The Freename Forum

The Olympic Games in Paris were not only a celebration for athletes, but also for criminals: as the security company BforeAI reports, the event was characterised by malicious and cybercriminal activities. Domain monitoring is once again gaining in importance.

From 26 July to 11 August 2024, the world's biggest sporting event took place in the French capital for the third time. In the run-up to the event, France was already expecting a billion-euro boost for the economy - and it came, albeit in a different way than hoped. As the security company BforeAI reports, the popularity of the event was exploited to set up fake ticketing systems and put fraudulent cryptocurrencies into circulation. The company analysed and identified 166 domains that had been registered two weeks before the start of the games and showed the usual signs of ‘DNS abuse’, such as typosquatting or keyword stuffing. It was noticeable that the majority of domains were registered under extensions such as .xyz, .win, .stream, .mobi, .shop or .store, according to BforeAI, because they are cheaper and less regulated. In addition, frequent misspellings or variations of ‘Olympics’ were used, including ‘olymplics’, ‘olymppics’, ‘olympicpepe’ or ‘olympicgold’. Overall, a significant use of keywords referring to the Olympic Games and specific years or events has been identified, including ‘paris2024’, ‘olympics2024’ or, looking ahead, ‘winterolympics2034’. The cybercriminals want to attract traffic and appear relevant to search engines.

Fake Olympic shop domains were particularly ‘popular’, which may have meant considerable financial losses for fans who wanted to purchase official merchandise. Among the most striking examples were parisolympics2024.store and shop-olympics.shop, which were deceptively similar in appearance to official offers. Their aim was to obtain personal information such as names, addresses or e-mail addresses from unsuspecting users. They also tried to trick visitors into buying fake tickets by intercepting payment information such as credit card numbers, expiry dates and CVC codes. According to BforeAI, such data often ends up on the darknet, where it is sold or misused for subsequent financial fraud. In addition, numerous fraudulent Olympic-branded cryptocurrency coins and tokens were marketed; similar scams had already taken place at previous major events such as the FIFA World Cup. A small group of betting domains were also identified that attempted to collect financial information from unsuspecting victims interested in placing bets on Olympic sporting events. Given the increasing number of strikingly similar domains in connection with the 2024 Olympic Games in Paris, it is essential to improve the ability to disrupt hostile networks through predictive analyses with artificial intelligence.

Domain monitoring is therefore becoming even more important for trademark rights holders. Domain monitoring describes the proactive process of actively monitoring activities in connection with a domain that contains a trade mark. Domain registrations and changes as well as potential threats are tracked in order to immediately recognise and react to unauthorised activities. In this way, it serves as an early warning system to recognise and prevent abusive registrations and third-party use of content, be it through website takedowns, requests for cease-and-desist declarations or out-of-court dispute resolution proceedings, based on the individual needs of the domain owner.

You can find the BforeAI report here:
https://bfore.ai/2024-paris-olympic-gam ... ck-report/