Poker Players Targeted By Card-Watching Malware

Malware Target Popular Online Poker Sites

Malware researchers at security firm ESET have come across a new Trojan which has been designed to cheat online poker by a sneak quick look at the cards of infected opponents. According to ESET’s security researcher, Robert Lipovsky, the malware is said to target PokerStars and Full Tilt which are two of the most popular online poker sites.

He has mentioned in his recent blog post that the attackers operate in a simple manner and after the victim has been affected successfully with the Trojan, the culprit then attempt to join the table where the victim tends to be playing with an unfair advantage by getting to know about the cards in their hands.

Malware, Win32/Spy.Odlanor, covers up as a benevolent installer for several general purpose programs like Daemon Tools or mTorrent. Lipovsky has mentioned that people tend to get infected while downloading some other useful application from some unofficial source.

In some instances, it tends to get loaded on to the user’s systems through several poker related programs which comprises of poker player databases as well as poker calculators like Tournament Shark, Smart Buddy, Poker Calculator Pro, Poker Office and much more.

Prowls in Software Created For Better Performance

The tricky malware has been discovered prowling in software created to support poker fans with better performance according to a security firm which discovered it. The software is also said to target other valuable information on a user’s computer like login names as well as passwords.

When a system is infected, the software observes the activity of the PC and operates when a victim has logged in to any of the two poker sites. Thereafter it begins taking screenshots of their activity and the cards they tend to deal with and send the screenshots to the culprits.

Lipovsky mentioned that later on the screenshots can be retrieved by the cheating culprits which reveal not only the hands of the infected opponent but the player ID as well.This according to ESET enables the criminals to search the sites for that play and join in their game. Both the targeted poker sites permit searching for players by their player ID and so the culprit can connect with ease at the table on which they tend to be playing.

Largest Detection of Spywares – Eastern European Countries

With the information gathered with regards to the victim’s hand, it provides significant advantage to the criminal. Lipovsky writes that he is not sure if the attacker tends to play the games manually or in some automated way.ESET have discovered that the Windows malware seem to be prowling in some of the well-known file-sharing applications, PC utilities and many other widely used poker calculators and player databases.

Lipovsky writes that the largest number of detection of spyware has been active for several months where most of the victims were from Eastern European countries. However, the Trojan tends to be a potential threat to any online poker player.

 Most of the victims were from the Czech Republic, Poland and Hungary. ESET had stated that they had discovered various versions of this malware dating back to March 2015. To make matters worse, new versions also tend to contain `general purpose data stealing functions’ with the abilities of siphoning passwords from several web browsers. As of September 16, several hundred users have been infected with Win32/Spy.Odlanor.

Online Shoppers Must Protect Themselves from Cybercrime Theft

High Profile Data Breaks – Cyber Theft

Online shopping can be very comfortable but most of these shoppers are falling prey to cyber criminals as the fraud rates is on the increase. High profile corporate data breaks have been taking place and a number of the country’s huge corporations from retailers like Target to major web presences such as EBay have conveyed instances of cyber theft which has caused thousands of lost consumer records as well as financial data. Cyber-attacks have not only targeted businesses’ assets and reputations but have also progressively exposed their millions of consumers to identity theft.

This has resulted in making online shoppers a bit apprehensive in indulging in shopping online for fear of cyber theft. Shopping online had become quite popular and convenient from the comfort point of view and also to get to know detailed information of the product intended to be purchased. Recent poll conducted by USA Today, indicated that around 24% of online shoppers are taking a pause on their buying habits due to the possibility of identity theft brought on through submission of their details together with credit card information provided online.

Online Fraud – Biggest Challenges for Payment History

Chris Hamilton, chief officer of APCA commented that online fraud tends to be one of the biggest challenges facing the payment history. He stated that somehow some bad guy tends to get hold of the card number with adequate information to pose to be you and purchase something from an online merchant and consumers should deal with merchants which are reputable that you know. When consumers tend to hand over their details online, by phone or through post, the card-not-present fraud rose by 42% in 2014 reaching nearly $300 million and new figures indicated by the Australian Payments and Clearing Association also found that card skimming at the ATMs is far from dead, had gone up by 17% in 2014 reaching a total of $42.1 million.

The report had outlined that the healthcare and education sectors, together with financial institutions, retailers, government bodies and computer software providers seem to be high objects for cybercrime. This issue has become so serious that the payments industry is now proposing in introducing – tokenisation, which substitutes sensitive information, for instance the use of card numbers with tokens which tend to be useless to a fraudster.

Need to Check Bank Statement Frequently 

The report also indicated the $650 billion worth of transactions that were made on Australian payment cards in 2014, were fraudulent by 0.06% and the average fraud debt was $224. Steven Munchenberg, chief executive of Australian Banker’s Association, said that the customers need to check their bank statement frequently to make sure they are not the victim of fraud.

 He further added that banks are equipped with sophisticated systems in place to detect fraud and if customers are innocent victims of fraud, they tend to bear the loss and not the customers. In 2014, frauds through `tap and go’ payments was comparatively stable around $33 million in lost and stolen fraud which went up by only 2%. In all these situations, fraudsters tend to use cards having contactless payment abilities in making transaction below $100 without the need of a four digit Personal Identification Number.

How To Protect Yourself From Online Fraud

Although making purchases online is very convenient, it is only reasonable that some consumers might be reluctant to carry out certain transactions online, particularly when personal or financial information is involved. After all, it was only very recently that Malaysian police took action against a network of online scammers who illegally obtained more than $1 million from their victims in Malaysia and Taiwan.
Still, buying goods online is generally safe, and research carried out by Rakuten showed that 71 per cent of Malaysian online shoppers are satisfied with their purchases. But whether you are buying music, books, cars, or furniture, it pays to keep the following advice in mind in order to protect yourself from online fraud.

Protect your computer

The first thing you can do to reduce the chances of experiencing online fraud is keeping your computer or internet-enabled device up to date with the latest security software. Keep in mind that malicious software can access confidential information you may have stored in your device and make it accessible to hackers. Don't only install an anti-virus, but download any updates and scan your computer regularly. Also, don't rely on anti-virus only, but also install anti-spyware software for enhanced protection.

Protect your accounts with passwords

Don't make things too easy for scammers or hackers and make sure to protect all your accounts (e-mail, social networks, online banking, etc.) with strong passwords. A strong password contains a combination of numbers, uppercase and lowercase letters, and symbols. Moreover, a strong password should have at least 8 characters and not form a complete word or anything that is relatively easy to guess, such as your name or date of birth.

...and protect your passwords too

Password protection software, also known as password managers, can securely store all your passwords (as they should be different for each site) and encrypt them. Should anyone attempt to break into your accounts, this secure software will launch a two-layer authentication process or even fingerprint recognition, so that you and only you have access to your passwords.

How secure is a website?

Before you buy online, check that the website's address starts with 'https' instead of just 'http'. The 's' stands for 'secure' and tells you that the website has implemented trusted security systems. Also, check the website address for a padlock icon, which should be locked. Clicking on that icon will display what is known as a security certificate, so check the certificate to see if the company name that appears matches that of the site.

Managing your payments online

Whenever possible, avoid purchasing goods using a money transfer or any direct banking transaction where your financial details may be exposed. Nowadays, the vast majority of companies use payment gateways which allow the acceptance of PayPal or are linked with a secure payment processor who handles the online transactions. The advantage of using such methods is that the merchant will receive payment without ever having access to your bank details.
Being a victim of online fraud is a valid concern, so don't take chances when it comes to the security of your personal information. Make sure to follow the advice mentioned above and remember that you can never be too careful.
Steve is doing a masters in Visual Merchandising, and is currently studying for a module in online retail. He is trying to develop an app that gives the utmost security and customer experience for shoppers. 

Two factorauthentication to combat Online Fraud

   Telesign is one of the Fast growth tech companies with proven security and fraud prevention tools. Whether an individual or a company; security is the most important one in safeguarding their digital assets. Here comes the Telesign’s two factor authentication technique to fight against online frauds. Telesign’s two factor authentication popularly known as TeleSign 2FA offers additional and critical layer of security that work beyond simple username and password protection. This two factor authentication allows the user to use their phone as an authentication device as well. These simple two factor authentications not only eliminate the cumbersome traditional methods of authentication style but also the huge operating costs. PhoneID Telesign Verify are the other two Telesign’s solutions provide a risk based multilayer fraud defense strategy and by sending the PIN via voice or SMS to the users phone the Telesign authenticate the user in real time when the user enters the website

     Their Intelligent and powerful authentication provides an easy to implement to identifying the user by their phone there by safeguarding their clients against online and fraud and spam using their sophisticated technology. Telesign protects more than two and half billion accounts in more than two hundred countries in the world. Last year they were named as “Visionary in Gartner’s User Authentication Magic Quadrant” and ranked Number 15 on the Deloitte Technology Fast. Most of their client base includes major social networking sites, Online classifieds, Cloud services, payment processors, domain registrants, ecommerce sites and more. They use Rest API, a novel platform which can be easily integrated within the existing websites and they offer extensive support throughout the integration. For more details simply log on to www.telesign.com.