Fraudsters are continually posing as online bookies to encourage victims to click on links that will infect their devices with malware or lead them to websites where their banking information will be stolen.
A new report by cybersecurity solutions provider Group-IB details the types of threats it has identified in malicious emails during H1 of 2020. The firm says it blocked over 9,000 phishing web resources in the first half of 2020, up 9% over H1 of 2019.
Disturbingly, Group-IB says 69% of these resources used safe SSL/TLS connection, an increase from 33% at the end of last year. Sites without SSL/TLS certificates are usually flagged by web browsers before a victim is allowed to advance, thus diminishing the effectiveness of phishing effort, but fogged or fake certificates are increasingly available on the dark web.
Emails claiming to come from legitimate online services accounted for 46.2% of malicious emails, whereas email service providers came second at 24.1%. Financial organizations at 10.7%, payment services with 4.3% and social networks at 4.25 completed the top five.
Emails claiming to come from online bookies came 6th with 3.8%, almost twice the amount purporting to be from dating websites. Individuals directed to these bogus bookmakers might bang in their account information without thinking otherwise, after which their actual betting account, not to mention their credit cards and other banking medium could be pillaged at will.
(Australia’s telecommunications watchdog recently gave a warning regarding malware in emails from internationally licensed online gambling operators, however, that caution came as part of a larger campaign to paint any non-Australian website as crawling with cooties, so take with a pinch of salt.)
Back to the report, Group-IB claims 44% of the web domains used in these phishing efforts were of the .com variety, whereas the highest country-specific domain was Russia at 9%, ahead of second place Brazil at 6%.
The pandemic has not been kind to the online gambling sector when it comes to security, with the monthly number of distributed denial of service (DDoS) attacks going through a five-fold rise between February and May of 2020 as the lockdowns took hold and online activity increased.
If there is a positive side to this story, it is that Group-IB said just 1% of emails it looked into contained ransomware, a drastic drop from H2 of 2019, during which ransomware was in every second email. This is apparently because of ransomware firms moving from mass attacks to targeted efforts at corporate networks.
Ransomware’s previous position as top malware dog was taken by spyware, which was found in 43% of analysed emails.
Downloaders (which install extra malware) came second with 17%, followed closely by backdoors providing remote access to victims’ devices at 16% and banking Trojans with 15%.
Online gambling firms are additionally advised to ensure staff take appropriate care before clicking on links or opening email attachments. Some Asian-facing websites learned it the hard way in 2019.
US-facing sportsbook BetUS had stolen information published online this spring, and customers of sportsbook provider SBTech were forced offline around the same time following an unspecified attack that hit the firm.
Land-based casinos are additionally increasingly under attack from malicious agents. Iranian hackers sought Las Vegas Pennsylvania casino many years ago, whereas targeted by more fiscally-minded hackers.
This month alone, the Sugar Creek casino in Oklahoma was forced to close down after a foreign ‘network security incident’ over the Labor Day weekend. As per one certain red woman, the net is dark and full of terrors.