March Madness is a time of threats—and defense

March Madness? More like March…Hack-ness.

In other words, the annual college basketball tournament is here, and workers are calling out sick, sneaking looks at brackets, and generally distracted. That leaves the game wide open to malicious actors, Matt Gaudio, Advizex VP of strategy, said in a statement.

“With employees streaming games or participating in online betting pools using company devices and networks, organizations are vulnerable to a range of cyber threats, from phishing attacks to malware infections,” Gaudio said.

Forward. That’s a great time for hackers and threat actors to drive forward. Phishing scams, online betting hacks, and credential attacks are among the dangers facing people who are invested in the games. Experts are calling for basic security hygiene and caution during the tournament to minimize theft and potential damage.

Keeper Security CEO Darren Guccione told Security Magazine that impersonation scams are a persistent threat for March Madness fans.

“Throughout the tournament, cybercriminals may send phishing emails or text messages with malicious links or attachments disguised as updates on games and brackets,” Guccione said. “I recommend that you do not open attachments or click on any links from unknown sources.”

Dunks. Also important—making sure you don’t reuse passwords. Creating new accounts to track scores and place bets makes it easy to lean on familiar letter combinations, rather than making a new and strong password for each site. Otherwise it’s possible you could be a victim of credential dumping. Patrick Harr, CEO of SlashNext, told SecureWorld News that some hackers are using fake sites to tempt users to enter their information and score big.

“Cybercriminals rapidly create fake March Madness-themed sites and apps to steal credentials for future attacks on companies,” Harr said. “Users must be extremely cautious about what they install or log in to.”