fake ticket sale scams.
More than 4,500 risky mobile apps related to the Olympics and sponsor brands were also found by Proofpoint researchers on Android and iOS that featured potentially risky or malicious behaviour.
For example, they found one notable app that claimed to offer Olympics updates. Instead, the malware-ridden app included code that could hijack social media accounts, scan through data from any device that users connect their phones to and even transmit data over to third-party ad networks.
According to an earlier report from Kaspersky Lab, malware-laced emails, fake ticket scams and phishing attacks are also on the rise as digital pickpockets continue to target sports fans, sponsors and government entities using a wide range of digital methods to gain sensitive information during the global event.
"While the physical safety of athletes and in-person attendees in Rio has dominated headlines around the 2016 Olympics, digital safety is also a critical concern," researchers wrote. "Over the coming weeks, fans worldwide will be tracking their favorite athletes and brands will be interacting on a virtual world stage. Enjoy the games safely, whether from the sidelines in Rio or on a screen halfway around the world."