Sports betting is now legal in Ohio, and you or someone you know may like to take part.  

Since sports betting applications require users to link their bank account, credit card, or other payment options to their account, it’s important for you to think about the risks that come with using sports betting applications.  

In November 2022, DraftKings reported that they have seen a large increase in credential stuffing attacks, where an attacker attempts to compromise user accounts using a list of username and password combinations gathered from previous breaches. These attacks resulted in $300,000 in stolen funds from user accounts during November alone. FanDuel has also announced that they have seen an uptick in account takeover attempts in recent months.   

Users must remember that popular companies like MGM, FanDuel, and DraftKings must balance the user’s “experience” with security. This means that simple security options, such as two-factor authentication, are left to the user to implement.  

As with many cybersecurity tips, sticking to the basics can be your saving grace. When you set up your account, be sure to do the following:  

  • Only download applications to your smartphone using an approved source such as the Apple Store or Google Play. Do not download these apps from the web. 
  • Use a unique, complex 12+ character password 
  • Implement multi-factor authentication 
  • Keep your smartphone up-to-date with the latest security patches 
  • Never share accounts or account information with friends or family 

To discuss this information in more detail, or to discover additional tips on staying cyber smart, contact GBQ’s IT Services team.


Article written by:
John Stuart
Senior Cybersecurity Analyst

« Back