![]() Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter! Recent Articles
|
Gaming Guru
I-Gaming Operators: A Beginner's Guide to Your Three-Headed Antagonist29 December 2008
At any given time, about 25 percent of the world's computers on the Internet are compromised by fraud attacks, according to one Internet security expert, and that adds up to more than 100 million opportunities. Identity theft is the primary end game of a fraud attack, Peter Wood, the founder of First Base Technologies, told IGamingNews. If a fraudster can impersonate someone online, he can create an enormous mess not only for the person whose identity he stole, but for unknowing online businesses as well. "With an online environment, the problem a business has is guaranteeing that the person they're doing business with is who they say they are," Mr. Wood said. "And that's a really difficult thing to get right because if you're dealing with someone who in the end is just sitting at a computer somewhere, using a browser, it's remarkably difficult to validate them." Thus begins the conflict for online operators who want to provide easy access for their customers, while offering a secure environment. In banking, for instance, Mr. Wood said, the banks find it relatively easy to persuade customers to use quite complicated authentication measures. "Just recently, banks (in England) started shipping out card readers to all of their customers, so they have to put their banking card through a card reader and then put in some more credentials," he continued. "But something like a gambling firm can't do that because it's obviously a barrier to their business. So, they're likely to rely on just a user name and password to authenticate a customer." If a criminal can obtain someone's information, then that is largely all he or she needs to conduct a fraud attack. The three most common types of attacks are keylogging, phishing and drive-by Web sites, according to Mr. Wood. Keylogging: The most common mechanism for stealing someone's identity. It is a piece of software that an attacker installs on an unknowing victim's computer to record keystrokes, Web site visits, e-mail addresses and other valuable information. The information is then uploaded to the criminal's computer for use at his or her leisure.
Mr. Wood recommends never opening an e-mail or link, or downloading an attachment from an unknown source. Frequently, e-mails that claim to be from a known source carry with them a Trojan virus that installs the keylogging software on a victim's computer. A Trojan pretends to be something harmless, like a screensaver or a gift sent to someone's e-mail, while inside it contains a malicious virus that, once installed, can destroy a computer. Unfortunately, anti-virus software cannot effectively protect users from Trojans because it was designed to detect viruses, which have a particular signature and the Trojans are not necessarily known to the anti-virus companies, Mr. Wood said. Phishing: Another mechanism used by attackers is to send Internet users an e-mail purporting to be from someone they do business with, like a bank or eBay. But when users click on the links within the e-mail, they are taken to a cloned site where they enter their information (e.g. user name and password), which is then collected by the criminal. Drive-by Web Sites: Another way of distributing viruses, and seemingly particularly threatening to online gambling sites. Criminals set up software to search the Internet for vulnerable Web sites -- sites that don't have their security software up to date. Someone who so much as browses a Web site that has been attacked becomes infected, and the virus spreads, much like a biological virus. "So, it doesn't need to be specifically targeted," Mr. Wood said. "It doesn't need to be an attack that's focused just on one individual because (the attacker) happens to know they'll be betting at Bet365, or somewhere. It just so happens that because they haven't protected their computer properly, they've already been compromised. And if and when they visit that site again, and log in, their credentials are simultaneously sent to the criminal who can then impersonate them at any point in the future." The problem for most consumers, Mr. Wood said, is that they probably don't understand the technology they are using. "Most of the problem comes from not protecting the machine you use," he said. Mr. Wood recommends keeping all computer software up to date at all times and using Firefox instead of Internet Explorer because hackers' expertise typically lies in attacking Explorer. Conference Spotlight: Combating Cybercrime in Betting & Gaming
I-Gaming Operators: A Beginner's Guide to Your Three-Headed Antagonist
is republished from iGamingNews.com.
Recent Articles
Emily D. Swoboda |
Emily D. Swoboda |