Tokyo 2020 Credential Theft
Following the news that credentials for Paralympic and Summer Games ticket holders have been leaked online, please see below for comment from Joseph Carson, Chief Security Scientist at ThycoticCentrify.
“During all major sporting events cybercriminals will attempt to target them for financial gain. The upcoming Olympic games will always be a lucrative target for cybercriminals and news is breaking that the Tokyo 2020 Olympic games has become the latest victim of a major credential theft resulting in the ticket holders id’s and passwords being stolen. This is not a great start to the Olympic games which is already under pressure given the situation with COVID-19 and that the upcoming games will be without those ticket holders. If you are a victim then it is important to ensure you change any passwords that use the same or similar passwords and monitor your accounts for any suspicious activities.
Many fake, fraudulent websites or emails that appear official luring fans into cheap tickets, free merchandise or simply to stream and watch these events live will come with many scams. These scams can result in stealing the victims credentials, passwords, credit card information, infecting their computer or smartphone with malicious software or even ransomware. This can lead to unknowing victims spreading the malware to family and friends, losing sensitive data or a major financial impact.
It is important to be vigilant during major events and cautious from any email, website links or even messages from friends on social media to whether or not they are authentic, many scams are so good these days that they are almost difficult to detect. If it is too good to be true then it is more than likely a scam. During major events avoid clicking on suspicious email or website links, use the latest web browsers, do not enter credentials, passwords or credit card information into these websites as it is a high probability that they are scams and you will be the next victim. Consider using a password manager to help you move passwords into the background and ensure that all accounts have strong complex unique passwords.”