Online fantasy sports gaming is growing by leaps and bounds, along with a host of other online games, such as themed games like World of Warships. For online gamers, that is the good news.
The bad news is that fantasy league security risks are also growing. Players all too readily provide their personal data to startup firms in an emerging but turbulent industry. These firms may be less careful than they should be regarding both the amount and type of personal data they collect.
Casual Fans and Instant Gratification
Online gaming is fundamentally a branch of e-commerce. Game vendors seek to monetize users who are effectively placing bets on real-world players participating in actual sporting events. These transactions involve the same security issues as any other form of e-commerce. Players provide sensitive credit card information and other personal data that could be valuable to marketers. This information needs to be safeguarded.
But two factors distinguish the new generation of fantasy sports and other online gaming from the sort of e-commerce practiced by brick-and-mortar stores. Because the product is virtual, it becomes available as soon as a user signs up. This instant gratification makes users more eager and less careful than when buying a product that needs to be delivered.
The immediacy and casual appeal of these new fantasy sports services also sets them apart from older, rotisserie-style fantasy sports in which players build fantasy teams to compete over a full season. Those leagues appeal most to serious sports fans, while even casual fans can enjoy — and hope to profit from — single-game fantasy sports.
Security challenges apply to any product or service that is immediately available on-demand. Like weak passwords, carelessness with casual products is a fact of life. But there are some more twists that further contribute to fantasy league security risks.
A Turbulent Industry
According to Bloomberg BNA, because new fantasy sports products are essentially sports betting services, they have drawn the interest of cybercriminals aware of the enormous — and often careless — cash flow. Thus, fantasy sports sites are particularly liable to be targeted for attacks.
Adding to this risk is the turbulent nature of the industry. According to ESPN, industry leaders have been bold to excess in their growth plans and are engaged in particularly bitter competition.
This has led to a decline that has temporarily set back the industry, though no one expects something so popular to disappear completely. But a shaky industry of aggressive competitors is all too liable to cut corners on expenses, including security protections. These concerns apply not only to sports games but to other fast-growing forms of casual online gaming where security may be similarly porous.
Managing Fantasy League Security Risks
Fantasy league security risks also apply to firms whose own networks might be compromised if criminals get their hands on employees’ personally identifiable information (PII). Spear phishing email attacks, for example, can exploit data about employees’ fantasy sports activities to trick them into letting their guard down — and letting malicious actors enter corporate networks.
In the long term, it will be in the industry’s own interest to promote security awareness and high security standards, for their customers’ protection and their own.