There has been a marked increase in the instances of online fraudsters trying to entice users on online gambling sites by creating fraudulent websites, where they can steal customers’ banking information by getting them to click on links which install malware on their computers, or by redirecting them to sites from where their information can be stolen. The ongoing pandemic has meant that more people are using online bookmakers than ever before, and this has led to a greater number of potentially fraudulent incidents taking place across these sites.
The cybersecurity provider Group-IB has reported that it saw an increase of 9% in the number of phishing attempts that it blocked in the first half of 2020, over the same period of 2019. The company said that it blocked 9,304 phishing attempts during this time. One of the biggest concerns is the fact that 69% of these attempts used a safe SSL/TLS connection, up from 33% in 2019. Usually, malicious sites lack SSL/TLS certificates, which means that they are flagged by web browsers as being potentially unsafe, and therefore users are prevented from logging onto those sites in the first place. With fake certifications being increasingly available on the dark web, fraudulent sites can use them to bypass this check, which means that users are more likely to click through and access potentially malicious websites than earlier.
In terms of the purported sources of these malicious emails, 46% claimed to be from legitimate online sources, with 24% of them being from supposed email service providers. The other largest sources which were spoofed were financial institutions (10.7%), payment services (4.3%) and social networks (4.2%), while online bookmakers made up 3.8%, which is nearly twice the number claiming to be from dating sites, showing how online gambling sites have become a popular option for fraudsters to try and spoof. This is dangerous since users accessing these fraudulent accounts could enter their banking and credit card information on these sites, which could then be stolen and used to empty their accounts at will. Online gambling operator Winz.io thus recommends that people looking to use online gambling sites are attentive to whether the URL is correct or not, and whether the site has a valid SSL/TLS certificate, when clicking on emails supposedly sent by gambling operators. The best course of action is to not open such emails at all and directly access the sites from the web browser.
Other insights from this report show that nearly half (44%) of the URLs used in such attempts were dot-com (.com) sites, while Russia was the country with the highest proportion of such sites, at 9%, followed by Brazil at 6%. The increased use of online services during the pandemic has also been mirrored in the increased number of attacks and malicious attempts, with the monthly number of DDoS attacks seeing a five-fold increase between February and May. One of the small pieces of good news from this report is that the incidence of ransomware has fallen sharply; Group-IB stated that only around 1% of the emails it analysed contained ransomware, which is a huge decline from 2019, where it was in every second email. and probably reflects the fact that ransomware attempts have moved to targeted corporate networks, rather than using mass attacks as they were previously.
It is not just online casinos that are facing increased attacks; land-based casinos have also been targeted more frequently this year. Multiple casinos in Canada were the target of online hacks, while the Las Vegas Sands’ Pennsylvania casino was hit by Iranian-based hackers a few years ago. The Sugar Creek casino in Oklahoma had to shut just this month after an unspecified ‘network security incident’, showing how casinos remain an attractive target for fraud, both online and otherwise.