The Super Bowl is coming to Atlanta’s Mercedes Benz Stadium on February 3rd. Whether you’re going to the game or yelling at the TV somewhere else with friends, there are a host of cyber security concerns to consider.
Cyber criminals thrive on the excitement and chaos surrounding big events which create the best conditions for easily distracted prey. Concerts, inaugurations, parades, college playoffs, The Olympics, DragonCon, holidays and any crowded situation where people are working under tight deadlines all provide opportunities. Just think of all the looting that takes place in tropical environments during flooding and hurricane emergencies.
The Super Bowl has all these elements in abundance. More than 112 million people watched the Super Bowl last year, with an estimated 7 million streaming it online. Don’t even get me started on the additional millions who were probably streaming it illegally.
When you combine a huge audience with alcohol, game day power eating and numerous related festivities, highly skilled cyber crooks are poised to shoot the proverbial fish in a barrel.
Here are a few tips to keep you safe:
Counterfeit tickets are rampant. There are no “print at home” tickets. So, if you are going to try to buy last-minute, too-good-to-be-true tickets from an online seller, Ticketmaster has a few tips:
- Buy from an official source and be wary of “official sounding sources.”
- If you do buy from a third-party site, beware of too-good-to-be-true deals. And don’t pay with a cashier’s check, cash or money wires…or Bitcoin. Use a method that is traceable.
- Make sure the URL of the site you are buying from is not a look-alike or spoofed; be sure it is an encrypted site.
Don’t click on any email that says, “Tell us who you think will win the Super Bowl and get a free gift card.” I suspect the famous Nigerian Prince scam died and was reincarnated with this offer. Be very wary of unsolicited contest emails using the Super Bowl in the subject or as an incentive. This is generally illegal. If it does come from a trusted source, look at the domain at least three times. And make sure you know how to spot a phishing email. One more thing; roughly 5 billion was bet on last year’s game. Mostly illegally. Are you prepared to deal with the potential of your financial data being sold or phished through an illegitimate gambling site? On the illegal markets you have no way of protecting your data.
With the likes of Spectre and Meltdown, make sure you’ve updated your phone to the latest version of its software. Outdated software is a leading entry point for criminals.
Stay off free wifi. Seriously. That is your safest bet. If you can’t be dissuaded, be very aware of the network you plan to use. It is common for scammers to create a spoofed wifi network which has the same look and feel as a legitimate network. And you’re not only vulnerable to this threat at the big game itself, but also at your local sports bar or other venues, where free wifi may be easily hacked or left unsecured.
You must also be on the look-out for viruses. While skilled cyber security teams are monitoring all systems at the game, 49% of fans connected to the free wifi last year which is a 41% increase year over the year before. And this connection trend is not slowing down. A reported 100,000 threats took place last year with only 19 considered serious. However, increased traffic will only move the needle upward on higher risk outbreaks.
Worse than wifi – make sure you turn off your Bluetooth before you head to the game. You don’t want to make it too easy.
State Sponsored Threats
Anyone remember the 15-minute blackout from Super Bowl XVLII? Recall anything Jack Bauer had to deal with on “24”? With security getting in and out of the stadium as tight as can be, a malicious actor, maybe even a state actor, could attack the grid or security systems to create panic, and cause billions in damages. With the Internet of Things (“IoT”), everything is connected; which is one of the reasons why Iranian operatives were able to hack into a dam in New York State a few years ago. Authorities are generally prepared for these eventualities and have contingency plans in place, but there are always new exceptions.
While TV viewership has remained flat over the past decade, streaming is increasing. It’s not too far-fetched to predict that a record number of people will livestream the Super Bowl this year, but many may also be streaming illegally. Illegal streaming sites are notorious for all kinds of threats. Malicious links, phishing, exploits, ransomware; it’s all there, and only one impulsive click away. If you still want to go down this path, consider whether using an illegal streaming site is worth the risk. Pardon my unsolicited opinion in advance. It’s not.
Check If You’ve Been Hacked After The Game
You might not know it, but you might have an exploit lying on your phone or computer. If you are using all the right technology, you are probably okay. But if you’ve been browsing odd sites trying to get more info on the special event (or replay any of the funny and ridiculously expensive Super Bowl commercials), at least consider having periodic scans run shortly thereafter.
To Sum It All Up
- Keep your devices up to date
- Avoid public wifi
- Turn off Bluetooth
- Don’t open that unidentified email
- Be sure to run regular scans
- If it seems too good to be true…you know the rest
- Don’t drink and gamble
- May the best team win