Phishing hitting Online Casinos

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
This could be quite a threat indeed.

MANY casinos offer promotions via Email. It is necessary to claim by following a link to a claim form, which asks for some of your details. Usually this is the account number, Email address, and name.

It would be easy to send a load of these out for, say, a special deposit bonus "by invitation only" for a popular casino or poker room, and regular players would probably not suspect anything untoward. Players who do NOT have an account would probably dismiss this as "spam" rather than phishing.

What is suprising is not that they are doing this now, but the fact that they had NOT been doing this already when the industry was at it's height prior to UIGEA.
 

TDTAT

Dormant account
Joined
Jun 7, 2006
Location
Gambleville
This could be quite a threat indeed.

MANY casinos offer promotions via Email. It is necessary to claim by following a link to a claim form, which asks for some of your details. Usually this is the account number, Email address, and name.

It would be easy to send a load of these out for, say, a special deposit bonus "by invitation only" for a popular casino or poker room, and regular players would probably not suspect anything untoward. Players who do NOT have an account would probably dismiss this as "spam" rather than phishing.

What is suprising is not that they are doing this now, but the fact that they had NOT been doing this already when the industry was at it's height prior to UIGEA.

How lovely... I hope none of them read casinomeister :eek2:
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
How lovely... I hope none of them read casinomeister :eek2:

They probably do, but it is best that members know what the risks are NOW, rather than blundering into this unawares.

CASINOS need to act on this too, they need to design a promotional system that REQUIRES (or at LEAST allows) players to claim their offers by logging DIRECTLY into the casino, or it's webpage, WITHOUT having to follow an Email link. Indeed, they should discourage following Email links altogether.

There are some casinos that REQUIRE following an Email link to a "hidden" claims page on their website, this is argued to be needed to prevent players NOT invited from finding the claim form and claiming the bonus.

BelleRock do this, and would be an easy target. Grand Mondial have switched to a dual system, where players can both view, and claim, their bonus in the lobby as well as by Email.

Palace Group provide links in the Emails, but it is also possible to pick up the link directly from the Viper lobby and claim - the link only appearing if the player is invited.

To fight this threat, players should be on their guard for suspicious looking offers from their regular casinos, and check that the claim form only asks for only SOME of the information.

The password should NOT be required, indeed, only the account number and Email address is needed (to send a claim response back to the player). Other information is asked for in order to verify the claimant is indeed the rightful owner of the account.

ANY claim form that looks different from the regular design, or starts asking for such things as the password, should be reported to CS rather than being used.

It would be best if ALL casinos move over to a code based claim system, where the codes are mailed out to players and entered directly into the software, The software itself should be adaptedto check eligibility for the promotion at the time of deposit.

RTG probably have the best system, along with Cryptologic, as the code is entered directly into the secure cashier BEFORE a deposit is made.
A link to a hidden page is OK provided it is to VIEW, but not CLAIM, the promotion.

Failure to act could lead to players regarding Email promotions with increasing suspicion, and they will not achieve the desired effect, which is to stimulate deposits.
 

Simmo!

Paleo Meister (means really, really old)
Joined
May 29, 2004
Location
England
Not sure if I am allowed to post a link, but be on your guard.

You do not have permission to view link Log in or register now.

Links to The Register are fine - it's a great news site with a humerous slant on things and for those that don't read it, you should check it out. It's a fun and informative lunchtime read. :thumbsup:
 

Users who are viewing this thread

Top