There’s been an uptick in unauthorized activity on multiple online sports betting operators recently as fraudsters have secured thousands of ill-begotten gains.
Two sources within the sports betting industry who are not authorized to speak publicly about the issue told Front Office Sports that all the major operators are bracing for more attacks.
There appear to be two main ways scammers are currently going about using betting sites to commit the fraud:
- Scammers find personal and banking information to create an account on one of the betting sites from the dark web and elsewhere.
- Existing betting accounts have been accessed using email addresses and passwords that matched compromised login information on other sites. The phone number for two-factor authentication and password are changed, locking the true owner out of the account.
Using either method, funds disappeared from checking accounts using unauthorized ACH (eCheck) withdrawls — often starting with a small amount followed by bigger withdrawal — until the account is drained.
A DraftKings spokesperson said the company “wasn’t actually hacked.”
“We strongly encourage customers to use unique passwords for DraftKings and all other sites, and we strongly recommend that customers do not share their passwords with anyone, including third party sites for the purposes of tracking betting information on DraftKings and other betting apps,” DraftKing co-founder Paul Liberman said in a statement.
FanDuel sent an email out to customers Monday evening that warned “of a hack impacting some other sports betting websites.”
“Bad actors take advantage of the holiday season to strike when people are busy spending time with their families,” FanDuel said in the email. “Please stay vigilant and immediately report any suspicious activity by contacting FanDuel customer support.”
BetMGM has been among the betting companies who have been in contact with those impacted.
“We are aware of the report and are actively investigating the matter, working closely with our risk, payments and compliance teams,” BetMGM said in a statement to Front Office Sports. “Player safety and security is of utmost importance to us.”
Those impacted have taken to Twitter and Reddit to detail how they were defrauded.
Sources told FOS the common thread in some of the fraud appears to be a payment processor used by many of the online sportsbooks, Global Payments subsidiary VIP Preferred Network.
“Our gaming business has been assisting law enforcement with an investigation into fraudulent accounts set up at unaffiliated third parties using stolen personal information,” Global Payments said in a statement to FOS. “There has been no security breach or fraudulent accounts opened at our gaming business in connection with this investigation.
“The protection of our customers and their clients’ information and funds is our top priority. We have been working closely with these third parties to ensure all impacted individuals receive refunds.”
