Sophos: Fantasy Football at Risk - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Sophos: Fantasy Football at Risk

Sophos warns online fantasy sports fans and IT administrators alike to be cautious

BOSTON -- Sophos, a world leader in IT security and control, is urging online fantasy sports fans around the world to rethink their game strategies as league profiles could be used for targeted phishing attacks stemming from information posted on these sites.

Fantasy players post their names, email addresses and even phone numbers. This information paired with personal preferences, such as favorite teams and players, provides a cyber predator all the information needed to design and orchestrate a successful phishing campaign that could steal additional personal information, illicit money or load malicious spyware or viruses onto a desktop.

In the US, the National Football League (NFL) is now top of mind for millions of sports enthusiasts. Spam messages offering fantasy football newsletters, player statistics and inside information on rising NFL stars can be crafted to look like something a fantasy player would typically register for, increasing the likelihood of a click through from the spam message. However, these emails could contain malicious content or hyperlinks designed to infect computers with spyware or steal passwords and username information. For example, recent media reports have identified an NFL-themed version of the Storm Worm, which is spamming fans under the guise of a game ticker when in reality it contains malicious links that can lead to denial-of-service attacks.

A recent survey by Sophos concluded:

  • More than 70% of employees polled participate in fantasy sports leagues
  • 65% of those monitor their team’s performance from the office
  • 65% of administrators said that employees should not be able to access fantasy leagues websites from the workplace

“As fantasy sports leagues are gaining popularity everywhere, it’s imperative that users remain educated on potential security threats that could arise from fantasy play,“ said Ron O’Brien, senior security analyst with Boston-based Sophos. “Fantasy players should be extremely cautious about the information they provide in their profiles and should also review and utilize the security settings provided by each fantasy league. Knowing someone’s favorite football team and email address increases a hacker’s success rate by playing off a person’s interests.”

Sophos plc

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Pandemic Responses Make Room for More Data Opportunities
Jessica Davis, Senior Editor, Enterprise Apps,  5/4/2021
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
Transformation, Disruption, and Gender Diversity in Tech
Joao-Pierre S. Ruth, Senior Writer,  5/6/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll