Cybercriminals Target Winter Olympics Fans with Fake Merchandise Stores
As the Milano Cortina 2026 Winter Olympics approach, cybercriminals are exploiting the event’s popularity by creating sophisticated fake online merchandise stores. These fraudulent websites are designed to deceive fans into providing payment information and personal data under the guise of purchasing official Olympic merchandise.
The primary focus of these scams is the high demand for official Olympic mascot merchandise, particularly the Tina and Milo plush toys. With these items sold out on the legitimate Olympics shop, scammers have seized the opportunity to lure eager fans. In the past week alone, nearly 20 fraudulent domains have been identified, each meticulously crafted to mirror the official Olympic merchandise store.
These counterfeit sites are not hastily assembled; they are polished and professional, replicating the authentic shop.olympics.com experience. They feature promotional videos, background music, and identical product layouts. The primary difference lies in the domain names, which use slight variations such as 2026winterdeals[.]top, olympics-sale[.]shop, and winter0lympicsstore[.]top, where the letter ‘o’ is replaced with a zero. At first glance, these subtle changes are easy to overlook, making the deception highly effective.
Malwarebytes researchers have detected this global campaign through telemetry data showing user access to these malicious domains from regions including Ireland, the Czech Republic, the United States, Italy, and China. The security team notes that new fraudulent domains continue to emerge, indicating a rapidly expanding operation. To protect users, Malwarebytes now blocks these domains as scams.
The fraudulent websites entice victims with significant discounts on unavailable items. For example, while the official Tina plush toy is priced at €40 and is out of stock, these fake shops advertise the same product for just €20, claiming UP & SAVE 80%. This aggressive pricing strategy serves as irresistible bait for Olympic fans eager to purchase the popular merchandise.
Scam Operation Tactics
These fake Olympic shops have multiple malicious objectives beyond merely taking payments without delivering products. Threat actors actively harvest payment card details entered during checkout, along with names, addresses, email addresses, and phone numbers. This information can be used in future cyberattacks, including phishing emails designed to extract additional sensitive information or login credentials. Some scammers even distribute malware through fake order confirmations or malicious tracking links sent to victims after purchase, further compromising their devices and networks.
Protecting Yourself from Scams
To safeguard against these scams, consider the following measures:
– Purchase from Official Sources: Always buy merchandise directly from the official shop.olympics.com website by typing the address into your browser and bookmarking it for future use.
– Avoid Unsolicited Links: Refrain from clicking on links from advertisements, social media posts, or unsolicited emails.
– Be Skeptical of Deep Discounts: Exercise caution with extreme discounts on items that are officially sold out elsewhere.
– Inspect Domain Names Carefully: Before making a purchase, scrutinize domain names for suspicious top-level extensions, extra hyphens, or subtle character substitutions.
By remaining vigilant and adhering to these guidelines, consumers can protect themselves from falling victim to these sophisticated scams.
