While its attack on the pitch has come under fire given a recent lack of goals, it seems that the hackers who targeted Manchester United’s Facebook and Instagram sites late Friday had more luck. “Please do not engage with any suspicious activity relating to fan tokens,” the club warned fans, as a rogue $REDDEVILS token was promoted, “we are working to rectify the issue and will communicate once complete.”
As reported by The Metro late on Friday, the club’s “official Instagram and Facebook pages were hit by scam posts promoting a crypto ‘fan token’… A post on United’s official Facebook page at 19:38 GMT encouraged supporters to buy a fan token called ‘$REDDEVILS’. In exchange, fans who purchased the token were promised perks including ‘exclusive, limited-edition merchandise’ and ‘VIP fan experiences’.”
While that post was soon deleted, The Metro was still able to view the Facebook post late Friday evening. Per one Redditor: “Received this on Manchester United Discord server. For anyone following United on Meta platforms, please be aware. It seems their account has been hacked and has been used to scam people.”
This isn’t the first time Manchester United has been targeted by a cyberattack, with the UK’s NCSC helping the club out of a more serious fix back in 2020. At the time, the club said that “extensive protocols and procedures” and our cyber defences identified the attack and shut down affected systems to contain the damage and protect data,” the statement added…. We are not currently aware of any breach of personal data associated with our fans and customers. All critical systems required for matches to take place at Old Trafford remain secure and operational.”
Speculation on social media suggests this was likely a more basic lack of multifactor authentication and other basic security housekeeping on its social sites than anything more sophisticated. Such attacks on social media are all too common. But we await confirmation. It’s a timely reminder for everyone and every company—big or small—to make sure that have done the same. 2FA at a minimum, authenticator apps rather than SMS, and use passkeys if you can.
I have approached Manchester United for any comment, but they are likely busy preparing for tomorrow’s local derby against Manchester City. Their rivals are in the midst of their worst run of firm under manager Pep Guardiola, having lost seven of the last ten games. The latest being a loss to Italian side Juventus mid-week. United fans will be hoping to make it an astonishing eight defeats out of eleven.
There has been a noticeable improvement in playing form under new manager Ruben Amorim and a marked increase in excitement amongst the fans. Hopefully this won’t have been tempered by too many falling victim to the overnight scam.
Read the full article here
