Posted on: May 11, 2023, 04:02h.
Last updated on: May 11, 2023, 04:21h.
PointsBet’s US division on Thursday temporarily halted emails to customers after an unidentified third-party messaged clients, plying them with a cryptocurrency giveaway.
The email, which customers received around 11 a.m. Eastern time today, had the earmarks of what’s known as a phishing scam. In a phishing scheme, culprits use bait — in this case, the promise of free crypto — to lure unwitting email recipients.
It’s easy to understand how some PointsBet customers may have fallen for the rouse. The email in question came from a PointsBet domain and was identified as a message from the gaming company’s customer relations department. Still, there were obvious signs it wasn’t legitimate. Those included the use of the word “urgent,” grammatical errors, and the promise that if clients replied and sent crypto to the perpetrators, their crypto accounts, not their PointsBet accounts, would double in value.
In the US, state regulators don’t allow sportsbook operators to transact in crypto, nor can bettors fund accounts or withdraw proceeds in digital currencies.
PointsBet Says Sensitive Data Wasn’t Breached
In a follow-up tweet, PointsBet said it had rectified the matter and that sensitive client data, including email addresses and financial account information, wasn’t accessed by the scammers.
Thank you for your patience as we quickly resolved an issue related to a phishing attempt this morning. PointsBet would like to apologize for any inconvenience this may have caused to customers,” according to the gaming company’s tweet. “We can confirm this was a phishing attempt made to our mailing list and the 3rd party did not have visibility of individual email addresses. There was no breach of core player account management or internal systems.”
While the US sports wagering industry is barely five years removed from the Supreme Court ruling on the Professional and Amateur Sports Protection Act (PASPA), like any other business that relies on technology and mobile devices, it’s vulnerable to cyber breaches like those that have played out in recent years.
For example, last December, BetMGM confirmed its online platform suffered a data breach in May 2022. A November 2022 hack resulted in the theft of about $300K in funds from 68K DraftKings client accounts.
Probably Coincidence, But …
The timing of the attempted phishing scheme on the PointsBet platform is interesting, to say the least. The crime was attempted as the Australia-based company is said to be in advanced discussions to sell its US business.
On Wednesday, PointsBet USA CEO Johnny Aitken canceled his appearance at an industry conference, stoking speculation that he made that move because takeover talks are intensifying. Rumors are flying that Fanatics is close to making an offer for PointsBet’s North American operations, but neither company has publicly commented on that matter.
In North America, PointsBet offers mobile sports wagering in Ontario, Canada, and is live in Colorado, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, New Jersey, New York, Ohio, Pennsylvania, Virginia, and West Virginia.
Credit: Source link