Customers of online poker rooms on the Winning Poker Network (WPN) were the targets of a phishing scam this week, receiving an e-mail that falsely confirmed a deposit on the network. A link was provided for players to check on the deposit, but that link did not take players to their account, but rather to a file that likely contained malware.
Even though it is the year 2017, there might be people out there who don’t know what a phishing scam is, so we’ll tell you. In a phishing scam, a crook sends an official-seeming e-mail that may, at first glance, look like it came from a business at which the recipient has an account. Frequently, they are disguised as coming from a bank, a popular online store, or a package shipper like FedEx. The e-mail often says there is something amiss with the person’s account or that an order was placed that needed confirmation. A link is then included that looks like it goes to the business’s account login page, but it really goes to a fake site that collects that information for criminal purposes such as identity theft or bank account takeover.
In the case with the fake WPN e-mail, it appears that the link didn’t re-direct to a false site, but rather could potentially download a malicious file on the victim’s computer.
The e-mail was pretty obviously a phishing attempt from the start, but not everybody can recognize these things. There are several tip-offs:
1) The e-mail starts with the greeting “Dear friend.” If this was a real e-mail, the greeting would have the customer’s name in it.
2) Poor spelling, punctuation, and capitalization.
3) It claims the player made a deposit that was “successfully completed.” Most people who received the e-mail never made a deposit that would prompt such an e-mail.
4) The e-mail was allegedly from the Winning Poker Network (the sender’s name was spoofed), but it would be the individual poker room that would send any sort of account e-mail, not the network.
5) When hovering the mouse pointer over the link provided in the e-mail, the real URL could be seen at the bottom of the screen. It was for a .rar file, not for any destination on the network.
That last point is key. If you are ever tempted to click on a link in an e-mail that you aren’t sure about, hover the mouse over it without clicking. The URL will be displayed at the bottom of the screen. If the real URL looks fishy, delete the e-mail immediately.
But even before you get to that point, if you are not sure about the validity of an e-mail, either call the business to check if they sent it or type the site’s URL into your browser and go there directly to check on your account. If there really is an issue as the e-mail warned (or a deposit was made or a package was shipped or whatever), you will see it soon enough when you login to your account directly, WITHOUT clicking on the link in the e-mail.
For its part, the Winning Poker Network found out about the phishing attempt quickly and immediately sent real e-mails to players on the network warning them about it.