subscribe: Daily Newsletter

 

Olympic scams in full force

0 comments

As a high-profile international event, the Olympic Games offer plenty of opportunities for cybercrooks to mess around with innocent computer users.

Sophos is warning the tens of thousands of athletes, coaches, journalists and tourists travelling to Beijing for the 2008 Olympic Games to be on their guard against cybercriminals when using their notebooks, PDAs and smartphones.
The company published research last month which revealed that almost a third of all infected webpages in the world were hosted in China in the first six months.
Experts at Sophos are highlighting the need for visitors to the Games not to forget their usual security measures in their haste to access the web from WiFi hotspots, internet cafés and hotels.
Cybercriminals including hackers, spammers and phishers are known to take advantage of major events, whether they be political, environmental or sporting, taking advantage of the excitement and tricking unsuspecting computer users into accidentally clicking links in spam messages, visiting bogus web pages, and inadvertently downloading malware.
With the web now being hackers' preferred vector of attack and with China now hosting the second largest proportion of infected webpages in the world, the risks are even higher for the average computer user wanting to connect to web.
This problem is compounded in China, as many security companies find it more difficult to monitor Chinese sites when compared to other countries, and even when infected sites are identified, finding the appropriate contact and communicating the problem can prove challenging.
Desperate to read the latest news from the Games and send reports back home, sports fans might fall at the first hurdle, giving hackers the advantage.
"Hackers will do their best to capitalise on this event – the most effective way to avoid the pitfalls is to make your device an unattractive target," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"Sophos has published top 10 tips to remind users to not throw caution to the wind. After all, the last thing any visitor wants is to find their bank account emptied while they are enjoying the Games abroad."
These tips are:
* Turn off administrative rights when accessing the internet – a hacker will get a lot further with an administrator's password and username.
* Before you send e-mail or surf the web, check that your anti-virus software is fully up-to-date. Just because you are out of the country doesn't make you a more difficult target for hackers.
* Ensure all security patches for your browser, operating system, and other applications are downloaded and installed as soon as they are made available.
* Have an active personal firewall to help block unauthorised access to your computer.
* Do not leave your laptop or mobile phone unattended. Old-fashioned theft in events like these is still a serious problem.
* Make sure your VPN connection is secure when sending e-mails or downloading data.
* All confidential data should be encrypted, whether it is stored on notebooks, mobile phones or USB stick.  Should your computer or data fall into the wrong hands, it will be blocked from prying eyes.
* Only use your own USB sticks or external storage devices – hackers have been known to plant malware on these items in the past.
* Turn on your wireless functions such as WLAN and Bluetooth only when you need them, and make sure to turn them off when you have finished sending mail to looking for web content.
* Make sure your anti-virus software is kept up-to-date at all times. Just because you're out of your country, doesn't mean you're out of reach of the hackers.
It's not only visitors to the Olympics who are in danger: stay-at-home users could also fall victim to malware or phishing attacks that carry an Olympic theme.
Spammers, phishers and malware writers have grown increasingly sophisticated in engineering their attacks to take advantage of social, cultural and economic events.
McAfee Avert Labs, McAfee's security research organization, has already seen various forms of Olympic-themed attacks and warns users to take precaution when surfing the Net for news, widgets or applications related to the Olympics.
"Cybercrooks have already taken advantage of the world's attention on the Beijing games with malware and data-thieving phishing attacks," says Dave Marcus, research and communications director at McAfee Avert Labs.
Five tips to avoid falling for an Olympics malware or phishing trap:
* Don't open e-mail messages from people you don't know;
* Don't open suspicious e-mail attachments;
* Be wary of free downloadable software;
* Don't click on links in e-mail messages; and
* Keep your operating system, Web browser and security software up-to-date