Cyber Threats to Online Gambling Platforms
Chris Merchant
Director of Sales & Marketing @ Remora | Developing Innovative Cyber Security Strategies for Clients and Partners
Customers are at the core of every aspect of the gaming industry and without them the industry simply would not exist. Whether it is those who only have an annual bet on the National or the Derby or more seasoned gamblers, the more customers you have the more money you make.
Bricks-and-mortar bookmakers and casinos for so long the cornerstone of the gaming industry are slowly being usurped and their dominance challenged by new digital operators.
This new generation of digital operators offer players access to games via mobile phones, tablets, laptops, and PCs. Operators are getting closer to the goal of enabling users to experience a bet not just to place a bet. To do this digital operators offer various casino and sports betting experiences, including access to data designed to help users win.
These offerings have led to an unprecedented rise in the number of new players registering. On the day of the 2021 Super Bowl the third most downloaded app in the US was the FanDuel Sportsbook app, only behind Tik-Tok and Robinhood.
The rapid increase of new players has not gone unnoticed by cybercriminals.
Yet digital operators believe that by adhering to regulations and ensuring that they have AML and KYC procedures in place means they are protected from cyber threats, this could not be further from the truth.
Cyber criminals are targeting the users themselves in what are easily preventable attacks, with cyber criminals using a combination of social engineering and impersonation phishing attacks.
领英推荐
Globally the sector which registering the most new websites and domains in 2022 so far has been the gaming industry.
By registering domains that impersonate digital gaming domains, through the simple additional or replacement of one character in a domain gives cyber criminals MX records which in turn are easily used for impersonation emails.
The emails send by cyber criminals emulate legitimate digital operators with the offers of "free spins'', "improved odds", even "free money" all designed to entice players to inadvertently reveal their credentials as they fall victim to the phishing attacks they receive.
To prevent this, especially, the newer digital operators have a responsibility to protect their customers. They should publish cyber security information and safety online tips.
More practical steps would be for digital operators to identify customers who are using credentials on multiple sites or previously compromised credentials, these should be identified prohibited to protect the players.
Finally digital operators must use Domain Impersonation Monitoring to stamp out the threat from impersonated domains at the source.
The threat to digital operators may be an indirect threat but the threat exists and digital operators who want to trade on a reputation of looking after their players will be the ones who take on and defeat the threats, in turn further increasing the number of players who want to gamble through their legitimate sites and apps.