We read about accounts being "hacked" all the time, from celebrity Twitter accounts to customer data at big box retail stores. What does it really mean?
The word hacking may call to mind a shadowy room full of computer nerds and empty cans of Red Bull typing away and trying to steal your credit card number. The reality is different from that. Most user accounts are hacked through simple means. The best news is, all of their tricks are preventable.
So just how safe is your gambling account from intrusion? As with anything, in the case of Web security, knowledge is power. Once you understand how your account can be compromised, you'll be better prepared to secure your bankroll and your future action.
But remember, your gambling bankroll is as safe as you make it.
The purpose of this article is to explain what it means to have a safe gambling bankroll and to outline steps you can take right now to keep it from being accessed illegally in the first place.
For the purpose of this article, when we use the word safe, we mean an account protected from intrusion by someone not given permission to access it.
We're not talking about safety issues related to the rogue practices of gambling websites who maliciously rip off their customers – keeping safe from those predators is a different issue entirely.
When we say safe, we mean your bankroll is accessible by you and only you. If you focus on protecting your online gaming account from any fraudulent access, you'll have protected yourself from what is by far the biggest threat to your chip stack.
If you think of your online account as a safe, then your password is the key that opens the lock. Since locks are the most vulnerable part of any safe, they're the part that safecrackers (or in our case hackers) will manipulate to access your account. Your password is the single most-powerful tool in your fight against account intrusion.
So how could a person get your password? Sure, they could attempt every possible letter combination until they happened across the right one, but that would take an enormous amount of time and effort, more than the $200 in your bankroll is worth. Besides, reputable online sportsbooks and casinos have password protection programs in place that prevent users from attempting more than a few tries.
Most of the time, hackers are gaining access to your account through leaked information from other attacks. It works like this – a hacker somewhere steals all of Walmart.com's user and password information. This data is made available to shady characters online, who then attempt that same password on all your accounts in an attempt to steal from you.
Or it could be a simple matter of trying simple passwords like "Password" in combination with random gambling site accounts until they find one that works.
Tactics like brute force de-encryption, in which a hacker gains access to your computer and forcibly pulls the password from existing data, are a lot more cool to put on television than password-hacking, but they're not really used that often. It's just easier for hackers to connect a stolen password from your Petsmart account to your gaming site account and have instant access.
So what does a good password look like?
For starters, a good password for your online gambling account is totally unique. That means every account you have online should have its own unique password.
It's harder for people to crack or attempt to figure out your password if it is long – I suggest twelve characters at a minimum. This won't matter much if you use the same long unique password on another account and it gets hacked or stolen, but it will prevent easy cracking or decoding.
Avoid using real names of people, places, or things. Using familiar names (people, places, things, etc.) is a bad idea, because if something exists then obviously someone else can find out about it or take a guess at it.
Finally, make life more difficult for password crackers by mixing up letters, numbers, symbols (if available), and capitalization. The more mixed up the various parts of your password, the more difficult it will be for a hacker to replicate it or work it out.
Here's a password that uses all four of the above features: "me5AtRefuZ6H." How did I come up with it? I used this handy random password generator, which allows you to set various features including length and complexity. Set it to twelve characters and use all the bells and whistles, and you've got a password that's practically undiscoverable.
But wait – there's no way I can remember "me5AtRefuZ6H" to type it every time I want to place a sports bet. So let's refine the method a little.
Try using the first letter of each word of a sentence that you CAN remember – "There's no way I can remember this stupid password every single time," alternating upper- and lower-case, is easy to remember and almost impossible to crack. It looks like this: "tNwIcRtSpEsT"
Tons of other methods exist for creating unique and hard to crack passwords. From password randomizers to password managers to apps that reset your passwords according to a pre-set timer, you can really beef your online gaming password security up almost to no end. The above method is free and simple to put to use, if you don't want to bother with downloads and complex security features.
Is creating a good password enough? Not if you want your online bankroll to be totally tamper-proof. Read on for more safety tips.
Protect Your Email Account
Think of your email account as your home address. For all intents and purposes, it is your home on the Web. Once an attacker gets access to your home base, he can read your private email, financial information, and even request and change passwords for bank accounts, social media pages, your personal website, or anything else you do online. Protecting your email account is serious business.
Secure your email account the same way you secure your home. Yes, using a unique and difficult to decipher password (as discussed above) is important, but so is occasionally changing the password and ensuring that no one, not even a friend or close family member, knows how to get into it.
This seems like such a simple way to protect yourself you'd think everyone would already do it.
Imagine your home, your car, your storage shed, your office at work, and your kid's college accounts all used the same lock and key. How secure would you feel? If you lost that key, you'd lose control over your entire life.
It makes sense for people to use the same passwords for different accounts – it makes life easier. But like people who leave their front door unlocked, there is a price to pay for laziness.
Password database leaks are common and dangerous for this very reason. High profile leaks, like those of LinkedIn, eHarmony, and Target are just the tip of the iceberg. Any site that has your password in its database, including Mom & Pop's Nursery with almost zero encryption, can be manipulated to divulge your personal details.
TThe best password in the world won't help if you use it on multiple accounts, since all it takes is a single database leak for crackers to start applying that same combo to your other accounts.
Always use unique password combos.
Malware is anything that's been added to your computer's memory that you didn't put there, usually with the intention of stealing from you or just damaging your machine for the fun of it.
Malware can be attached to otherwise innocent downloads. Not all malware is totally devious – some marketing services use a special form of malware called adware to track your activity and show you ads for products they're shilling.
The worst possible kind of malware, for people with money in online gambling accounts, are key-loggers. These programs run in secret in the deep background of your computer and simply keep a log of every key you touch. The purpose is obvious – someone reads back over the log and finds out things like passwords, usernames, PIN numbers, and other credentials. The data is then broadcast, either to a file for later access or over an Internet connection to a hacker somewhere far away.
How does malware show up? A common problem is outdated versions of add-ons, such as Java. If you don't update your computer's Java settings, a hacker can attach malware through Java applets in a way that wouldn't happen if you had the updated software. Third-party downloads are also common culprits – that album you illegally downloaded may have a piece of code designed to steal your email and password combo.
TThe trick is to shell out the cash for a good antivirus program, update your software constantly, and never download anything that's not from a trustworthy source.
A tactic known as "social engineering" has been used since the dawn of the Internet to steal data. Sometimes called phishing, it's the practice of posing as an authority figure to get people to voluntarily give away their personal information.
You might get an email that looks as though it is from your bank linking you to a legitimate-looking website where you put in your account number, PIN number, and other details. The data you enter is logged and used to transfer your funds.
You might receive a message on Facebook or some social media site from someone that claims to work for the site. They try to convince you that you need to hand over your password or other personal data in order to "authenticate yourself." Older people are generally more susceptible to this kind of tactic, but it happens to people from all walks of life.
You find a site while surfing the Web that offers you something valuable, such as a free game membership or free cash at an online casino. The trick here is that to get your reward you have to share some valuable personal details, usually your email and password.
TThese tricks are easy to avoid – just knowing about them should be enough to make you immune to them.
By far the easiest way for someone to reset your password is to answer the simple security questions required for reset. These questions are pretty weak, such as "In what city were you born?" or "What high school did you graduate from?" This information is incredibly easy to find online. It's no wonder it's easy for bad guys to break in, change your password, and steal your stuff.
You have a few tactics you can use – either give intentional fake answers that you'll remember ("Where did you go to high school?" "Hogwarts", etc.) or choose really tough security questions whose answers you simply haven't told anyone. Choosing a site that requires tough security questions may be your only good approach here.
Many people who claim to have had their accounts hacked have really just been sloppy with their own security. They've either reused passwords, used similar passwords across multiple accounts, or given their account details to someone posing as an authority figure. True "hacking," which involves decryption and brute force code-breaking, is pretty much a Hollywood invention.
But that's good news for those of us concerned about the safety of our online accounts. So long as you avoid malware, the addition of a key logger to your machine, or unintentionally sharing your personal details with a stranger, it's not likely that your security or your funds will be compromised.
The lesson – preparation and proper security measure prevent what the world calls "hacking." Don't depend entirely on the security features of your online casino or sportsbook. Creating and maintaining good passwords makes your account less attractive to the hacker, who'll just move on to the next sucker who used his dog's name as his password.