Account security concerns at multiple casinos

[lifechooser]

Totesport's response to me has now turned into an email war where I am trying to explain how spam attacks work.

The spam machine theory falls flat as I haven't had spam to othernames@mydomain.com nor totesport@myotherdomains.com. So it has to be an address the spammers know to be true and worth targetting. Othernames@mydomain.com is also true, but they haven't seen the worth in targetting that.

The selling details part I agree with absolutely. Casinos would make pennies from selling addresses compared to the amount of money they stand to lose from doing it. It's pointless and only an imbecile of a manager would do it.

It's surely an issue of security. I want to know what is being done to prevent this from happening at other casinos, and how it happenned in the first place. Most of all I want to hear that my banking / security questions etc are kept more securely and are safe.

 

[anniemac]

First off, let me say that I am in now way as knowledgeable as most of you on this forum about domain names etc, wish I was but I am not. That said, I have now learned something new. I wondered where in the world some of these strange casino email offers I was getting on my AOL account were coming from. Now I know. Since I only have used my AOL (bad AOL) account with two casinos, looks to me like they have either had a breach in their security or, heaven forbid, they know that my email has been sent out for spamming. Both of these casinos are very reputable so I hope it is the first option. Of course, I just delete without opening but it is still coming.

You should see my Yahoo! account. I get roughly 300 spams a day. But I use this account as a catchall for everything. I had hoped when I set it up that AOL would remain clear and Yahoo! would be the one for spam. But now they are creeping in on me.

How interesting!!

 

[lifechooser]

It's not as simple as that either.

Because so many people use AOL.com as their domain, it is worth the spammers time and effort to spam every permutation from a@aol.com to zzzzzzzzzzzzzzzzz123123@aol.com, and it's quite possible that that is the case with you.

The same is true of most addresses given out by ISP's or webmail hosts, and large companies.

It's less true of smaller companies and personal domains, and when an attack does happen, it's far more obvious. Attacks are rarer as the spammers know they will have a lower sucess rate at mydomain.com than aol.com or ford.com, and as a result it's not worth the effort and computing power.

 

[maxd]

There are other reasons to be skeptical of the spam machine theory. For instance I have several domain names that I use for email and a generic "catch all" mailbox at those domains which is used if an email comes in with an unknown addressee.

Guess what? I don't get a lot of email sent to random names while I do get a fair amount of spam targeted at my specific email addresses. Admittedly I have used those email addys at various places around the web, not a lot but a little, so you could understand how those would get picked up and added to the spam lists.

So what I'm saying is that I've had these domains for years and very seldom see the random addressee thing happen.

 

[lots0]

With a packet sniffer (program to peek into data being transfered over an internet) a spammer can collect tens of thousands of unencrypted email addresses in just a few minutes.

You do not have permission to view link Log in or register now.

Your unencrypted email addresses are NEVER safe from spammers.

The more unencrypted email you send the better your chances of your email address getting collected by a spammer.

Also some spammers like to have their packet sniffers frequent specific networks, so they can collect email addresses from people that have shown an interest in what the spammers are selling or promoting, you know things like online casinos...

I find it amusing that the casinos and casino employees are being blamed... When in fact, the security for unencrypted emails is about as good as the security at the USA's southern border.

In other words, sending an unencrypted email is about as secure as publishing your email (and your email address) in your local news paper's classified section.

FYI - You may encrypt your email... But what about the person that replies to your email or sends you an email? If the person that replies to your email or sends you an email does not encrypt their email, your email address is still out there for the spammers to collect.

 

[jod5413]

I would like to give my sincere Thank You to all the posters in this very informative thread. I appreciate being given the opportunity to learn more about this frustrating problem that attacks everyone with an e-mail addy and an "internet life".

I also hope that we will receive some reasonable responses from the casino reps to help us feel more secure about this important issue.

Many Thanks People. Keep this info coming!!

Jod

 

[lifechooser]

With a packet sniffer (program to peek into data being transfered over an internet) a spammer can collect tens of thousands of unencrypted email addresses in just a few minutes.

You do not have permission to view link Log in or register now.

Your unencrypted email addresses are NEVER safe from spammers.

The more unencrypted email you send the better your chances of your email address getting collected by a spammer.

Also some spammers like to have their packet sniffers frequent specific networks, so they can collect email addresses from people that have shown an interest in what the spammers are selling or promoting, you know things like online casinos...

I find it amusing that the casinos and casino employees are being blamed... When in fact, the security for unencrypted emails is about as good as the security at the USA's southern border.

In other words, sending an unencrypted email is about as secure as publishing your email (and your email address) in your local news paper's classified section.

FYI - You may encrypt your email... But what about the person that replies to your email or sends you an email? If the person that replies to your email or sends you an email does not encrypt their email, your email address is still out there for the spammers to collect.

That's something I hadn't thought of. It's possible that they're sniffing packets near the casino's and getting addresses that way, which obviously isn't the fault of the casinos at all.

It's unlikely in totesport's case as they don't sent me email generally, and I don't send them any either, but it's certainly one of the best explainations so far.

 

[GrandMaster]

With a packet sniffer (program to peek into data being transfered over an internet) a spammer can collect tens of thousands of unencrypted email addresses in just a few minutes.

You do not have permission to view link Log in or register now.

Your unencrypted email addresses are NEVER safe from spammers.

The more unencrypted email you send the better your chances of your email address getting collected by a spammer.

Also some spammers like to have their packet sniffers frequent specific networks, so they can collect email addresses from people that have shown an interest in what the spammers are selling or promoting, you know things like online casinos...

I find it amusing that the casinos and casino employees are being blamed... When in fact, the security for unencrypted emails is about as good as the security at the USA's southern border.

In other words, sending an unencrypted email is about as secure as publishing your email (and your email address) in your local news paper's classified section.

FYI - You may encrypt your email... But what about the person that replies to your email or sends you an email? If the person that replies to your email or sends you an email does not encrypt their email, your email address is still out there for the spammers to collect.

The "To" address is unencrypted even if you encrypt the body of your e-mail otherwise the mail servers along the route would not know where to forward the e-mail. Nervertheless, if you can sniff network traffic, you can probably get lot more valuable information than e-mail addresses.

 

[casplayer]

I use several email addresses for gambling as well and I can confirm that I did also receive the "Gold VIP Club" casino spam in my inbox of the email address which is registered with Totesport...

 

[vinylweatherman]

That's something I hadn't thought of. It's possible that they're sniffing packets near the casino's and getting addresses that way, which obviously isn't the fault of the casinos at all.

It's unlikely in totesport's case as they don't sent me email generally, and I don't send them any either, but it's certainly one of the best explainations so far.

I had a look at that packet sniffer article, and it makes it clear that a spammer can't just sit at home and log into another network and sniff the packets. This means that in order to capture the packets, the sniffer must be either running within the casinos own networks, or on your home PC.
If a majority of totesport users are getting this spam to the E-mail registered there, but not to other E-mail addresses, then this points to a security breach at the Totesport end. In this case, either an employee has harvested the E-mail addresses, or the packet sniffer is operating within the Totesport network, having been planted maliciously - perhaps by a trojan application. The article also shows how hard it can be to trace.
It is also possible that only the E-mails are being targeted, and the packet sniffer could be on one or more of the mailservers that route the E-mails.
Other articles I looked at last night assert that the random generation of large numbers of possible addresses is not that common, and spammers prefer to have an idea that their targets are genuine recipients. Also, this problem can explain why sent E-mails are never received by the recipient. There are industry wide blocklists that can block whole domains, meaning legitimate users on that domain can find people claiming never to have received their E-mails. I am interested in that because of the number of times I have E-mailed casinos who then claim not to have received it, even though they have received other messages - this can be down to routeing, sometimes E-mails appear to come from a spammers domain, and at other times not.

 

[cyprean]

I use several email addresses for gambling as well and I can confirm that I did also receive the "Gold VIP Club" casino spam in my inbox of the email address which is registered with Totesport...

This bit of information makes the "sniffing packets" stuff really go out of the window when Totesport is concerned. I don't see how "Gold Vip Club" spammers only buy information from packet sniffer who only target Totesport-emails.

[wild guesses]
It could be one of their employees or not. Totesport is a Playtech, but perhaps they have outsourced some of their casino operations, and the e-mail lists have leaked to an evil employee.
[/wild guesses]
.

 

[maxd]

I had a look at that packet sniffer article, and it makes it clear that a spammer can't just sit at home and log into another network and sniff the packets. This means that in order to capture the packets, the sniffer must be either running within the casinos own networks, or on your home PC.

I just wanted to say that the gist of this is that the sniffers are an invasive thing: they must have access to the traffic in order to do their work. It's somewhat similar to having your phone bugged.

 

[lots0]

I had a look at that packet sniffer article, and it makes it clear that a spammer can't just sit at home and log into another network and sniff the packets.

lol... an expert after one article.
A packet sniffer can be run from anywhere, just like any program.
The real good ones (actually, the only ones that the real spammers use) are run remotely from a

You do not have permission to view link Log in or register now.

.

Please note, I did NOT say that some casino employee did not sell a list of email addresses to some spammer, that very well could have happened.

However,
I am saying, that if your into odds... The odds are far far better that your email address got picked up by a packet sniffer, than it got sold to a spammer by some casino employee.

@GrandMaster, most packet sniffers will drop the packet if any part of it is encrypted. Of course, that can be changed by a tweak of the code. But then you have to compile and scan all the encrypted packets for unencrypted data, a massive task... So using encrypted email will still protect your email address better than not using encryption.

Nervertheless, if you can sniff network traffic, you can probably get lot more valuable information than e-mail addresses.

An evil email spammer is going to throw away good email addresses, because he got a few passwords... I don't think so... lol

 

[Casinomeister]

Just out of curiosity, I checked a hotmail account that I use only for testing purposes. No one has this address, and it is a VERY obscure address with a ficticious name, number combination, and dashes. This morning there were three spams in my inbox - and copied on were a few more email addresses like mine but a number or two off. Of course these were all generated by some spam random email generator. So this happens.

None of the spams were casino related.

@ lifechooser - who did you receive the spam emails from? Were these directly from the casino or were they from affiliates. If you can't tell, feel free to post them here with full headers.

 

[lifechooser]

I've answered both of those points before.

Hotmail is different, as so many people use the hotmail domain, it's worth spamming every permutation of name @hotmail.com as most of them will turn out to be valid addresses. This isn't the case with my own domain.

Also, when I named names, I gave the names of all the senders of the spam too. Since then I've had one to totesport from 'spin palace' (though the link points to Link Removed ( Old/Invalid) ).

Here's some partial headers;

Totesport #3;
Comment: DomainKeys? See

You do not have permission to view link Log in or register now.

DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=vivayouarelucky.com;
b=H7yLbS4SOk6eBRm/hCJNdMiA3dzeuIuFI5O4Z268ProsLjcN3OXBwGpQ87l5agCi7wenSLcsbcb1i7f8JwD9jQ==;
Received: from mx56.vivayouarelucky.com [216.10.15.56] by vivayouarelucky.com [216.10.15.56];
Mon, 10 Dec 2007 14:02:56 EST
-------
Totesport #2;
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=itsforyougetitnow.com;
h=from:to:subject:date:message-id:content-type;
q=dns/txt; s=s512; bh=ulzAB3gYJXNqsiMhkbPZi5xMNhE=;
b=V24d+pSJ76WXPvg/NQANCs0IS4ZBetA1+EXgAEDz9mWn0cMGTwj3yFB5w5FyD3U3m/pB9nVWp6iuGFI81BvIjw==;
Comment: DomainKeys? See

You do not have permission to view link Log in or register now.

DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=itsforyougetitnow.com;
b=Skqvq/ZiKlPey1eY/ckgADYqsITuY9HFvwM9YBrpUIDOECa/IHf6fVrhtzFk8fDlJMOpHL5Qymo1mst3zVp+IA==;
Received: from mx25.itsforyougetitnow.com [216.10.15.25] by itsforyougetitnow.com [216.10.15.25];
Sun, 9 Dec 2007 18:24:19 EST
MIME-Version: 1.0
------------
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=superpalacegold.com;
h=from:to:subject:content-type:date:message-id;
q=dns/txt; s=s512; bh=PPXyHYv6Ou+5FBSNwoOzuk6aiCY=;
b=YafHjZz67gy+XS8A0MztstkPL1vyl+SyaTh+MCCho4lCzilJkEi+ZbVdU/DSY0fK0ziUuReVR0Tt5p+QIxzvrw==;
Comment: DomainKeys? See

You do not have permission to view link Log in or register now.

DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=superpalacegold.com;
b=lR6ikWJj4gg2h1OxnpTAyUtRi7udJfxBAiB+ldGqvwmsvg3dayBVabCa47RoteRf7VpYT1NeYepqrGAKElFEcQ==;
Received: from mx52.superpalacegold.com [216.10.15.52] by superpalacegold.com [216.10.15.52];
Thu, 6 Dec 2007 18:45:49 EST
MIME-Version: 1.0
----------------
So all of them came from 216.10.15.xxx which is godaddy. The domains were registered on 29th November 2007, by;
Doust, John dedijohn@gmail.com
dedijohn
cyprys limassol
limassol, lima 8234
Cyprus
357892949302

-------------------

Bluesq #1;
Received: from balmyd.net ([75.126.66.132])
by mx.kundenserver.de (node=mxeu17) with ESMTP (Nemesis)
id 0MKxIC-1IzGCL3MBS-00083p for bluesq@mydomain.com; Mon, 03 Dec 2007 19:39:18 +0100
Message-ID: <C2D05BFA.64F7864A@balmyd.net>
Date: Mon, 03 Dec 2007 20:12:32 +0100
Reply-To: <bluesq@balmyd.net>
From: <bluesq@balmyd.net>
MIME-Version: 1.0

---------------------
bluesq#2;
Received: from beardc.net (www.rockheads.com [74.200.253.12])
by mx.kundenserver.de (node=mxeu22) with ESMTP (Nemesis)
id 0MKr6C-1J0jci2VT4-0003xp for bluesq@mydomain.com; Fri, 07 Dec 2007 21:16:37 +0100
Message-ID: <2A2E6438.75AD1658@beardc.net>
---------------------
Whois;
Domain Name: BEARDC.NET

Registrant [1151825]:
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US

Rockheads.com;
Rockheads Comics & Games
2527 75th Street
Kenosha, WI 53143
US
(I suspect this may be a bot)

Domain Name: BALMYD.NET

Registrant [1151856]:
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Record created on: 2007-11-08 22:36:47

 

[Casinomeister]

Thanks! Were the casino URLs aff links? Please post these.

You can post those here and deselect "Automatically make website links clickable" so that no one can click through.

 

[Eurolinx Lydia]

Hi all,

Casinomeister was just good enough to alert all of us Casino Reps to this thread so that we could contribute a bit from this side of the fence.

Selling e-mail addresses happens. We get approached about once a month from someone with a list of e-mail addresses, physical addresses, or both. I'm sure we would get a lot more offers if we ever bought a list, but we haven't (and won't).

Your e-mail address, physical address, and phone number are all available to just about everyone on staff. They have to be in order for you to get good customer service. There are ways to prevent a staff member from being able to produce a list from that information, though. With us, you can only make a list if you have access to the database, which very few people do. You could request a list from someone with access, but in order to receive it, the request has to go through a senior member of management. It seems like a lot of red tape, but it is there for your protection.

Of course, the best way to prevent someone on your staff from selling customer details is to hire carefully and treat the staff well.

Your banking details should always be secure wherever you play. We do not have access to any of our customers' credit card details. These are stored by the credit card processing company that we use. We see the last four digits of the card number, and no more.

We also do not store passwords. If you need a new password, we can generate one for you, but we never see it. It would be easy to find out if your casino stores passwords; just ask for your password and see what their response is.

Keeping a separate e-mail address for each casino is a very good idea, especially if you use your own domain.

Let me know if you have any questions. I can only answer for Eurolinx, but there should be a few more Casino Reps chiming in soon.

Best,
Eurolinx Lydia

 

[Mario]

Hallo there,

Hope everyone is well.

The same goes for PlayShare and almost all Microgaming casinos that is stamped and approved by eCogra.

Players information should be and is the utmost importance at PlayShare and all there affiliated casinos.

We are being audited by eCogra seeing that we are in the process of acquiring their stamp of approval and clearly by their guidelines and practices accepting or even undergoing such devious practices such as buying mailing list is just above me.

Why would a reputable casino have to fall so low in order to acquire a player?
Your personal information should be and must be number one priority as without having secure and well maintained systems and security practices the online casino industry will not be able to survive.

Again at all times your information is safe with us.

Best regards
Mario

 

[PurpleZelda]

Player security is extremely important to Purple Lounge and we have similar security measures in place as those mentioned by Lydia. Our team is dedicated to providing the best service for its players, which includes safeguarding all their details.

As previously mentioned, it would be crazy, not to mention illegal for a Casino to sell player information. All our staff are thoroughly vetted and must provide numerous references, which are all carefully checked. The Purple Lounge team is committed to ensuring all player information remains protected.

Kind regards

Zelda

 

[Betfred]

As with any reputable casino and sportsbook, the players security is paramount. Here at Betfred access to the database is strictly limited to management. The support team do have access to personal details in order to assist players effectively but they are also monitored by the shift supervisor and would be unable to make any copy of said information without raising suspicion.

Banking details are kept on a separate database and even I as part of the casino management team would not be able to access such information without an extremely valid reason and then not without the most senior level approval.

An added level of security is that every action taken by ANY staff member is recorded at some level. We can monitor all changes and requests on the database and exactly who they have been requested by. This is a great deterrent to any would-be data thief.

All player passwords are hidden from all staff here and a member of our team should never ask for it (I would certainly like to hear about it if they did!)

Regards,

Ian
Casino Manager
Betfred Casino

 

[lifechooser]

Thanks! Were the casino URLs aff links? Please post these.

You can post those here and deselect "Automatically make website links clickable" so that no one can click through.

I've provided as much as I know about the links. Where the casino name and links don't match, I've provided the link name, e.g. when 'spin palace' spam actually used the url http://www.bigspinwinners158.com/1/a320623/index.asp.

Others I've mentioned;
superpalacegold.com (actual url)
Gold VIP Club Casinos (http://mLink.org/55322)
http://www.bigota.net/ and http://www.bluesb.net/ (Both actual urls)

 

[lifechooser]

Thanks to the reps for posting on here, it's very reassuring, especially hearing how hard it is to access bank details and passwords.

 

[maxd]

I'll happily second that! Well done reps!

 

[USA2112]

Selling e-mail addresses happens. We get approached about once a month from someone with a list of e-mail addresses, physical addresses, or both. I'm sure we would get a lot more offers if we ever bought a list, but we haven't (and won't).

For those approaching the casinos with these email list is the casino staff taking any actions to report or have them blacklisted in anyway, if not, they should be and in the long run would help everyone. The player has no control over this happening and the only thing we can do is to filter the emails, but this does not solve the problem.

 

[Eurolinx Lydia]

For those approaching the casinos with these email list is the casino staff taking any actions to report or have them blacklisted in anyway, if not, they should be and in the long run would help everyone. The player has no control over this happening and the only thing we can do is to filter the emails, but this does not solve the problem.

So far, we have just been marking the e-mails as Spam and deleting them. I'll check with our e-mail guys today to see what else we can do with them.

As reputable casinos, what we can do about this problem long-term is ensure our player lists stay on our databases and no stolen lists get purchased. As players, you can do exactly what you all are doing in this thread; exposing those casinos who have violated their players' privacy rights.