Just a quick heads up.
If you have linked accounts, let’s say one you use for trading and one for poker. If you exclude poker from one, it will be excluded from both.
So if you are a poker player its best to put a limit on it instead of excluding.
When excluding, double and triple check that you’re not excluding from the exchange. I have read stories about people who have excluded themselves in error. If this happens, you will not be able to trade for a least 6months "may be longer".
WARNING - Betfair account hacked / fraud
-
CaerMyrddin
- Posts: 1271
- Joined: Mon Sep 07, 2009 10:47 am
Thanks for the tip, I've excluded myself from all those crappy games. Of course a pissed hacker can blow the whole bank on some crazy bet, but it can always win 
Here are my suggestions for immproved security:
(1) That Betfair make a pledge to repay all funds lost as a result of fraud. This is no different to what banks and credit card companies already do.
(2) That Betfair implement a 'locker wallet' purely for storing funds. Funds cannot be transferred out of the wallet without entering a 'challenge code' sent to your mobile phone. This would involve only a slight change to the Australian wallet, which is already intially locked for withdrawals until the KYC checks are done.
3) That Betfair also allow people to opt-in to an optional extra security level, where every new session requires entering the 'challenge code' sent to your mobile phone for any transactions, and the session times-out after a certain period.
Really quite simple, and not such a big change from what is already done.
(1) That Betfair make a pledge to repay all funds lost as a result of fraud. This is no different to what banks and credit card companies already do.
(2) That Betfair implement a 'locker wallet' purely for storing funds. Funds cannot be transferred out of the wallet without entering a 'challenge code' sent to your mobile phone. This would involve only a slight change to the Australian wallet, which is already intially locked for withdrawals until the KYC checks are done.
3) That Betfair also allow people to opt-in to an optional extra security level, where every new session requires entering the 'challenge code' sent to your mobile phone for any transactions, and the session times-out after a certain period.
Really quite simple, and not such a big change from what is already done.
Looks like Betfair are going to improve security.
http://community.betfair.com/general_be ... ember-2011
http://community.betfair.com/general_be ... ember-2011
Someone got into my account last weekend. I had excluded myself from everything apart from the sportsbook. Whoever it was bet my entire bank on a basketball game at 3 in the morning - fortunately the bet won at 1.1. They then withdrew the 'winnings' via a moneybookers account they'd added, though they left the rest of the bank untouched. Fortunately I noticed and betfair reversed the withdrawl (I got to keep the 'winnings' but if the bet had lost of course I wouldn't have been refunded) and they sorted me out a new account etc.
The troubling thing is that I really can't be sure if I was the source of the leak. It is possible but I haven't found any key logging stuff on my PC. I change my password relatively regularly. Since this happened a couple of other people who heard about it have told me similar things have happened to them. Having said that, the timing of the attempted withdrawl leads me to believe that they weren't too familiar with how the betfair withdrawl process works (without wanting to give too much info for anyone who might be reading.)
The only way I can think that betfair can combat this sort of thing completely is to allow an option whereby you can exclude yourself from the entire site until a time of your choice, so that you don't wake up to any nasty surprises. I'm doing this by phone now, but an option on the website would surely be easy to implement.
The troubling thing is that I really can't be sure if I was the source of the leak. It is possible but I haven't found any key logging stuff on my PC. I change my password relatively regularly. Since this happened a couple of other people who heard about it have told me similar things have happened to them. Having said that, the timing of the attempted withdrawl leads me to believe that they weren't too familiar with how the betfair withdrawl process works (without wanting to give too much info for anyone who might be reading.)
The only way I can think that betfair can combat this sort of thing completely is to allow an option whereby you can exclude yourself from the entire site until a time of your choice, so that you don't wake up to any nasty surprises. I'm doing this by phone now, but an option on the website would surely be easy to implement.
im sorry to hear that this as happened to you as well. good that you have not lost any money though.
can i suggest that you find the time to re-formate, and reload windows, ba and anything else you need on the machine that you trade with. just in case there is something nasty on your machine that is allowing these thieving scumbags to rob you.
its seems that the speed these bastards can break security systems, exploit weak code etc, is quicker than the various anti virus manufacturers and microsoft can find them and cure them.
can i suggest that you find the time to re-formate, and reload windows, ba and anything else you need on the machine that you trade with. just in case there is something nasty on your machine that is allowing these thieving scumbags to rob you.
its seems that the speed these bastards can break security systems, exploit weak code etc, is quicker than the various anti virus manufacturers and microsoft can find them and cure them.
I'm starting to worry that there is an internal issue at Betfair, not necessarily fraud by an inidividual, though that's a possible, but maybe a loophole or error that is causing these incidents. I don't like the way Betfair wash their hands of these incidents and blame the customer and make them liable.
Betfair should definately beef up security.
Betfair should definately beef up security.
I think that is almost certainly the case.Euler wrote:I'm starting to worry that there is an internal issue at Betfair, not necessarily fraud by an inidividual, though that's a possible, but maybe a loophole or error that is causing these incidents.
There seems to be a lack of urgency by their fraud team to investigate these matters, they're more interested in PC avoidance. I think if they tackled this subject correctly, they would find the source.
I'm convinced the source is an individual, a BF employee, or a former one. Somebody who knows how their systems work and how to exploit them
These stories happen all too often, and as I've said before, I believe this problem lies with Betfair's security, not the users'.
If NASA, Sony, and the CIA systems can be hacked, then do we really think it'd be that hard to believe that someone has found a flaw with the Betfair systems? The amount of bugs I've come across on their site is ridiculous. A security flaw would really not surprise me. Earlier in this thread I posted some simple precautions, one of which we know they do not implement (HTTPS encrypted web requests).
Betfair have acknowledged being hacked once before (albeit, their admittance was somewhat late). The chances of them being hacked again, or already having been? Very likely. To the hackers, these people are like a bank - and banks are always being targetted. The reason is obvious: these sites hold money.
Until these security issues are investigated, these problems will continue. In my opinion, they will never be investigated (and thus fixed), as long as Betfair continue to blame their customers for the issues.
If NASA, Sony, and the CIA systems can be hacked, then do we really think it'd be that hard to believe that someone has found a flaw with the Betfair systems? The amount of bugs I've come across on their site is ridiculous. A security flaw would really not surprise me. Earlier in this thread I posted some simple precautions, one of which we know they do not implement (HTTPS encrypted web requests).
Betfair have acknowledged being hacked once before (albeit, their admittance was somewhat late). The chances of them being hacked again, or already having been? Very likely. To the hackers, these people are like a bank - and banks are always being targetted. The reason is obvious: these sites hold money.
Until these security issues are investigated, these problems will continue. In my opinion, they will never be investigated (and thus fixed), as long as Betfair continue to blame their customers for the issues.
I've been given a brand new account so I can't check that now, though from memory I think I remember seeing
a strange IP address. Tbh I wasnt taking notes as soon as I found there was a problem I rang betfair to suspend the account. Whoever it was changed the registered email to theirs, which would only alert me to it (if I'd checked my email) so like I said before I can't imagine they are someone that work within betfair or have any great knowledge of how the website works
a strange IP address. Tbh I wasnt taking notes as soon as I found there was a problem I rang betfair to suspend the account. Whoever it was changed the registered email to theirs, which would only alert me to it (if I'd checked my email) so like I said before I can't imagine they are someone that work within betfair or have any great knowledge of how the website works
The best souloution is if you want to trade with a £5000 bank work out your maximum liability say 20% pre race markets and leave say £1200 in Betfair and the other £3800 on a deposit card you use with BF and top it up every time you have a bad drawdown or withdraw to your card when in profit, at least your not keeping a big attractive balance for hackershgodden wrote:I've been given a brand new account so I can't check that now, though from memory I think I remember seeing
a strange IP address. Tbh I wasnt taking notes as soon as I found there was a problem I rang betfair to suspend the account. Whoever it was changed the registered email to theirs, which would only alert me to it (if I'd checked my email) so like I said before I can't imagine they are someone that work within betfair or have any great knowledge of how the website works