The Football Season Is In Full Swing & So Are Cybercriminals

Uploaded on 2024-12-10 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

As the excitement of the 2025/25 football season grows, so does the increased threat of cybercrime toward fans. The global sporting industry, with its massive fanbase and online presence, has become a lucrative target for cybercriminals.

These attackers are increasingly sophisticated, using complex social engineering tactics to lure fans into their traps. They pose as official partners, ticketing platforms, or even online travel booking sites, aiming to steal personal data and financial information.

Champions League organisers have even had to assure clubs and fans there is no possibility of the new AI-assisted draw for the men's UEFA competition being manipulated tomorrow, with extra security in place to guard against cyber attacks.

The stakes are high, not just for fans but also for the clubs and organisations that form the backbone of this beloved sport. While clubs may have strong security measures in place, they often overlook a critical vulnerability: third-party vendors.

The Rise Of Cyber Threats In Football

Cybercriminals are no longer just targeting corporate networks; they are going after the fans themselves. According to the SonicWall 2024 Mid-Year Cyber Threat Report, there has been a 10% increase in global malware attacks, with the UK seeing a staggering 62% rise. When looking at these threats from a sport perspective, it’s clear this could be directly linked to the digitalisation of football, where fans increasingly engage with their favourite teams online, whether through ticket purchases, streaming, or social media interactions.

These interactions create numerous opportunities for cybercriminals to exploit.

For instance, phishing attacks have become more prevalent, with hackers sending fake emails that appear to be from legitimate football organisations. These emails often contain malicious links or attachments designed to steal sensitive information. With the Premier League season kicking off and other major events on the horizon, the frequency and sophistication of these attacks will continue to rise.

The Importance Of Vendor Security

Even if football clubs invest heavily in securing their own networks, they are still vulnerable if their third-party vendors are not equally vigilant. A network’s security is only as strong as its weakest link, but what many organisations fail to account for are all the links of the third-party vendors who have direct touches within a company’s networked environment.

These vendors include ticketing companies, travel agencies, and merchandise suppliers—all of whom have access to sensitive customer data. If these vendors do not have robust cybersecurity measures in place, they become an easy entry point for cybercriminals. This is particularly concerning given the high volume of transactions and personal information exchanged during the football season.

Fans & Their Lines Of Defence

For fans, the first line of defence is awareness. Understanding the risks associated with online interactions related to football is crucial. Fans should be cautious when clicking on links or downloading attachments, especially from unfamiliar sources. Using strong, unique passwords for different accounts and enabling two-factor authentication can also help protect personal information.

Additionally, fans should be wary of deals that seem too good to be true. Cybercriminals often use the promise of discounted tickets or exclusive merchandise to lure unsuspecting victims. Always verify the legitimacy of a website before making any purchases, and consider using a credit card rather than a debit card for online transactions, as credit cards typically offer better fraud protection.

The Role Of football Clubs

Football clubs also have a significant role to play in protecting their fans. They must ensure that their websites, apps, and online platforms are secure and regularly updated to protect against the latest cyber threats. This includes using secure payment gateways and SSL certificates to encrypt data.

Moreover, clubs should educate their fans about the potential risks of cybercrime. Regularly sharing tips on safe online practices and warning about ongoing scams can help fans stay vigilant.

Collaborating with cybersecurity experts to assess and strengthen security measures, particularly with third-party vendors, is also essential.

Both fans and clubs must be proactive in protecting against the growing threat of cybercrime. By staying informed, adopting best practices, and ensuring that all links in the security chain are strong - from the clubs to their vendors - football can remain a safe and enjoyable experience for everyone involved.

Spencer Starkey is VP EMEA of SonicWall 

Image: Jannik

You Might Also Read: 

Major Sporting Events Are Open Targets:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Managing Zero-Day Vulnerabilities In The Real World
British NHS Hospitals Under Attack »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ITpreneurs

ITpreneurs

ITpreneurs provides IT training content, Instructors, Learning Infrastructure and services to IT Training providers.

Norwegian Business & Industry Security Council (NSR)

Norwegian Business & Industry Security Council (NSR)

NSR is a member organization serving the Norwegian business sector in an advisory capacity on matters relating to crime and security including cyber.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

QuSecure

QuSecure

QuSecure provides a software-driven security architecture that overlays your current infrastructure and provides next-generation security to protect your entire network from quantum threats.

Mitnick Security

Mitnick Security

Mitnick Security is a leading global provider of information security consulting and training services.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

InfoSec Brigade

InfoSec Brigade

InfoSec Brigade offers a suite of specialized solutions that help businesses to mitigate risk by integrating cyber and IT security protocols with business goals.

COGITANDA Dataprotect

COGITANDA Dataprotect

COGITANDA are a group of companies focused on dealing with cyber risks, managing them and insuring them.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

Triam Security

Triam Security

Triam Security are on a mission to make software supply chain security effortless, effective, and invisible - so developers can move fast without leaving security behind.

SITE Intelligence Group

SITE Intelligence Group

For over two decades, SITE Intelligence Group has provided customers with critical actionable intelligence and analysis on terrorist and violent extremist online networks.

Biztec

Biztec

Biztec provides IT consulting and managed services for SMBs with customizable tech solutions.