The director of cyber security company MIRACL spoke to Gambling Insider about account takeover. Rob Griffin reported that the gaming industry’s problem this year will cost the industry billions of pounds.
Given how quickly the situation is progressing, he said, this is no longer a problem, but a crisis, and it’s not being talked about in the news at the proper level. He advised to conduct thorough checks, because in their experience, this problem affects absolutely everyone. And it can be saved by multifactor authentication, which the gambling operators do not dare to implement, because it can provide inconvenience to players.
If you think you don’t have such a problem, based on our experience, it’s only because hackers are so adept at simulating normal traffic that normal threat detection systems can’t detect them. Operators certainly can’t rely on players noticing the problem
Capturing accounts is a fast and profitable way. According to the director, you can invest $1,000 and double the amount in just one day, even with minimal returns. The main source of the problem is that the dark web sells large bases with logins and passwords to them. They can also get extra bonuses and free spins. These are accounts that have been hacked before. Using them repeatedly, it is possible to pick up accesses to gaming accounts. As Rob Griffin stated, the lowest success rate is 0.1%. It turns out that after running a database of 500,000 game passwords, which can be bought cheaply, the hacker gets access to at least 500 accounts. The overall cost of such an attack would be less than $1,000, and you can get from the hacked game accounts twice as much. The entire process takes only a day.
Even with the lowest response rate and the lowest price achieved for a gaming account, you still end up doubling your money with hacking activity that takes just a day
And it is not just individual hackers or groups, but entire organizations with hundreds of employees. This problem is most relevant to the gambling industry, because in terms of security they lag behind the banking industry.
Gamblers take advantage of this problem
Another trend has been noted, which has been called “friendly cheating”. Players refer to the fact that their account was compromised and it was not them who had placed the losing bets. This is how the players want their lost funds back. The director of MIRACL suggests that the excess free time during quarantine has made the problem more prominent.
How to protect your casino account
Here are a few steps that will help you protect your funds in your casino account from theft:
- Use unique passwords for each account at different casinos If possible,
- set up two-factor authentication
- In a personal information online casino, specify that you receive notification when logging into your account from a third-party IP address
- Set up SMS alerts.