NCSC warns of credential attacks targeting Premier League fans

Even though you might not be physically attending matches, there are other risks associated with being a fan. Using a team or player name for one of your passwords?…:

[…] According to NCSC, cyber criminals are looking to take advantage of the fact that hundreds of thousands of netizens use easy-to-guess and obvious passwords for their online accounts, and many of them also use the same passwords for multiple online accounts for the sake of convenience. This ensures that a cracked password can enable fraudsters to access multiple accounts that have the same passwords.

In April last year, NCSC’s UK Cyber Survey revealed that hundreds of thousands of football fans in the UK used the names of their favourite football teams as their account passwords. While 280,723 people chose ‘liverpool’ as their account passwords, 216,677 used ‘chelsea’, 179,095 used ‘arsenal’, and 59,440 people chose ‘manutd’ as their account passwords. According to the report, as many as 700,000 accounts had been compromised through hackers guessing a device’s passwords as ‘liverpool’, ‘chelsea’ or ‘arsenal’.

With every single Premier League fan forced to watch football games online, the number of compromised accounts could be many times more this year unless people take steps to secure their online accounts, such as using complex passwords, refreshing their accounts, and updating streaming apps to the latest version.

[…]

Original article here