Proofpoint found a fake website selling tickets for the Paris 2024 Summer Olympic Games. The website, “paris24tickets[.]com,” claimed to be a secondary marketplace for sports and live event tickets.
It appeared as the second sponsored search result on Google, right after the official website, when searching for “Paris 2024 tickets” and similar terms. Proofpoint confirmed with official sources in France that the website was fraudulent. proofpoint’s Takedown Team promptly worked with the domain registrar to suspend the website.
By infosecbulletin
/ Monday , June 24 2024
LockBit claimed that it breached Federal Reserve Board (Federalreserve.gov), the central banking system of the United States and exfiltrated 33...
Read More
By infosecbulletin
/ Monday , June 24 2024
Cyber attack compromised Indonesia's national data center, causing trouble with immigration checks at airports. Attacker demanded an $8 million ransom,...
Read More
By infosecbulletin
/ Sunday , June 23 2024
ESET Issued security patch for privilege escalation flaw in its Windows security products. This flaw, called CVE-2024-2003 (CVSS 7.3), was...
Read More
By infosecbulletin
/ Saturday , June 22 2024
A threat offer to sell a zero-day exploit for Atlassian's Jira in a underground forum. This exploit can be used...
Read More
By infosecbulletin
/ Friday , June 21 2024
The US plans to ban the sale of Kaspersky antivirus software due to its alleged ties to the Kremlin. Gina...
Read More
By infosecbulletin
/ Friday , June 21 2024
A group believed to be linked to China has hacked multiple telecom operators in an Asian country since 2021, according...
Read More
By infosecbulletin
/ Thursday , June 20 2024
Certified Information Systems Auditor (CISA) is a globally recognized professional certification for information systems audit, control, and security. It's offered...
Read More
By infosecbulletin
/ Thursday , June 20 2024
DataDog Security Labs found a worrying campaign targeting Amazon Web Services (AWS), showing a new wave of harmful activity aimed...
Read More
By infosecbulletin
/ Wednesday , June 19 2024
CISA and the FBI released guidance, Modern Approaches to Network Access Security, with support from other organizations including New Zealand’s...
Read More
By infosecbulletin
/ Tuesday , June 18 2024
On June 18, 2024, CISA released an advisory about Industrial Control Systems (ICS). These advisories give important information about security...
Read More
According to the French Gendarmerie Nationale, they have found 338 fraudulent Olympics ticketing websites. Of these, 51 have been shut down and 140 have received formal notices from law enforcement.
The Proofpoint researchers found a website with a homepage that listed several Olympic events. If users clicked on a sport icon, they would be directed to a ticketing page where they could select tickets and make payments. The site also seemed to offer the option to create accounts for buying and selling tickets.
The website design looked like other popular ticketing sites, which made visitors feel that the site was trustworthy.
The people running this website may have tried to steal money from those buying or selling Olympic tickets. They might have also taken personal information such as names, contact details, and credit card information from ticket buyers.
The domain was mainly spread through ads in search results. Although it was not widely seen in email campaigns, it was found in a few emails. The sender of these emails pretended to offer “discounts” on tickets that might interest the recipient. Researchers cannot confirm how the sender got the emails, but it’s possible that users provided their email address when signing up or trying to buy tickets on the website.