National Cyber Security Centre
Avoid scoring a cyber own goal when streaming Premier League's return
Football fans urged to secure their online platform streaming accounts and subscriptions.
- With millions of football fans expected to log into subscriptions to stream behind-closed-door games, advice has been issued on how to secure accounts
- The National Cyber Security Centre, which is part of GCHQ, warns online hackers could break into football fans’ accounts to carry out ‘phishing’ scams
- Top Cyber Aware tips include how to put a strong password in place and completing device updates that keep accounts safe from hackers
FOOTBALL fans have been warned of cyber threats when they swap their tickets for TV subscriptions – and been advised how to watch behind-closed-doors games as safely as possible.
The National Cyber Security Centre (NCSC) has shone a light on online criminals who could hack into accounts by guessing passwords that are obvious or have been compromised in the past. The organisation previously revealed that almost 700,000 accounts have been compromised through hackers guessing a device’s passwords as ‘liverpool’, ‘chelsea’ or ‘arsenal’.
As well as illegally watching the game the victim has paid for, the hackers could make unauthorised purchases on the platform or look to find personal information that could be used for further scams – including targeting them with scam emails or phone calls.
There have been reports of similar attacks when other television subscription models have launched with more people spending time at home in the coronavirus outbreak.
The NCSC has urged fans to take some basic steps, which form part of the NCSC’s Cyber Aware behaviours, to keep their accounts secure. This includes creating a password that is made of three random words, and ensuring you download the latest update for apps on devices streaming the games.
NCSC Chief Executive Officer Ciaran Martin said:
“The return of the Premier League is a moment that the nation has been looking forward to, and we want football fans to enjoy it in the safest way possible.
“Without the option of watching football matches at the pub or in person, it’s fantastic that technology can bridge the gap and allow thousands of fans to watch their team from their own living room.
“We would strongly recommend fans check out the government’s Cyber Aware campaign to ensure they have as safe a streaming experience as possible.”
Last year the NCSC exposed the most compromised passwords in the world – with 23.2 million accounts breached by hackers guessing the password ‘123456’.
The organisation also revealed hundreds of thousands of compromised accounts were protected using popular football team names (liverpool 280,723; chelsea 216,667; arsenal 179,095; manutd 59,440 and everton 46,619).
With the season now back, fans can secure their viewing experience by:
- Refreshing accounts: It’s a great time for fans to consider resetting their password. We’re increasingly seeing hackers use credentials stolen in past security incidents to hijack streaming accounts using the same compromised details. If you’re using the same password for your sports streaming accounts that you’ve used multiple times in the past – it’s time for a reset.
- Setting a strong password: We recommend using a password that’s separate to your email password and made up of three random words. You can then save this strong password in the browser so you don’t have to worry about remembering it.
- Updating streaming apps: Cyber criminals exploit weaknesses in apps to access your sensitive personal data. Providers regularly issue patches to these exploits in updates – you’re vulnerable without them so we urge every fan to make sure their streaming apps are updated. To make it simple going forward, we recommend turning on automatic updates.
Cyber Aware is a cross government effort delivered by the NCSC working alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS). It urges people to protect their data, passwords, the accounts they protect and the devices they use to access them.
The campaign’s top tips for staying secure online are:
- Create a separate password for your email – your email is the way into all your online accounts so keep it safe with a unique password.
- Create strong passwords using three random words – the longer your password, the harder it is to hack. Just connect three random words you’ll remember. Start with your most important accounts.
- Save your passwords in your browser – remembering lots of passwords can be difficult, but if you save them in your browser you don’t have to and it’s safer than re-using the same password for all your accounts.
- Turn on two-factor authentication (2FA) for important accounts – this free security feature adds an extra layer of protection online and stops cyber criminals getting into your accounts, even if they have your password.
- Update your devices regularly (ideally set to ‘automatically update’) – using the latest software, apps and operating system can fix bugs and immediately improve your security.
- Back up important data – if your device is compromised by a cyber criminal your sensitive personal data can be lost, damaged or stolen. Keep a copy of your important information by backing it up.
More information on the Cyber Aware campaign at https://www.ncsc.gov.uk/cyberaware/home.
Latest News from
National Cyber Security Centre
Diversity and inclusion in cyber security workforce revealed for the first time29/07/2020 11:15:00
NCSC vows to drive cross-sector improvement as joint report with KPMG reveals more to be done to improve experiences and opportunities.
NCSC announces Lindy Cameron as new CEO28/07/2020 16:15:00
Lindy Cameron has been announced as the new CEO of the National Cyber Security Centre.
Cyber innovators set on fast track to success28/07/2020 14:15:00
The NCSC welcomes 6 new start-up companies onto the Cyber Accelerator programme.
Alert: Potential legacy risk from malware targeting QNAP NAS devices27/07/2020 16:38:00
A joint NCSC and CISA alert detailing the legacy risk of the malware Qsnatch to QNAP NAS devices.
Defences tested as cyber attackers take aim at UK sports sector23/07/2020 14:15:00
New report on the cyber threat to sports organisations reveals a range of attacks by hackers.
UK and allies expose Russian attacks on coronavirus vaccine development17/07/2020 16:15:00
Joint advisory details APT29’s ongoing campaign to target organisations involved in COVID-19 vaccine development.
NCSC statement: cyber attack on Twitter17/07/2020 11:15:00
An NCSC statement on the reported attack on Twitter.
Government advances plans to boost security of smart products17/07/2020 08:12:00
New details on proposals to bring security requirements for smart devices into law.