5 tactics used by fraudsters to target betting websites

The online gaming industry has been experiencing rapid growth over the past decade to the tune of 20% a year and emerging markets in the US, Japan and Europe hold the promise of further growth.

But as the industry becomes more lucrative, it also catches the eye of wrongdoers looking to make a quick buck and using betting websites for their money laundering purposes.

In this article, we examine five tactics that fraudsters are using to target betting websites and further devious ends.

Tactic #1 - An unfair advantage

1. When an online gaming enthusiast shops around for the best bonuses, they stumble upon a review site where they can ask fellow gamblers for advice.

2. The fraudster, masquerading as a friend, suggests a website where the victim can obtain VIP bonus codes and invites them for a game of poker once they have registered.

3. When the victim clicks on the website suggested by the fraudster and downloads the bonus codes, they also load their device with malware that records everything that happens on screen and transmits this data to the fraudster.

4. When victim and fraudster meet online of a game of poker, the fraudster can see the cards held by the victim and use this information to take advantage of them.

Tactic #2 - Make them thank you

1. A fraudster purchases real payment card and user identity details from a website that sells this stolen data.

2. Funds from the victims account are transferred to a prepaid credit card which the fraudster can easily obtain using the victim’s own identity details or by fabricating a fake identity.

Note: Government regulations concerning money laundering with prepaid cards are scant or non-existing for small amounts of money.

3. The funds loaded on the prepaid card are then deposited at an online gambling website and used to wager several bets.

4. Money from winning bets are withdrawn into the prepaid card.

Bonus step: A fraction of the money won is used to repay the credit stolen from the victim’s account and the fraudster sends out a fake email purporting to be from the victim’s bank, claiming that fraud was detected and the stolen money reimbursed.

Tactic #3 - There’s money in numbers

1. Different fraudsters team up together and channel funds stolen from other people’s bank account to their respective gaming accounts at a particular online gambling website.

2. The fraudsters work together at poker tables by deliberately losing small amounts to each other and gradually laundering the money stolen into each other’s account.

Tactic #4 - Tipping the victim

How criminals fraudulently get access to customers online wallets to wash dodgy cash into clean cash.

1. A fraudster operating alone gains access to a person’s e-wallet credentials, which is often used by online gaming customers.

2. Money obtained from criminal activities is funnelled into the unsuspecting victim e-wallet.

3. The majority of this money is then deposited to another account owned by the fraudster, such that the transfer appears to originate from clean sources and is unassociated with crime.

4. The fraudster leaves a small amount of money in the victim’s account as a ‘gift’, duping them to believe that an account error was made on the bank’s part and counting on the victim’s greed to keep the extra money and not to report any suspicious activity to the bank.

Tactic #5 - Fraud 101: A step-by-step tutorial

Even though the original Silk Road, a notorious breeding spot of criminal activities that lay hidden in what is known as the deep web, was shut down by US and UK government enforcement agencies in 2013, there are several new versions that have spawned since then.

These websites advertise a wide variety of tools that can be used by fraudsters targeting the eGaming industry, including log-ins to bank accounts, prepaid cards, money transfer services as well as tutorials on how to defraud some of the world’s biggest betting websites.

Retailing at prices as low as €10, these tutorials provide access to established gaming accounts owned by real players with proven transactional histories with the betting websites and a line of credit ready to be defrauded. More expensive fraud tutorials provide access to accounts with a more established history and richer balances.

read next

Is your data safe enough?

Dale Schembri - April 11, 2019

In Verizon’s 2018 breach investigation report, over 65% of network intrusions were a result of hacking or social engineering attacks. So what can businesses do to protect against hackers’ attempts at accessing their data? When it comes to best-practices for online security, two-factor authentication (2FA) and multi-factor authentication (MFA) are always brought to the fold. […]

Read More

Cybersecurity risks within the financial sector

Dale Schembri - March 15, 2019

The financial services industry is undoubtedly going through a major shift, driven by the fintech wave of new products, operators and ways of doing business.  Accounting for shifts in technology, laws & regulations and global realities can be quite a daunting and time-intensive task. Taking a step back and reflecting on your long-term challenges and […]

Read More

Watch: Christian Sammut's interview at ICE 2019

Dale Schembri - March 6, 2019

Christian Sammut, BMIT's CEO discusses BMIT's recent announcements related to the €10m investment in a Tier 3 data centre, the strategic partnership with Microsoft and the recently-launched Backup-as-a-Service Solution. Watch the full interview below:

Read More