Around 5 billion people are expected to tune in to the FIFA World Cup when it kicks off next month, and one security expert is urging Aussies to upgrade their online security, with streaming scams set to spike.
According to fraud-prevention and security company Arkose Labs, fraudsters are starting to hack into people’s streaming accounts (including platforms like Kayo, Netflix and Foxtel) and take them over.
“This is something we always see around big sporting events,” CEO and founder of Arkose Labs Kevin Gosschalk told Yahoo Finance.
“During the World Cup, there is an increase in attacks because there is an increased profit motivation for adversaries.”Thousands of accounts can be compromised on a weekly basis if the streaming company does not have robust cyber-security measures in place.Once fraudsters have hacked into your account, they can then sell it on to others for a much lower price.
“You typically pay $10 a month for a streaming service,” Gosschalk said.
“If you buy it illegitimately, it’s normally $1 to $2 and there is no monthly fee, you’ve just got access until they catch you.”
Gosschalk is expecting to see increased attacks against Australians following the recent Optus data breach.
“The effort to attack Australians is going down for adversaries because they’ve got a fresh list of valid, recent and known Australian email addresses,” Gosschalk said.
Scams set to spike
Fraudsters usually target streaming accounts at the beginning and end of sporting events.
“At the beginning, so they can sell the service, and at the end, because they know you will have stopped watching and you won’t have noticed if someone else starts using your account,” head of customer security operations at Arkose Labs David Mouatt said.
But there are signs to look out for, including unusual things appearing in your watched list, new profiles being created and your account details changing.
Many streaming services also let you see which devices are logged into your account and what the IP address is.
Gosschalk is urging Aussies to not share their account details with anybody.
He is also encouraging people to turn on multi-factor authentication, if possible, and to create new, unique passwords instead of reusing passwords across accounts.
“If you do those three things, the effort to attack you versus getting into someone else’s account goes up and they won’t bother,” Gosschalk said.
Read the original article here.
