Football fans signing up to online streaming services to watch the return of live games should reset passwords to avoid getting hacked, GCHQ says
- Live football matches return in Britain tomorrow but are behind closed doors
- Fans are instead expected to turn to streaming services to watch the live sports
- Fans have been urged by experts to protect themselves against hackers
- This includes resetting existing passwords and updating streaming apps
Football fans have been urged to strengthen their cyber security settings as millions prepare to log-in to streaming platforms to watch the return of the Premier League.
The National Cyber Security Centre (NCSC) has issued guidance to fans to help ensure they do not fall foul of hackers who are scheming to steal personal details.
The cybersecurity experts urge people signing up to Now TV, BT Sport and other streaming services to watch the games to use various passwords.
They are also encouraging football fans to reset existing passwords and replace them with strengthened alternatives, while also updating any streaming apps.
NCSC, which is part of GCHQ, has previously reiterated that easy-to-guess passwords, such as football teams, can lead to security breaches.
The National Cyber Security Centre (NCSC) has issued guidance to fans to help ensure they do not fall foul of hackers who are scheming to steal log in details as people flock to TV subscription services with the return of football tomorrow (stock)
The guidance comes as football gets set to return in the UK after a several month-long hiatus.
The Premier League will kick off tomorrow, with Aston Villa playing Sheffield United at 6pm BST and Arsenal playing Manchester City at 8pm BST.
However, due to the coronavirus pandemic, all games are to be played behind closed doors.
But they will all be televised, and will likely draw huge audience figures, with a substantial chunk coming from streaming services.
However, experts are warning that the influx of sign ups to these services could be a rich hunting ground for hackers trying to cheat people out of their credentials.
The Premier League will kick off on Wednesday, with Aston Villa playing Sheffield United at 6pm BST and Arsenal playing Manchester City at 8pm BST. NCSC is urging people signing up to Now TV, BT Sport and other streaming services to use different passwords (file photo)
‘The return of the Premier League is a moment that the nation has been looking forward to, and we want football fans to enjoy it in the safest way possible,’ NCSC chief executive Ciaran Martin said.
‘Without the option of watching football matches at the pub or in person, it’s fantastic that technology can bridge the gap and allow thousands of fans to watch their team from their own living room.
‘We would strongly recommend fans check out the Government’s Cyber Aware campaign to ensure they have as safe a streaming experience as possible.’
The Cyber Aware campaign urges internet users to create separate passwords for their key accounts, as well as build a strong password by using three random words.
NCSC research released last year indicated that millions of accounts had been breached by hackers because they had guessed simple passwords.
It showed that hundreds of thousands of compromised accounts had been protected using football team names – the most popular being Liverpool, Chelsea, Arsenal, Manchester United and Everton.
Using different password for accounts can keep you safe online
Hackers can obtain breached credentials, like usernames and passwords, on the Dark Web – often for free.
Or, they can obtain them by tricking people to signing up to new websites through a phoney system.
Most people reuse the same credentials for multiple accounts they hold online, which means that once one account is breached, others may be vulnerable.
Or, they use the same general password and tweak it slightly for different sites to meet various criteria.
Popular methods include adding a number at the end, adding capital letters or inserting a ‘special character’, such as an underscore.
Cyber criminals can use software tools to test combinations of credentials in a highly automated bulk effort.
For example, if a victim enters a password ‘DerbyRam95’, the software will try variations, such as ‘DerbyRams_95’, ‘derbyram2020’, or ‘DCFCRams95’.
If they get lucky, the password entered to access a harmless TV streaming service will be very similar to one used to access online banking.
Hackers will try to use this to see if they can access financial services, and deplete a person’s money.
The best defence against this type of attack is to use a unique password for each site you have an account with.
There are various password management applications that can help you to keep track of all of these details in a secure manner.
You can also check whether any of your accounts have been breached using the website Have I Been Pwned.