Publications

Spam and online gambling – a surefire loser

Who hasn’t dreamt of Lady Luck smiling on them and bestowing untold wealth without having to make the slightest effort? Sometimes people get so caught up in the excitement of gambling that they fail to realize they are merely throwing away their money instead of winning that coveted fortune. In their view, gambling is not just a way of winning money but also a chance to try their luck, which is sure to change eventually. Isn’t it?

Phenomena in the real world are quick to gain popularity in the virtual world. The various games that involve gambling are no exception: most of them have adapted to the peculiarities of the Internet and successfully established themselves online. However, just like in the real-world gaming industry, popular legal online resources exist side by side with their underground or openly fraudulent versions. The latter make active use of spam to publicize their services, attracting those who want to make easy money. How to resist the temptation and avoid falling into the criminals’ trap when betting on races or playing poker online? Let’s take a closer look at the most common types of gambling fraud linked to spam mailings.

Daylight robbery or an innocent bet?

Given that fraud is rife and the culprits generally go unpunished, why do gamblers from all over the world readily flock to the Internet? Legislation plays an important role when it comes to online casinos. In many countries gambling establishments are either outlawed altogether (e.g. in some Muslim countries such as the United Arab Emirates or Palestine legal casinos simply do not exist), or they are prohibited outside designated gambling zones. Not many people are willing or able to travel to a different country or region to gamble, hence the use of online gambling resources. These websites are predominantly hosted in countries where the gambling business is legal; a casino site that is hosted there will be available to users all over the world. This suits the fraudsters because the victims of phony casinos will find it difficult to find the owners of a website that has already disappeared from the Internet and was registered in a different part of the world.

Spam mailings advertising online casinos are sent in all the major languages used online, but most of it is in English. They generally include short messages, a link to just one web resource (the advertised casino site), and promises of huge wins and bonuses.

01

The fraudulent gambling site is designed so that it grabs the user’s attention, even if he ended up there accidentally. Photos of beautiful croupier girls, bright images of roulette tables, sparkling treasure chests, volcanoes erupting money – all these images are used as bait. But behind the model looks of the croupier girls lurk a bunch of cybercriminals.

02

In order to gain access to the advertised treasures, the user has to download gambling software. No matter where the new arrival clicks on the site, he is prompted to download and launch a .EXE file. It should be noted that this is the most common file format used by cybercriminals to spread malware. In this case, however, the risk is not that great: the main pitfalls for would-be gamblers are still to come.

After the user has readied his computer for his flirt with Fortune, one of the following two scenarios unfolds, and both are profitable for the cybercriminals.

In the first scenario, the user is prompted to play the first game for free, which the user wins no matter what. This comes as a pleasant surprise for the gambler and encourages him to continue. However, before he can start a second game the user has to register at the casino site and pay the subscription fee up front.

The second scenario is more straightforward – a large sum of money is paid into the user’s account immediately after he registers and pays the subscription. However, no one has ever managed to take this money out of the casino, or to get their hands on the money won “completely randomly” in the initial free game.

All this is an elaborate ploy to show how easy it is to win and entice users to make some easy money. However, the gambling site disappears shortly afterwards along with the subscription fee paid by the gullible user, and his “winnings”.

Some may view the subscription fee as insignificant, but the scale of the fraudulent activity needs to be considered: a casino site is created, a large-scale spam-based promotion campaign is immediately launched, and shortly afterwards the site disappears with all the subscription fees paid by users.

How can users tell a fraudulent gambling site from a legitimate one?

  • The main difference is that any legal casino will have an appropriate license. Sites created for carrying out fraud against its visitors do not possess such licenses.
  • A large, reputable online resource would never launch an advertising spam campaign: the damage to its reputation would cost more than the benefits of any new clients.
  • The scam casino is usually created shortly before the spam campaign is launched, and has a short lifespan – typically a year.
  • The fraudsters try not to spend too much money when creating their sites, so they prefer to use cheap domain zones such as NET, BIZ, INFO. Some specific terms (casino, Gold, Palace, ruby) are regularly used in the site names.

If you encounter a casino of this type, we strongly advise you to ignore all the promises of large profits. The chances of actually receiving your winnings or the money you spend at the fraudulent site are next to none.

Lottery: Win without playing

Even if the user does not fall for the online casinos’ bright banners and is not that interested in gambling, danger may still lurk in the form of scam email messages informing the recipient that they have won a lottery. This is a common ploy to trick gullible users into giving away their money. In this case, the main goal of the criminals’ spam message is to entice users to visit a site with promises of a large sum.

There are several types of messages used by the fraudsters.

It may be a fake message imitating an official letter from an organization which does in fact hold prize draws among buyers of lottery tickets or registered users of a certain service. Below is an example of a scam email that was sent using the name of the major US lottery Powerball. The message says that the user’s email address has won $5.5 million. However, like most lotteries, before they can win participants first need to guess the correct numbers. An email address per se cannot win or lose any money. Perhaps the mere mention of such large sums of money is intended to strip recipients of their common sense.

03

The second type of letter is from lottery winners who have won a large sum. These are usually a husband and wife who have no idea of how to spend their windfall and so want to randomly share it with Internet users.

04

There is another similar lottery scam where an email from a so-called member of a lottery committee asks the recipient to collect another person’s winnings after they failed to claim them. These messages are basically a variation of the notorious Nigerian letter.

The fraudsters’ actions are hardly original. The user is told he has to pay some fees to formalize the win or pay for the money transfer before receiving the winnings. Yet another scenario involves handing over a percentage of the lottery win to an unscrupulous member of the lottery committee. That portion is negligible when compared to the promised sum, and a gullible user may fall for the scam. Needless to say, the mysterious benefactor disappears and breaks off any contact after the user sends the requested money; all attempts to contact the organizations named in the scams at their proper addresses will be in vain.

There are several ways of spotting a fake message.

  • The recipient has not registered at the online resource that supposedly sent the message. And/or, the user has not purchased a lottery ticket.
  • The message states that the winners/email addresses were chosen at random, e.g. “Your address was randomly chosen by us on the Internet”, “We are one of the four winners who were selected randomly”, etc. No legitimate organization would randomly contact people with offers to hand over millions of dollars.
  • The From field addresses and any other contact information is clearly not official. Most often the sender and contact addresses are registered with a free email service (Yahoo, Gmail etc.).
  • The user is advised to contact an unofficial (free service) email address in order to receive the alleged lottery winnings.

Horse racing

Email messages devoted to betting on horse racing are another type of fraud that is particularly popular with “gambling” spammers. Horse racing has long been a favorite area for betting scams and other types of fraud. However, cyber space has presented criminals with new opportunities.

Sweepstake-related spam is especially widespread in Japan, but also increasingly present in the US and Russia. Sweepstake and betting fans are invited to visit a website that will supposedly help improve their material standing.

05
Message with an offer to forecast the winners of horse races based on a number of factors (pedigree, weather conditions, etc.)

The first stage of these messages is to grab the recipients’ attention, enticing them to the website which is ready to seduce even a seasoned gambler. Unlike the kinds of gambling listed above, horse racing is strongly affected by external factors (the weather, wind direction, horse pedigrees and even by their mood). The owners of the advertised sites undertake to predict or determine all these parameters, which supposedly will maximize the client’s chances of winning.

In order to receive a detailed prediction, the potential client has to make an advance payment which can be quite a large sum of money. The exact amount varies depending on the quantity and quality of the information about forthcoming races requested by the client.

Quite naturally, the main guarantee given by the online resource is the indemnity or a free prediction provided if the client loses. However, the predictions provided after the money is paid, are well off the mark. The fraudsters do not go to much trouble to find the required information, instead just copying data from on general access websites and sending it to the gullible clients. Needless to say, the tricked clients will not be reimbursed – their complaints will be ignored, while the website in question may cease to exist.

06
An offer to purchase information that will ensure a 93.7% probability of win

Spam doping

A similar fraud scheme exists whereby fraudsters offer to sell information about future results (a “guaranteed winner”) in a fixed sports match. However, this type of offer is plainly illegal in many countries, whereas all above types of fraudulent offers at least pretend to appear legitimate. In the United States, a sportsman risks destroying both his career and reputation in general if he is involved in fixing a result. Europe is also implementing tougher and tougher legislation for those behind such incidents.

07
The fraudsters offer to find out about “100% definite match results” and beat the bookmakers

So, don’t bother taking emails that offer surefire results of upcoming sporting events too seriously. Should you pay for this information, it will most probably end up being dubious, or the “reputable company” behind the offer will disappear as soon as you pay, without telling you the correct result to bet on.

Stretching the law

There’s no doubt that many people are interested in gambling. The adrenaline rush and the chance of winning a large sum often cloud out all common sense. However, a moment of sober reflection is usually enough to realize that these offers sent in spam are simply too good to be true.

If we look at all the examples mentioned above, we will see that the fraudsters are asking the recipients to bend or break the law. Whether it’s a game in an illegal casino, receiving a surprise win in place of a no-show winner, or an attempt to win big by purchasing the results of fixed matches – all these proposals are a matter for you and your conscience.

If you are into gambling but want to rely on luck and not fraudsters to decide if you win or lose, make sure you follow these simple rules.

  • Never register at websites which advertise in spam mailings.
  • Only place bets on reputable sites. Check the Internet for user reviews of the site.
  • Ignore email letters that tell you about the large sums of money you can win by doing nothing, or which you have already won after being selected at random in a lottery.
  • Never participate in projects or deals that you know are illegal.

Long before the Internet, everyone knew that getting into a game with a professional card-sharp would end in them losing their money. As we see, the card-sharps may have modified their methods for the Internet age, but they continue to trick people into parting with their money. What’s the point of risking your money in a game that is always rigged?

Spam and online gambling – a surefire loser

Your email address will not be published. Required fields are marked *

 

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Subscribe to our weekly e-mails

The hottest research right in your inbox