For all the concerns that users have about the security of sites they’re connecting to, the majority of security leaks come (inadvertently) from the users themselves. The owners of most casino sites are trying to build a proper business, and it’s not in their interests to neglect the security of their customers’ details – indeed, the failure to properly protect confidential information could well be fatal to even an otherwise healthy firm.
Reputable companies will usually protect transactions with SSL encryption – 128bit or more. This means that transaction details are virtually unreadable to anyone stealing them. Firewalls will be set up to protect data, and credit card details should be held securely. As long as the company is genuine, your data should be safe. As we know, however, gambling sites are fertile ground for criminals across the globe, and fakes do exist. A string of Bestcasinoz, Bestplay and Bestvip sites, for instance, conned many users, as did a host of ‘Play-Super’ and ‘Super-Play’ sites.
Why Fake a Casino
Most casino scams are run by ‘phishers’, hoping to tempt you into ‘sending’ them credit card details, usernames, passwords, and other less important (though still sensitive) pieces of data, such as addresses and dates of birth. The phishers will usually do this by emailing you a special offer if you sign up. Casino sites offering generous bonus offers are common, of course, so it’s easy to be hoodwinked. These companies are often operating in foreign countries with lax protection, and if you’ve freely given them your details, getting your money back could prove very difficult indeed.
Image Source: yoursecurityadvisor.co.uk
There’s also the problem of software downloads. It’s very common for casino web-sites to ask you to download a piece of software in order to use the games. Unfortunately, this software may have a hidden cost. It might damage the files on your computer. Far more likely, though, is that you’ll be inadvertently loading spyware that can then relay everything you send from your computer directly to the phishers, or search through your system for confidential information. A good firewall program (such as the free ZoneAlarm) should prevent data from getting out, of course, but once you have ‘volunteered’ to load malicious software onto your computer, it’s not always easy to stop the consequences.
Is the Casino Safe?
Be very cautious about signing up to new casinos, especially those contacting you rather than the other way around – try and stick to casinos that have been recommended by multiple reviews on other sites, and use the information from the likes of http://www.casinomeister.com/rogue/. If you still wish to hand over sensitive data, then you need to check out the site very carefully.
Genuine casinos should have proper certification. Look for small logos on the screen (usually these will be placed near the bottom of the page, or close to the symbols for Visa and other payment options). These logos should refer to organisarions like eCOGRA and TST, and clicking on them will often let you look at authenticated payouts from that casino site. The certification process for casinos is quite stringent, so if this information is missing then you should be very suspicious.
Look at the software used. If the site is using a major player, like Playtech, RTG, Microgaming, or Rival, it’s more likely that the casino is authentic. If you’ve never heard of the software platform before, then type the name into Google, and see if other casinos are using it. If the software platform doesn’t even have a name, then be wary – very few casinos use proprietary software platforms. A lot of sites will let you play the games online (often in a reduced form) before you download the main software suite, so be suspicious of any unknown sites insisting that you can play only with a full download.
The more ‘advanced’ features you see working properly, the more likely it is that the site is genuine. Where Live Chat is offered, click on it and ask a few searching questions – if the answers make little sense, it could be because the site owners aren’t running a casino at all. Sports betting sites usually have lots of streaming prices for current sports events, making them more difficult (but certainly not impossible) to impersonate than casino sites.
With new sites, it’s always worth testing their withdrawal process. Start with a small deposit and try and withdraw a little. If the money is released to you quickly, you can increase the amounts deposited.
Detecting Fake Sites
If you’re responding to an email offer, or following a link given by a web-site that you don’t necessarily trust, it’s not enough to know that you recognize the name of the casino. Phishers may be imitating an existing site, creating a replica of it that fools unsuspecting customers into typing in their usernames, passwords or credit card details, or downloading spyware. You should never have to give out details like usernames, passwords, security question answers or credit card numbers through email, so be very wary of messages asking you for such information.
When you sign up with a new casino, you should make a note of (or bookmark) the web-site address itself. Only ever use that address to access the site – even when you’re going there in response to an email promotion. If you only ever use the original address, it’s unlikely you can be scammed by an email or site sending you a fake URL. If you’re in doubt as to which the real address is for a site, type the company name into Google, and the main site should come at or near the top – fake sites tend to be uncovered pretty quickly, so it’s very unlikely one would ever jump to the top of a Google search. When it comes to identifying fakes, Google is always your friend – typing in bogus site names, or entering an exact line from a fake email, will often tip you off. Even relatively new sites should have plenty of references on Google.
Most scams are, thankfully, pretty primitive, using poor graphics and being littered with typos and broken English. The odd ‘high quality’ fake will pop up, though, so you need to know how to spot them. Provided the content looks ‘right’, check the web-site address/URL itself. Most addresses will be very similar to the name of the site – williamhill.co.uk and willhill.co.uk, for example, are the two main addresses for the William Hill site. If the address appears to bear no relation to the name of the site itself, be very cautious. Also look for subtle differences in the URL. In the case of the William Hill site, for example, you would want to be careful of wilhill.co.uk. or will2hill.com. Strange country domains at the end are also red flags – .ng or .ru are very suspicious at the end of a site, and should be avoided. Most big companies will use .co.uk or .com, so be careful of addresses that end in .biz or .net – these often aren’t associated with criminal activity, but they can be indicators that somebody’s trying to fake a URL.
Most of the security lapses come from the user rather than the company they’re dealing with. Some of these phishers are highly skilled. If in doubt, don’t hand out any details. If you’re not sure about a company’s validity, don’t register with them. And always use different account names and passwords for each site – you can write these down, but be sure to do so using some sort of code understandable only to you.
Remember, if you hand your details over to scammers, it might be very difficult indeed to get a refund, so you owe it to yourself to be as careful as possible when approaching new or unheard-of companies.