Friday | 10 July, 2009
CSO
Olympic ticket scams just the start, says researcher
Two bogus sites shut down, but more expected this month
Gregg Keizer (Computerworld) 05/08/2008 08:22:32

Scammers have duped hundreds of people out of thousands of dollars each using bogus Olympic ticket-selling sites, and a security expert warned that more will follow.

At least two Web sites -- www.beijing-tickets2008.com and www.beijingticketing.com -- have been shut down in recent weeks after the International Olympic Committee (IOC) and the United States Olympic Committee (USOC) filed restraining orders with US federal courts, the Los Angeles Times, among other newspapers, said over the weekend. The Reuters news service followed with a story of its own.

The www.beijingticketing.com site was up and running earlier on Monday, but by 2pm US EDT, it was offline.

According to Reuters and the Los Angeles Times, hundreds of users were duped into handing over their credit card numbers and passport information as they paid for non-existent tickets to events at the Beijing Olympics, which opens Friday and runs most of the month.

The sites were particularly convincing, sporting professional designs and liberal use of Olympic logos. "Users had to be scratching their heads over these," said Paul Ferguson, an advanced threat researcher at security vendor Trend Micro, who examined one of the sites over the weekend. "There wasn't anything there that would have set off alarm bells."

On July 23, a federal court in Phoenix awarded the IOC and USOC a restraining order against www.beijing-tickets2008.com, forcing it to shut down. The two organizations were planning to ask a federal district court judge in San Francisco for an order to close www.beijingticketing.com today.

Ferguson wasn't surprised by the ticket scam. "It's not unanticipated," he said. "Every time there's a major news event, like the Olympics, it's almost guaranteed that sites like these will appear."

And he expects to see more of the same before Beijing bids good-bye to the world's athletes. "It wouldn't surprise me to see that any big news that comes out of the Olympics, say if Michael Phelps wins gold, is used by spammers for social engineering purposes to get people to click on embedded links," said Ferguson. "Or even if there's some civil unrest during the Games, like the attack this weekend in western China.

"Some of these guys are pretty savvy about knowing what news will get peoples' attention," Ferguson added.

More about IOC, Phoenix, International Olympic Committee, Trend Micro, Reuters

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Extensible Threat Management

Unified threat management (UTM) spawned a new era of IT security. The promise of these integrated security appliances proved to be an exceptional and efficient way of securing commercial networks. However, businesses today face an inflection point, dictated by changing market trends and new technologies that demand more of today’s UTM. Hence the need is for eXtensible threat management (XTM) solutions, the next generation of UTM appliances.

Sponsored Links