Tokyo 2020 Staff Warns of Phishing Disguised As Official Emails (Dec 20, 2019)
A warning has been published detailing an ongoing phishing campaign spoofing the Tokyo Organizing Committee of the Olympic and Paralympic Games (Tokyo 2020). The warning emphasises that the email might look official and legitimate, but that victims are likely to be redirected to malicious sites or infected with malware. Tokyo 2020 ticket sales have not yet begun in an effort to reduce fraudulent activity. Microsoft has already linked previous malicious activity targeting Tokyo 2020 to STRONIUM Advanced Persistent Threat (APT) group.
Recommendation: Large sporting events like the Olympics are vulnerable to many risks, and have been the target of malicious actors from multiple vectors in the past. All organisations involved in participating, constructing or attending the events should take care to monitor, detect and defend against potential threats. Threat intelligence can help businesses and individuals to be better informed and enhance an enterprises defence apparatus.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.