Skip to main content

CyLab News

CyLab’s Jason Hong on keeping safe online during the 2016 Olympics

posted by Daniel Tkacik
August 17, 2016

During the 2012 Olympics, cyber criminals ran online scams – offering fake memorabilia, discounts and even tickets – in order to steal personal information and money from the public. The 2016 Olympics will be no different.

Jason Hong, a professor in Carnegie Mellon University’s CyLab Security and Privacy Institute and founder of, just released a Privacy Report Card for 12 of the most popular apps being used by spectators keeping up with this year’s summer Olympic games in Rio. Grades are assigned based on the gap between users’ expectations of an app’s behavior regarding user privacy and the app’s actual behavior.

Rio 2016, NBC Sports and the Olympics Official App top the list, receiving “A” grades. Those at the bottom of the list include the popular HotelTonight app (receving a “C” grade), an app that enables users traveling to Rio to find last-minute deals on hotels. The full report card can be viewed here.

Hong advises those heading to Rio to be smart with their information:

  • Watch out for fake Olympics apps. Smartphone app markets are pretty good at removing fake apps, but a few still slip through. A general rule of thumb is “don’t be the first penguin in the water.” Look for apps that have a high number of downloads and have been around for at least a week; they have been analyzed and are more likely to be safe.
  • Double check that source before sharing information. Fake emails, web sites, and phone calls are all known tricks to get people to share personal/financial information. Many will offer discounts, cash prizes, or the chance to be involved with the Games. Be especially wary of fake sites that say they sell tickets or memorabilia. Use search engines to verify legitimacy and the real web sites selling tickets and merchandise.
  • Be wary of emails and social media claiming to have news, pictures, or video clips about the Olympics. Be suspicious about any messages related to current events, especially if they’re trying to get you to enter in your password or install software. For example, the message might say it has an amazing video about the Olympics – but you’ll have to install software to view. Don’t do it! The message is trying to fool you into installing malware on your computer.

Hong also has general tips on how the public can keep their computers and personal information secure.

  • Keep your software up to date, especially your web browser and operating system. While uncommon, sometimes criminals will use new techniques to break into your computer. Keeping software up to date makes it much harder for them to do this. Every modern web browser automatically updates itself, so you just need to periodically restart your web browser.
  • Don't reuse passwords on important accounts. Use strong and unique passwords on your most important accounts (e.g.,, email, bank). Criminals will break into web sites, steal password information, and then try these same passwords on other web sites. Using different passwords is a simple way to protect yourself from these attacks.
  • Use two-factor authentication for important accounts. The most popular web sites all offer two-factor authentication, where you can get an extra login code sent to your phone via SMS or an app. Even if your password is stolen, attackers will have a hard time breaking into your account without this code.

A high-res version of the report card can be viewed here.

See all CyLab News articles