Dubious casino tips being distributed via spam email


In the last few hours, many people have been receiving minimalistic – presumably spam – emails that unsettle the recipients. The text field contains just a URL – no salutation, no other text. If curious recipients click on the link, they will land on a promotional web page for online casinos.

One of the mass-distributed spam emails The emails in the cases being currently observed are sent exclusively from Yahoo accounts. The presumption is that these are hacked accounts whose contacts are then being sent the spam ema

The website to the heart-rendingly advertised casino tips can no longer be reached via the links. At the time of the investigation it was not primed with malware, so it was only distributing advertising for potential chances of making a profit. However, the attackers could easily change their strategy and start spreading malware to visitors to the website. Below is an extract from the website:

Extract from the website promoting online casinos.

G DATA experts advise against following such supposed tips for guaranteed chances of making money.

The risk:

Fake online casinos, which for legal reasons cannot be based in Germany in most cases, generally demand an initial payment from potential players. In doing so, users often unintentionally disclose valuable bank data or even credit card data and personal information in dubious online gaming sites. A further danger is paying out money in the event of a win, because the payments are often denied for various reasons so both the money paid out and the winnings are lost. In the rarest cases there is a legal element, as both offering and taking part in online poker and casino games has been largely forbidden in Germany since January 2009. Exceptions are twelve licences in Schleswig-Holstein, the online lottery and nationally approved online sports betting. EU law on this subject is said to be unclear in many aspects; hence in many cases online gambling is a matter of luck on several levels.

Tips on handling spam email:

  • An up-to-date, comprehensive security solution for the computer with an integrated spam function will use a filter to protect the PC against such incoming email.
  • Email from unknown senders should be treated with particular caution. If an email looks very strange, here's what to do: ignore it, delete it, but under no circumstances open attachments or click on URLs.
    • Opening file attachments, especially from unknown senders, harbours risks. Attachments should first be scanned with an antivirus program and, if necessary, deleted without being opened.
    • Links in emails should never be clicked on without thinking. Check the URL. Many email programs permit the actual target of the link to be seen by hovering the mouse over the visible link without actually clicking on it – the so-called mouse-over function.
  • If you find out that one of your contacts is sending unusual emails or instant messages, contact them – ideally using a different communication channel than the one via which the suspicious message came.
  • Spam email should never be responded to. All a response does is indicate to the fraudsters that the address they wrote to is actually valid.
  • Never disclose any personal information and/or bank data – either via email or on dubious websites.
  • Never transfer money to an unknown person. Never thoughtlessly publish your own primary email address online, e.g. in forums and guest books, as it can be accessed by fraudsters there. It is useful to enter a secondary address for these purposes.