back to article UK's NCSC reveals Premier League footie clubs to be ripe pickings for cybercrooks: One almost lost £1m to BEC attack

Common cybersecurity threats also apply to Premier League football clubs, according to the National Cyber Security Centre, which said that one club nearly sent £1m to fraudsters after a business email compromise (BEC) attack. The NCSC report, out yesterday and titled "The Cyber Threat to Sports Organisations" (PDF), reveals …

  1. iron Silver badge

    > victim of a 'spear phishing' attack... diverted to a spoofed Office 365 login page where he entered his credentials, unwittingly passing his email address and password to unidentified cyber criminals."

    If he was the victim of a phishing attack then they already had his email address.

    1. Doctor Syntax Silver badge

      It might not take too much guessing around first name/surname combinations.

      1. Anonymous Coward
        Anonymous Coward

        And the format could probably be worked out by emailing the press department and getting a reply.

  2. Anonymous Coward
    Anonymous Coward

    Football club transfers are bizarre.

    A few years ago, representatives from Manchester United went to Atletico Bilbao to negotiate a transfer for Ander Herrera. It turned out that the representatives were actually fraudsters.

    I can't believe that nobody at Bilbao phoned up Man Utd and said "Do these chaps speak for you?"

    (He ended up moving the next summer for about £30m, so it's not peanuts on the line).

    1. Glen 1

      If the only number you have for them is from the fraudsters email footer, or their business card, its trivial to set up a backstop to appear legit.

      Its not like the important/personal numbers are public knowledge. If you can phone the public numbers to talk to someone important, so can the fraudsters.

    2. Doctor Syntax Silver badge

      "He ended up moving the next summer for about £30m, so it's not peanuts on the line"

      Football's one of the areas for which I can't really work up any anger about their getting scammed.

      1. RM Myers


        I understand your feelings, but the problem is, if they succeed in scamming football or any other business you don't care about, it encourages them and others to continue trying these scams, and not just against businesses or people you don't like.

        1. Teiwaz

          Re: Football

          Are you absolutely sure Professional Football itself is not a huge Scam?

          From new kit every season so the wee nippers want the latest to the TV broadcast rights to the fat old FIFA geezers....

        2. Doctor Syntax Silver badge

          Re: Football

          It's not as simple as you think. I'd include bookies in the list of businesses I don't sympathise with but I've done my bit in regard to dealing with at least one crime in regard to them in the distant past, probably more but run of the mill cases tend to merge in the memory or get lost from it.

          Being opposed to crime and feeling sorry for the victims aren't necessarily linked.

      2. Just Enough


        EPL Football, you mean.

        Just because the clubs there have sold their souls to multi-millionaires doesn't mean the rest of football is awash with money.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like