| Posted by: GrandMaster at December 18, 2007, 11:11 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by Casinomeister
Let me guess, and when you download the casino software it's from either Vegas Red or Big Dollar casino. This is a big-time evil affiliate spammer who is pretty much out of control.
The spam which has Big Dollar in it downloads Jupiter Club. This is a mistery I have not figured out.
| | Static Link |
| Posted by: liquuid_fusion at December 18, 2007, 3:49 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by shaunm
So far, all of these incidents have related to customers who have had “totesport” or “tote” as part of their email address.
You're stating the obvious. The fact that they has "totesport" or "tote" in their email addresses is the reason they were able to approach you with their complaint. There are probably many more who don't have those words in their email address, but they are none the wiser as to the source of the spam!
| | Static Link |
| Posted by: Casinomeister at December 18, 2007, 2:45 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by jolub
Every day I get spammed by Magic Jackpot Casino. The spam uses several different names but they all point to a site called Magic Jackpot Casino. On MJC's main menu there are many options. Clicking on any and all of them give you the same option, to download their software. Clicking on unscribe in their email takes you to the same page. I have made several rules to send this crap to the deleted folder but nothing seems to work. They change the email just enough so my rules don't apply. I wish I knew what site gave them my name so I could make a withdrawal and stop playing at that site.
The following is taken from their latest spam. Note how casino is spelled.
A new electronic publication from Ca*si*no-World. Announcement Letters.
Let me guess, and when you download the casino software it's from either Vegas Red or Big Dollar casino. This is a big-time evil affiliate spammer who is pretty much out of control.
| | Static Link |
| Posted by: jolub at December 17, 2007, 9:17 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Every day I get spammed by Magic Jackpot Casino. The spam uses several different names but they all point to a site called Magic Jackpot Casino. On MJC's main menu there are many options. Clicking on any and all of them give you the same option, to download their software. Clicking on unscribe in their email takes you to the same page. I have made several rules to send this crap to the deleted folder but nothing seems to work. They change the email just enough so my rules don't apply. I wish I knew what site gave them my name so I could make a withdrawal and stop playing at that site.
The following is taken from their latest spam. Note how casino is spelled.
A new electronic publication from Ca*si*no-World. Announcement Letters.
| | Static Link |
| Posted by: lots0 at December 14, 2007, 8:33 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by shaunm
So far, all of these incidents have related to customers who have had “totesport” or “tote” as part of their email address.
Could be a random word generator set to produce permutations of "totesport" ot "tote" in email addresses.
or
It could be like MichaelBluejay says and only the people with totesport/tote in their email address bothered to report email spam that was advertising totesport.
| | Static Link |
| Posted by: EverestBecky at December 14, 2007, 6:27 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
At the risk of beating a dead horse here, I thought I would put in a quick work on behalf of Everest Poker and Casino. I am sorry it took me so long- I am new over here and wanted to be sure my information was completely accurate before posting. Anyway, I just received the CasinoMeister newsletter and I wanted to compliment Betfred, 32Red and BWin on their responses to this thread and for their overall concern for player security. Here at Everest, player security is also one of our primary responsibilites and we have taken on a multi-faceted approach to ensure our players' accounts and information is safe. Complete security at Everest includes transmission security (all info transmitted between Everest Poker and our players is encrypted using 128-bit SSL), financial security, data security and staff security (access to player account information by Everest Poker staff is strictly controlled. We have a complete audit trail that shows access and data usage to enforce this policy). To iew our security stat... | | Read Entire Entry |
| Posted by: MichaelBluejay at December 14, 2007, 12:46 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Well, I feel like I'm ahead of the curve on this one. I posted about this ery issue a full seven years ago: http://vegasclick.com/online/spam.html
And back when I did casino reviews, whether or not they sent spam to my test address was one of my criteria: http://vegasclick.com/online/casinoreviews.html
I have to suggest that when using a test address, you can't use something as simple as CasinoName@MyDomain.com, because doing so allows a casino to get its competitors in trouble. Let's say you use NastyAssCasino@MyDomain.com at one site. Nasty Ass Casino sees that lots of their players use that exact format. So the addresses they give to spammers are NiceReputableCasino@CustomerDomain1.com, NRC@CustomerDomain2.com, NRC@CustomerDomain3.com, etc. So now it looks like Nice Reputable Casino sold out its players, when that actually wasn't the case. It's not probable that we'd see this particular combination of treachery + too much time on their hands, but it's possible, and when you're m... | | Read Entire Entry |
| Posted by: shaunm at December 14, 2007, 11:02 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
We have been responding to this customers concern directly through email communications to ensure a professional service.
Totesport treat all privacy concerns of customer details ery seriously, and believe this has helped us to develop one of the most trusted names in the UK gambling market. We never pass on customer details to any third party.
With respect to the spam incident reported on this thread, we are confident that there has not been a breach in our security. With a database of over 200,000 registered customers, we have had only a handful of complaints relating to SPAM in 2007. So far, all of these incidents have related to customers who have had “totesport” or “tote” as part of their email address. Although we are unable to fully explain why this is, we believe it could be linked to some sort of “scrapper”. This is further supported by the fact that the customer appears to have received SPAM to all his different email addresses registered... | | Read Entire Entry |
| Posted by: vinylweatherman at December 13, 2007, 11:03 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by 1819
iv'e said it many times...there can be no true security when it comes to online gaming. the biggest breach continues to be the fact that almost all casinos ask for sometime of faxback forum. while the casino may have all your personal info secure, that info is out there for all to see once you fax a credit card number on an overseas phone line. drivers license, front and back of a credit card sent over a nonsecure phone line is begging for trouble.
I have seem many complaints from players who have been asked for documents again and again, even after receipt has been confirmed. This shows a woeful lack of security in this part of the procedure. To have CS keep on losing track of these requested documents is clearly a weak spot in the tight procedures employed once the information is in the databases.
| | Static Link |
| Posted by: GaryWatson at December 13, 2007, 8:48 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
I received some snail mail from Mansion Poker yesterday.
I have never signed up for mansion. Dont intend to due to their pro spamming policy.
Someone has my name, address & details.
The referral code on the disc is UK9928
I cant say im overly concerned but am curious.
| | Static Link |
| Posted by: Mart at December 13, 2007, 7:11 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by lots0
To compromise a network is as easy as renting a botnet for a few hundred dollars (I found a botnet to rent in less than ten minutes of looking). A botnet that already has zombie computers inside most of the major networks and lots and lots of minor ones.
Hmm interesting. What are you counting as a major network? You'd have to compromise the casino's network (and that assumes they've set up mail on a LAN side server), or an ISP's WAN side network. At my ISP no client can see the traffic for any other client, or any post-gateway traffic (including from mail servers). You would have to compromise the routing network (which has no personal machines) to see the traffic before it hits the major routing backbones. And if bots are able to sniff casino email traffic within the casinos' networks then I'd still blame them, because that is still a flaw with their security set up.
To keep a little more on thread, I started to receive large amount... | | Read Entire Entry |
| Posted by: 1819 at December 13, 2007, 6:18 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
iv'e said it many times...there can be no true security when it comes to online gaming. the biggest breach continues to be the fact that almost all casinos ask for sometime of faxback forum. while the casino may have all your personal info secure, that info is out there for all to see once you fax a credit card number on an overseas phone line. drivers license, front and back of a credit card sent over a nonsecure phone line is begging for trouble.
| | Static Link |
| Posted by: lifechooser at December 12, 2007, 10:39 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by Fr05t3d
I can categorically state I have NEVER had any spam to this e-mail address in many years. ....My account is a hotmail account.
Cheers.
Remember that hotmail has a ery good spam filter though.
| | Static Link |
| Posted by: 3Dice at December 12, 2007, 10:19 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Hi All,
With so many things already covered, and iews expressed, perhaps its a good idea to try and distill a little manual that players can use to ensure they minimize the risk of their email address ending up in the wrong hands ..
On the technical side, the users own computer obviously is the weakest link. Technical security is more than a full time job for a casino, and so it is safe to assume that in most cases exploits, bots and trojans are to be found on your own computer .. be sure you stay up to date on antivirus and trojan tools, and check your system regularly ..
It is more difficult for a player to asses whether or not the casino is doing its homework on the technical side, but before signing up at least make sure that the casino's security certificates are up to date, and - cant be repeated enough - search google and cm for specific issues before even touching the download button !
When you do sign up, it is a ery good idea to use a specific email ... | | Read Entire Entry |
| Posted by: Fr05t3d at December 12, 2007, 12:39 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Wow, what an interesting thread.
Pretty much all angles seem to be covered, but I thought I'd contribute.
I've had casino/poker accounts at several places, and always had a separate e-mail address for all of them - that is one e-mail address for all my gambling correspondence, not one per registration.
I've only ever played at sites I consider reputable - high street bookies, well-known brands, long-established online places etc.
I can categorically state I have NEVER had any spam to this e-mail address in many years. Maybe I've just been lucky, but I'm quite security conscious and have always concerned myself with what information I give out etc. I actually have a bank account that I use solely for my online gaming and that has never been compromised. I think it's important to choose where you play ery carefully, obviously, but my experiences give me nothing but confidence that my information has always been kept secure. I have an account at Totesport (as the... | | Read Entire Entry |
| Posted by: lots0 at December 12, 2007, 12:39 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote:
Compromising traffic across the internet is (thankfully) not as easy as installing a packet monitor on your own PC. Doing so will allow you (or somebody else) to monitor the data coming to and leaving your PC, but to monitor traffic on another network, you need to compromise part of that network.
To compromise a network is as easy as renting a botnet for a few hundred dollars (I found a botnet to rent in less than ten minutes of looking). A botnet that already has zombie computers inside most of the major networks and lots and lots of minor ones.
| | Static Link |
| Posted by: Casino Action at December 12, 2007, 12:15 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
I would just like to reiterate my colleagues' statements on player security. Any reputable casino should treat their player's privately registered details as sacrosanct.
Aside from entertainment, online casino operators — moreso even than brick-and-mortar casinos — are in the business of selling trust. Without that trust, and given the quality of the competition, any online casino operator will not have players and will not be long in business. To iolate that trust for the sake of whatever reward you receive for, say, selling on player email addresses, is suicidal — especially given that it's so easy for players to work out if you're doing it (many of our players, for example, use lifechooser's method when registering their email addresses), and disseminate that information! (Props to the Meister for this forum!)
As I assume is the case at all eCogra-certified casinos, our player banking details are available only to security-reviewed staff members, and no-one can access player pas... | | Read Entire Entry |
| Posted by: lots0 at December 12, 2007, 12:14 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote:
Well, it may be possible to run it from anywhere, but first it must have had an input feed grafted onto part of the network being monitored, and this is what the article mentioned. There has to be a security breach to install this "bug" for it to send copies of the traffic to a "botnet" for analysis.
The botnet is the security breach.
The botnet or rather the zombie computers in the botnet are what gathers the information, not what analyzes it.
A zombie(a compromised computer that is part of the botnet) that is on any network with a packet sniffer installed is all you need, real simple stuff for any half assed spammer. At last estimate, there were at least one million zombies(security compromised computers) out there that are part of botnets.
Well enough of email spamming 101. For more info see THIS
My point is (and has been) that you are much more likely to get email spam from either a random name generator or a packet sniff... | | Read Entire Entry |
| Posted by: GrandMaster at December 12, 2007, 12:11 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by path
We do not store credit card numbers or the 3 digit security code that is contained on the reverse of the card. We have the ability to access full card numbers and this access is strictly controlled and limited to senior members of staff. Those employees, who do have access, have been erified through a number of means which do include background checks with the police. The majority of our employees are only able to iew the last four digits of a card number, with this being necessary to being able to perform certain financial transactions. The back office system that we use does not allow employees to see multiple instances of accounts, does not allow employees to export information into other files and prevents details from being printed. We run regular audits so as to ensure we know who is accessing what data and for what purpose.
...
In respect of the use of personal information, including email addresses, we adhere to our Pri... | | Read Entire Entry |
| Posted by: vinylweatherman at December 11, 2007, 11:10 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by lifechooser
I've answered both of those points before.
Hotmail is different, as so many people use the hotmail domain, it's worth spamming every permutation of name @hotmail.com as most of them will turn out to be alid addresses. This isn't the case with my own domain.
Also, when I named names, I gave the names of all the senders of the spam too. Since then I've had one to totesport from 'spin palace' (though the link points to http://www.bigspinwinners158.com/1/a320623/index.asp).
Here's some partial headers;
Totesport #3;
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=vivayouarelucky.com;
b=H7yLbS4SOk6eBRm/hCJNdMiA3dzeuIuFI5O4Z268ProsLjcN3OXBwGpQ87l5agCi7w enSLcsbcb1i7f8JwD9jQ==;
Received: from mx56.vivayouarelucky.com [216.10.15.56] by ivayouarelucky.com [216.10.15.56];
Mon, 10 Dec 2007 14:02:56 EST
----... | | Read Entire Entry |
| Posted by: JSM_Jason at December 11, 2007, 10:41 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
As the affiliate and marketing manager for Paradise 8 and Cocoa Casino I’d just like to reiterate what John has said here regarding the security of Rival casinos.
The back-end of the casinos was developed specifically with security in mind. It seems to have been designed to work on a need-to-know philosophy. Employee back end accesses are restricted to assure that no one has access to information they do not need to do their job. The accounting department can only iew limited info relating to their area, the art department has access limited to only relevant areas (banner and graphic uploading etc.) the affiliate manager only has access to affiliate related information and so on. This type of structure adds an extra level of security and prevents any one person from having complete information access. This also keeps the number of staff who has access to player info to a minimum and restricts it to a handful of top employees.
Aside from this compartmentalized back-end structure of t... | | Read Entire Entry |
| Posted by: Mousey at December 11, 2007, 9:30 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
My goodness! I've never seen so many casino reps posting in one thread! I feel as if I should fry up a fresh chicken, bake an apple pie, and put on my good Sunday dress .
I would like to thank you one and all for taking the time to come here and inform players regarding your security measures.
I will reread the comment more thoroughly. I have a question or two, I think.
Happy Holidays, reps! And thanks for being on call for us here at Casinomeister.
| | Static Link |
| Posted by: thisisvegas at December 11, 2007, 8:25 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
I can echo a lot of the comments made by other operators. Being the manager at www.thisisvegas.com using RivalPowered software I can tell you what we do. It is practically impossible for me to generate a report to collect players' data and to sell it off to someone else including the email list. Rival designed their software with this in mind to prevent any operator from doing this or even having an employee copying and selling data. Regarding any financial transaction I can't even pull up any relevant data, I only have transaction codes which I can match up with the specific payment processor. I can't see a player's password but I can have it reset for them and it's emailed to them without myself knowing it.
I understand the concerns of players since I have been and still do gamble online myself. I personally believe that if you stick with some reputable sites that the most you have to worry about is spam and no worries about your personal data being stolen or sold. I don't like spam myself ... | | Read Entire Entry |
| Posted by: Virgin Ace at December 11, 2007, 6:26 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
The safety, privacy and security of player information is a top priority at Virgin Casino. I would like to take this opportunity throw a little light onto how Virgin Casino stores player information and the lengths we go to ensure that all customer data is kept secure and private.
Banking information is encrypted and all employees (with the exception of the payment processing team) can only see what payment method a customer uses to transact and the last 4 digits of a card number. We impose strict controls to ensure data privacy and ensure we have an audit history of any changes made to accounts. Virgin Casino is licensed in Alderney and no employee has access to players’ passwords for the site.
Access to any player information that may be used for marketing (when a customer has opted in to receiving promotional information) is also restricted to staff who work in marketing teams that need access to this data. We follow data protection legislation and ask customers to opt in to mar... | | Read Entire Entry |
| Posted by: bwin at December 11, 2007, 3:56 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
hello
as a sportsbook and gaming operator licensed in Gibraltar, bwin is not only limited to it's own restrictive policies, but also to regulatory rules. we assure the safety of customers data by splitting data into different subsystems, restricting access to the specific subsystems to authorized people only and by tracking and reviewing all accesses and changes constantly. it is in our own interest NOT to share customer data with anybody outside bwin at all - and within the company only the absolute necessary amount of personal data is shared among people who need it for their daily work (e.g. customer service) and these people and their system accesses are logged and reviewed constantly.
bwin Casino will also never buy and abuse email adresses or other personal data - we are ery ery restrictive on that. we are a reputable operator and we will never send promotional emails to anyone whithout having the receipients permission - and we will never share customer details with anyone outside... | | Read Entire Entry |
| Posted by: bellerock at December 11, 2007, 2:44 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
At Carmen Media Group the security of customer data is of utmost importance and we adhere to the requirements of the Gibraltar Regulatory Authority and eCOGRA in this regard.
All banking details are encrypted and are not accessible to staff members unless at the highest level and only after in depth security reviews. Most of our staff will only ever see the last four digits of a card/account number. None of our staff can see your password.
As part of our regulatory requirements we have to provide the results of independent penetration tests carried out on our networks and systems, thus identifying and closing any weaknesses that could be exploited by hackers. These tests are carried out on an annual basis.
As with all other operators the biggest risk is from dishonest employees. We have many audit trails that allow us to monitor activity in and around our databases, as well as restrictions on the accessibility of certain reports and lists to specific staff members. We also res... | | Read Entire Entry |
| Posted by: path at December 11, 2007, 2:00 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
We at 32Red ask for a lot of information from our players and it is only right that our players in turn know that this information is maintained securely and without fear of compromise.
Firstly, let me deal with information that we hold in respect of a players’ financial accounts.
We do not store credit card numbers or the 3 digit security code that is contained on the reverse of the card. We have the ability to access full card numbers and this access is strictly controlled and limited to senior members of staff. Those employees, who do have access, have been erified through a number of means which do include background checks with the police. The majority of our employees are only able to iew the last four digits of a card number, with this being necessary to being able to perform certain financial transactions. The back office system that we use does not allow employees to see multiple instances of accounts, does not allow employees to export information into other files and prevents ... | | Read Entire Entry |
| Posted by: Eurolinx Lydia at December 11, 2007, 1:26 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by USA2112
For those approaching the casinos with these email list is the casino staff taking any actions to report or have them blacklisted in anyway, if not, they should be and in the long run would help everyone. The player has no control over this happening and the only thing we can do is to filter the emails, but this does not solve the problem.
So far, we have just been marking the e-mails as Spam and deleting them. I'll check with our e-mail guys today to see what else we can do with them.
As reputable casinos, what we can do about this problem long-term is ensure our player lists stay on our databases and no stolen lists get purchased. As players, you can do exactly what you all are doing in this thread; exposing those casinos who have iolated their players' privacy rights.
| | Static Link |
| Posted by: USA2112 at December 11, 2007, 1:12 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by Eurolinx Lydia
Selling e-mail addresses happens. We get approached about once a month from someone with a list of e-mail addresses, physical addresses, or both. I'm sure we would get a lot more offers if we ever bought a list, but we haven't (and won't).
For those approaching the casinos with these email list is the casino staff taking any actions to report or have them blacklisted in anyway, if not, they should be and in the long run would help everyone. The player has no control over this happening and the only thing we can do is to filter the emails, but this does not solve the problem.
| | Static Link |
| Posted by: Betfred at December 11, 2007, 12:45 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
As with any reputable casino and sportsbook, the players’ security is paramount. Here at Betfred access to the database is strictly limited to management. The support team do have access to personal details in order to assist players effectively but they are also monitored by the shift supervisor and would be unable to make any copy of said information without raising suspicion.
Banking details are kept on a separate database and even I as part of the casino management team would not be able to access such information without an extremely alid reason and then not without the most senior level approval.
An added level of security is that every action taken by ANY staff member is recorded at some level. We can monitor all changes and requests on the database and exactly who they have been requested by. This is a great deterrent to any would-be data thief.
All player passwords are hidden from all staff here and a member of our team should never ask for it (I would certainly... | | Read Entire Entry |
| Posted by: lifechooser at December 11, 2007, 12:45 pm | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Quote: Originally Posted by Casinomeister
Thanks! Were the casino URLs aff links? Please post these.
You can post those here and deselect "Automatically make website links clickable" so that no one can click through.
I've provided as much as I know about the links. Where the casino name and links don't match, I've provided the link name, e.g. when 'spin palace' spam actually used the url http://www.bigspinwinners158.com/1/a320623/index.asp.
Others I've mentioned;
superpalacegold.com (actual url)
Gold VIP Club Casinos (http://mLink.org/55322)
http://www.bigota.net/ and http://www.bluesb.net/ (Both actual urls)
| | Static Link |
| Posted by: PurpleZelda at December 11, 2007, 11:58 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Player security is extremely important to Purple Lounge and we have similar security measures in place as those mentioned by Lydia. Our team is dedicated to providing the best service for its players, which includes safeguarding all their details.
As previously mentioned, it would be crazy, not to mention illegal for a Casino to sell player information. All our staff are thoroughly etted and must provide numerous references, which are all carefully checked. The Purple Lounge team is committed to ensuring all player information remains protected.
Kind regards
Zelda
| | Static Link |
| Posted by: Mario at December 11, 2007, 11:34 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Hallo there,
Hope everyone is well.
The same goes for PlayShare and almost all Microgaming casinos that is stamped and approved by eCogra.
Player’s information should be and is the utmost importance at PlayShare and all there affiliated casinos.
We are being audited by eCogra seeing that we are in the process of acquiring their stamp of approval and clearly by their guidelines and practices accepting or even undergoing such devious practices such as buying mailing list is just above me.
Why would a reputable casino have to fall so low in order to acquire a player?
Your personal information should be and must be number one priority as without having secure and well maintained systems and security practices the online casino industry will not be able to survive.
Again at all times your information is safe with us.
Best regards
Mario
| | Static Link |
| Posted by: Eurolinx Lydia at December 11, 2007, 11:04 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
Hi all,
Casinomeister was just good enough to alert all of us Casino Reps to this thread so that we could contribute a bit from this side of the fence.
Selling e-mail addresses happens. We get approached about once a month from someone with a list of e-mail addresses, physical addresses, or both. I'm sure we would get a lot more offers if we ever bought a list, but we haven't (and won't).
Your e-mail address, physical address, and phone number are all available to just about everyone on staff. They have to be in order for you to get good customer service. There are ways to prevent a staff member from being able to produce a list from that information, though. With us, you can only make a list if you have access to the database, which ery few people do. You could request a list from someone with access, but in order to receive it, the request has to go through a senior member of management. It seems like a lot of red tape, but it is there for your protection.
O... | | Read Entire Entry |
| Posted by: lifechooser at December 11, 2007, 10:38 am | | Topic: Account security concerns at multiple casinos Forum: Casino Meister |
I've answered both of those points before.
Hotmail is different, as so many people use the hotmail domain, it's worth spamming every permutation of name @hotmail.com as most of them will turn out to be alid addresses. This isn't the case with my own domain.
Also, when I named names, I gave the names of all the senders of the spam too. Since then I've had one to totesport from 'spin palace' (though the link points to http://www.bigspinwinners158.com/1/a320623/index.asp).
Here's some partial headers;
Totesport #3;
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple;
s=s512; d=vivayouarelucky.com;
b=H7yLbS4SOk6eBRm/hCJNdMiA3dzeuIuFI5O4Z268ProsLjcN3OXBwGpQ87l5agCi7w enSLcsbcb1i7f8JwD9jQ==;
Received: from mx56.vivayouarelucky.com [216.10.15.56] by ivayouarelucky.com [216.10.15.56];
Mon, 10 Dec 2007 14:02:56 EST
-------
Totesport #2;
DKIM-Signature: =1; a=rsa-sh... | | Read Entire Entry |
|