November 9, 2016 By Rick M Robinson 2 min read

Online fantasy sports gaming is growing by leaps and bounds, along with a host of other online games, such as themed games like World of Warships. For online gamers, that is the good news.

The bad news is that fantasy league security risks are also growing. Players all too readily provide their personal data to startup firms in an emerging but turbulent industry. These firms may be less careful than they should be regarding both the amount and type of personal data they collect.

Casual Fans and Instant Gratification

Online gaming is fundamentally a branch of e-commerce. Game vendors seek to monetize users who are effectively placing bets on real-world players participating in actual sporting events. These transactions involve the same security issues as any other form of e-commerce. Players provide sensitive credit card information and other personal data that could be valuable to marketers. This information needs to be safeguarded.

But two factors distinguish the new generation of fantasy sports and other online gaming from the sort of e-commerce practiced by brick-and-mortar stores. Because the product is virtual, it becomes available as soon as a user signs up. This instant gratification makes users more eager and less careful than when buying a product that needs to be delivered.

The immediacy and casual appeal of these new fantasy sports services also sets them apart from older, rotisserie-style fantasy sports in which players build fantasy teams to compete over a full season. Those leagues appeal most to serious sports fans, while even casual fans can enjoy — and hope to profit from — single-game fantasy sports.

Security challenges apply to any product or service that is immediately available on-demand. Like weak passwords, carelessness with casual products is a fact of life. But there are some more twists that further contribute to fantasy league security risks.

A Turbulent Industry

According to Bloomberg BNA, because new fantasy sports products are essentially sports betting services, they have drawn the interest of cybercriminals aware of the enormous — and often careless — cash flow. Thus, fantasy sports sites are particularly liable to be targeted for attacks.

Adding to this risk is the turbulent nature of the industry. According to ESPN, industry leaders have been bold to excess in their growth plans and are engaged in particularly bitter competition.

This has led to a decline that has temporarily set back the industry, though no one expects something so popular to disappear completely. But a shaky industry of aggressive competitors is all too liable to cut corners on expenses, including security protections. These concerns apply not only to sports games but to other fast-growing forms of casual online gaming where security may be similarly porous.

Managing Fantasy League Security Risks

Fantasy league security risks also apply to firms whose own networks might be compromised if criminals get their hands on employees’ personally identifiable information (PII). Spear phishing email attacks, for example, can exploit data about employees’ fantasy sports activities to trick them into letting their guard down — and letting malicious actors enter corporate networks.

In the long term, it will be in the industry’s own interest to promote security awareness and high security standards, for their customers’ protection and their own.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today