Online gamblers target of scammers

Player at computer

A lot of money changes hands in the world of online poker and other forms of online gambling. That makes players a ripe target for online scammers.

According to a article, criminals are using Trojans to steal millions from online poker players.

A Trojan, or Trojan horse, is a program that doesn't replicate but causes damage or compromises the security of a computer. They can be sent via e-mails or downloaded from Web sites or with other programs.

Mikko Hypponen, chief research officer at the security software company F-Secure, told of a situation where an online poker player had a Trojan on his computer that allowed the person who had sent it to secretly take a screenshot of the player's screen.

"We were just investigating a case where a professional online poker player was attacked by someone he would play against regularly online," said Hypponen in the article. "All of a sudden he started losing. He would regularly lose even when he had a great hand - pocket aces for example. If he had an unbeatable hand, the other players would simply fold. And when he tried to bluff, he would lose."

Hypponen said the player lost hundreds of thousands of euros over the course of a few weeks before F-Secure looked into the matter.

What they found was that one of the other players he was regularly playing against had sent him a tool to help optimize his poker player, but the tool also included a Trojan. That player used it take a screenshot of the pro's screen while they were playing together and see the hole cards he was holding.

Hypponen said it was a clever attack because instead of outright stealing the player's account, he was instead conning the player out of his money, which would take longer for a person to figure out.

"I don't think many online poker players realize that those kind[s] of attacks are being done," Hypponen said.

There are ways for players to better protect themselves from Trojans or other viruses. Along with downloading a good anti-virus program, McAfee offers the following security tips:

  • Do not open e-mail attachments from an unknown, suspicious or untrustworthy source.
  • Do not open an e-mail attachment unless you know what it is, even if it appears to come from a friend or someone you know. Some viruses replicate themselves and spread via e-mail.
  • Do not open any e-mail attachments if the subject line is questionable. If you feel that the attachment may be important to you, always save the file to your hard drive before you open it.
  • Delete chain e-mails and other spam from your inbox. It's best not to forward or reply to messages like these.
  • Exercise caution when downloading files from the Internet. Make sure that the Web site is legitimate and reputable. Verify that an anti-virus program has checked the files on the download site.
  • Avoid downloads from non-Web sources altogether. The chances of downloading infected software from Usenet groups, IRC channels, instant messaging clients or P2P is very high.
  • Update your anti-virus software often. Threats are on the increase, and they are constantly evolving. Hundreds of viruses are discovered each month.
  • Back up your files frequently. If a virus infects your files, at least you can replace them with your backup copy. It's a good idea to store your backup files (on CDs or flash drives) in another secure physical location away from your computer.
  • Update your operating system, Web browser and e-mail program on a regular basis.
  • Do not open messages or click on links from unknown users in your instant messaging program.

Use a personal firewall. A hardware firewall that sits between your DSL router or cable modem will protect you from inbound attacks. It's a must for broadband connections. A software firewall runs on your PC and can protect you from both inbound and outbound attacks.

Check your accounts and credit reports regularly. Identity thieves can begin using your personal information to open accounts and purchase goods within minutes of obtaining that data. Check your bank account and credit card statements frequently. That way, if you discover that your personal information has been compromised, you can alert credit companies and banks immediately, so they can close your accounts.

Trojans and viruses aren't the only thing online gamblers should worry about. According to a story in The Register, security company Symantec recently noticed an increase in phishing attacks against online gamblers as well.

Scammers have found it easier to trick online gamblers into providing them with the log-in credentials to their gaming accounts where they can cash in rather than trying to get someone's bank account information.

One scenario mentioned in a story is that phishers could steal players' e-mail information and then forward them spoofed e-mails claiming that the player has money in his account or a problem with his account. The message then links to a spoofed Web page that requests the user to enter his online account information for the gambling site.

That information can then be used to steal the user's credit card information and any cash that's in their account.

As with Trojans and viruses, there are ways for people to protect themselves from phishing scams as well. The National Fraud Information Center ( offers the following tips:

  • Watch out for "phishy" e-mails. The most common form of phishing is e-mails pretending to be from a legitimate retailer, bank, organization or government agency. The sender asks to "confirm" your personal information for some made-up reason: your account is about to be closed, an order for something has been placed in your name or your information has been lost because of a computer problem.
  • Don't click on links within e-mails that ask for your personal information. Fraudsters use these links to lure people to phony Web sites that looks just like the real sites of the company, organization, or agency they're impersonating.
  • Beware of "pharming." In this latest version of online ID theft, a virus or malicious program is secretly planted in your computer and hijacks your Web browser. When you type in the address of a legitimate Web site, you're taken to a fake copy of the site without realizing it. Any personal information you provide at the phony site, such as your password or account number, can be stolen and fraudulently used.
  • Never enter your personal information in a pop-up screen. Sometimes a phisher will direct you to a real company, organization or agency's Web site, but then an unauthorized pop-up screen created by the scammer will appear, with blanks in which to provide your personal information.
  • Know that phishing can also happen by phone. You may get a call from someone pretending to be from a company or government agency, making the same kinds of false claims and asking for your personal information.
  • If someone contacts you and says you've been a victim of fraud, verify the person's identity before you provide any personal information.
  • Job seekers should also be careful. Some phishers target people who list themselves on job search sites. Pretending to be potential employers, they ask for your social security number and other personal information.
  • Be suspicious if someone contacts you unexpectedly and asks for your personal information. If you're contacted out of the blue and asked for your personal information, it's a warning sign that something is "phishy." Legitimate companies and agencies don't operate that way.

If you have been hooked by a phisher or realize that important personal information may have been stolen if your computer is compromised by a Trojan, act immediately. Notify the companies with whom you have accounts that were compromised right away.

It's also important to report phishing, whether you fall for it or not. Tell the company or agency that the phisher was impersonating. You can also report the problem to law enforcement agencies through NCL's Fraud Center. The information you provide helps to stop identity theft.

Best Poker Sites - Editor`s Pick

Latest Blogs »