Olympic ticket scams just the start, says researcher
- 05 August, 2008 08:22
Scammers have duped hundreds of people out of thousands of dollars each using bogus Olympic ticket-selling sites, and a security expert warned that more will follow.
At least two Web sites -- www.beijing-tickets2008.com and www.beijingticketing.com -- have been shut down in recent weeks after the International Olympic Committee (IOC) and the United States Olympic Committee (USOC) filed restraining orders with US federal courts, the Los Angeles Times, among other newspapers, said over the weekend. The Reuters news service followed with a story of its own.
The www.beijingticketing.com site was up and running earlier on Monday, but by 2pm US EDT, it was offline.
According to Reuters and the Los Angeles Times, hundreds of users were duped into handing over their credit card numbers and passport information as they paid for non-existent tickets to events at the Beijing Olympics, which opens Friday and runs most of the month.
The sites were particularly convincing, sporting professional designs and liberal use of Olympic logos. "Users had to be scratching their heads over these," said Paul Ferguson, an advanced threat researcher at security vendor Trend Micro, who examined one of the sites over the weekend. "There wasn't anything there that would have set off alarm bells."
On July 23, a federal court in Phoenix awarded the IOC and USOC a restraining order against www.beijing-tickets2008.com, forcing it to shut down. The two organizations were planning to ask a federal district court judge in San Francisco for an order to close www.beijingticketing.com today.
Ferguson wasn't surprised by the ticket scam. "It's not unanticipated," he said. "Every time there's a major news event, like the Olympics, it's almost guaranteed that sites like these will appear."
And he expects to see more of the same before Beijing bids good-bye to the world's athletes. "It wouldn't surprise me to see that any big news that comes out of the Olympics, say if Michael Phelps wins gold, is used by spammers for social engineering purposes to get people to click on embedded links," said Ferguson. "Or even if there's some civil unrest during the Games, like the attack this weekend in western China.
"Some of these guys are pretty savvy about knowing what news will get peoples' attention," Ferguson added.