March Madness, the popular NCAA college basketball tournament, can have cybersecurity implications for individuals and organizations. Cybercriminals may use social engineering tactics, such as phishing emails or fake brackets, to steal personal information or install malware on devices. Mika Aalto, Co-Founder and CEO at Hoxhunt shared more about how hackers can leverage March Madness to attack organizations and individuals, steal sensitive data, and infect devices with malware:
"March Madness provides cyber criminals with excellent phishing campaign material because millions of people will be watching games throughout the work week and checking the results of their personal and company brackets via email notifications from online platforms. This creates an environment of heightened emotions and raised expectations for communications from strangers, colleagues and friends, writing to work and personal email accounts.
One of the most common tactics used by cybercriminals during March Madness is to send phishing attacks with enticing subject lines that promise free tickets or exclusive offers related to the tournament. Such emails are common for those of us who regularly participate in March Madness brackets or fantasy sports, and it’s easy for us to lower our guard against a March Madness phish. But these phishing emails contain links or attachments that, when clicked, infect your computer with malware or lead you to a credential harvesting website.
Cybercriminals may also leverage social media and brand familiarity to trick people. For example, criminals may create fake social media profiles that claim to be from reputable sources, such as sports broadcasters or tournament organizers who urge people to click on links or provide personal information.
Everyone should be careful of unsolicited emails or messages. If you receive a vague email reminding you to immediately fill in your bracket, take a moment to validate the legitimacy of offers or links before clicking on them, and never sharing sensitive information with unknown sources.
Be smart and stay safe during March Madness. Keep your computer and software up-to-date with the latest security patches, protect your accounts with strong and unique passwords, and enable multi-factor authentication whenever possible."