Premier League’s Return: A Hat Trick of Cyberthreats?

premier league return cyberattacks

The beautiful game is back on the pitch in the U.K. — and cyberattackers will be looking to take advantage of fans streaming the games.

England’s Premier League is returning this week, with millions of soccer fans around the world looking to stream matches using their online video accounts. Unfortunately, the U.K.’s National Cyber Security Centre (NCSC) is warning on phishing, fraud and brute-forcing attempts by attackers looking to break into those accounts.

The organization said in a Wednesday announcement that it expects a rash of phishing, scam and account-takeover efforts centered around the return of the country’s most popular sport — a kind of hat trick of attack types. The assessment, it said, is based on precedent: The NCSC has also observed escalating cyberattacks on television streaming subscriptions as more and more people quarantine at home during the COVID-19 pandemic.

“As well as illegally watching the game the victim has paid for, the hackers could make unauthorized purchases on the platform or look to find personal information that could be used for further scams – including targeting them with scam emails or phone calls,” the organization warned.

The phenomenon is not isolated to the U.K. of course. In the wake of the COVID-19 health crisis, people find themselves working from home and spending more time online, even as bad actors ramp up threat behavior of all stripes to take advantage of people’s new dependence on conducting business and personal activities online.

The NCSC has in the past flagged the hazards of scoring a cyber own-goal via poor password hygiene: Using easy-to-guess passwords or reusing passwords across online accounts is a continued issue, it said. In fact, the Center found that as many as 700,000 accounts were compromised by brute force last year, thanks to fans using popular and obvious team names like “Liverpool,” “Chelsea” or “Arsenal” to protect their streaming profiles. Also, in 2019 the NCSC noted that the U.K. alone saw 23.2 million accounts compromised because users chose the password “123456.”

“The return of the Premier League is a moment that the nation has been looking forward to, and we want football fans to enjoy it in the safest way possible,” said NCSC CEO Ciaran Martin, in a media release. “Without the option of watching football matches at the pub or in person, it’s fantastic that technology can bridge the gap and allow thousands of fans to watch their team from their own living room.”

The NCSC warning comes as a survey last month found that more than half of people haven’t changed their password in the last year – even after they’ve heard about a data breach in the news.

Researchers said that password reuse was the biggest security faux pas being committed by respondents. In fact, password reuse has actually gotten worse over the years: When asked how frequently they use the same password or a variation, 66 percent answered “always” or “mostly” – which is up 8 percent from the same survey in 2018.

Worse, 91 percent of respondents said they know using the same (or a variation of the same) password is a risk – but they do it regardless.

Soccer fans and anyone else are as usual encouraged to choose a unique, strong password, make sure their apps are updated and patched, back up their data, use two-factor authentication and to use common sense when it comes to unsolicited emails and messages asking for their credentials.

Insider threats are different in the work-from home era. On June 24 at 2 p.m. ET, join the Threatpost edit team and our special guest, Gurucul CEO Saryu Nayyer, for a FREE webinar, “The Enemy Within: How Insider Threats Are Changing.” Get helpful, real-world information on how insider threats are changing with WFH, what the new attack vectors are and what companies can do about itPlease register here for this Threatpost webinar.

Suggested articles