Whenever an important event takes place, new opportunities for cyber criminals, especially for those who develop attacks based on social engineering, arise. Currently, the whole world has its eyes glued to TV screens watching the London 2012 Olympic Games.
Anti-malware and anti-virus solutions provider Webroot has issued a warning that an app app called “London Olympics Widget,” which is described as an app that displays aggregated Olympic news coverage. In fact, it’s really just harvesting the user’s contact list and device ID while reading up on SMS messages too.
The package name is ‘com.games.London.Olympics.widget’. This app has a digital certificate claiming it was developed in New Delhi, India.
For this scam, cybercriminals create websites that are very appealing; some even look very professional that they make it seem that you are close to having access to live programming. Researchers explain that the crooks rely on black hat SEO techniques to make sure that their malicious websites show up among the first in search engine results.
The security firm has determined that close to 10,000 clicks have already been redirected to the fraudulent Olympics website.Overall, a number of 38,000 clicks have been redirected to such sites, the victims being spread out across 100 countries.
Webroot advises that consumers should take a close look at the author of the app and then search the name to see if it is in fact a reputable company and/or developer, as seen in the photo above. A way that consumers can protect themselves from becoming a victim of these types of online scams is by learning about social engineering so they can recognize it and avoid falling into these traps.
The official London 2012 mobile app can be downloaded from the site.