WARNING - Betfair account hacked / fraud

News & Chat about Betfair.
Post Reply
User avatar
to75ne
Posts: 1697
Joined: Wed Apr 22, 2009 5:37 pm

Thu Sep 15, 2011 1:39 pm

Just logged into ba and my account balance was zero. I have not traded since last monday and as I was not going to trade again till today, as usual I withdraw the bulk of the money and just left the odd amount (in this case 30 odd quid).

I was writing a spread sheet and tested it on the last couple of dog races last night swindon 21:40 ish and the next Romford race about 15 minutes later with £2 stakes. . sheet worked fine so logged out about 21:45 or so.

Logged into ba about 1 ish today and account balance zero.

Logged into betfair site account balance £0.22p

Betfair confirmed what my balance was when I logged out last night, and they say they my account balance was moved to their casino at 11.16 today (I have never been to betfair casino or placed a bet there).

My account as now been suspended whilst their fraud department look into this matter.

If anyone keeps large amounts in their account please consider withdrawing the bulk after every session and re-depositing at the start of their next session because if my account as been hacked/compromised, then I can only assume anyone’s can be. I change my password regularly and use a strong randomly generated one.

lucky I only left a small amount in there.

Talkbet
Posts: 65
Joined: Tue Apr 26, 2011 6:35 am

Thu Sep 15, 2011 2:10 pm

Ouch, sorry to hear that. Check your PC asap in case it has some logging software on it that has captured your BF username and password.

Keep us posted on the outcome. If you can still login (presumably you cant though), you can see the IP addresses of recent logins under My Account.

freddy
Posts: 1132
Joined: Sun Aug 01, 2010 8:22 pm

Thu Sep 15, 2011 2:50 pm

Im not really suprised to be honest
Betfair's security is still in the dark ages.

Needs to improve badly imo :(
hope betfair do the decent thing but i doubt it.

User avatar
Euler
Posts: 14697
Joined: Wed Nov 10, 2010 1:39 pm
Location: Bet Angel HQ
Contact:

Thu Sep 15, 2011 3:04 pm

I also think Betfair's security is a bit lax. I think you can exclude yourself from the casino and games though, so I suggest everybody do that as I guess most BA users are not daft enough to think they can get an edge on those parts of the Betfair site.

User avatar
to75ne
Posts: 1697
Joined: Wed Apr 22, 2009 5:37 pm

Thu Sep 15, 2011 3:33 pm

betfair got back about ½ an hour ago. they confirmed that my account was logged into from a different ip address than normal.

they/it placed bets in the order or 0.25p on various casino” games”.

they are still investigating so account still suspended and likely to be for a couple of days. they will reimburse my 35 quid or so as i have never used their casino (or any other for that matter) but, if it had been the normal exchange they would not have.

lucky really only a nose bleed, could have been a haemorrhage if i was not in the habit of emptying my account regularly.

i’ve run malebytes and hi jack this, and all seems to be ok. but im quite “nervous” about what may be lurking in the guts of my machine, so i have started moving important stuff onto dvd and intend to reformat the hard drive and reinstall windows, as i now have a couple of days free from trading, plus it will clear all of the junk its managed to collect.

i assumed that the casino was a separate entity from the exchange obviously i am wrong. when the betfair security fella rings back later today/tomorrow i will request my account is permanently excluded from the casino, thanks euler sound advice. and i hope everyone does the same.

User avatar
LeTiss
Posts: 3900
Joined: Fri May 08, 2009 6:04 pm

Thu Sep 15, 2011 6:57 pm

How do you exclude the Casino from your account?
I don't see any tick box option for this.

BF's security scares the pants off me!

I've just looked on my security section, it gives 3 different IP addresses for me logging on over the past 2 days. Not sure how that is, I've logged on from the same home address with the same laptop!

Ferru123
Posts: 6725
Joined: Fri Dec 11, 2009 10:51 pm

Thu Sep 15, 2011 7:20 pm

The security is pretty terrible.

Why can't Betfair require that withdrawls be confirmed by clicking on a link in an automated email?

That way, for a hacker to withdraw your funds, they'd also need to know your email password.

It's not rocket science... :?

Jeff

User avatar
to75ne
Posts: 1697
Joined: Wed Apr 22, 2009 5:37 pm

Thu Sep 15, 2011 8:26 pm

i have just reformatted and reinstalled windows. machine boots up in no time now, mind you i only have firefox loaded at the moment.

does anyone remember/know what version of netframework ba needs?

la tiss i suggest in the light of what happened to me, perhaps you should bring the 3 different ip addresses to befairs attention.

jeff, how would they deposit any money into an account other than mine? the one that i have registered. could that be possable?

Ferru123
Posts: 6725
Joined: Fri Dec 11, 2009 10:51 pm

Thu Sep 15, 2011 8:30 pm

Would it not simply be the case of registering a new card and withdrawing the funds to that card?

As they can log into your account, then they can find out your address, dob, etc, so it would be easy enough for them to ring up Betfair and pretend to be you if it's not possible for them to do it online.

Jeff

PS In light of the above, why not ring up Betfair and give them a telephone password, with instructions only to discuss your account with you in future when you've given them the password?
to75ne wrote: jeff, how would they deposit any money into an account other than mine? the one that i have registered. could that be possable?

User avatar
to75ne
Posts: 1697
Joined: Wed Apr 22, 2009 5:37 pm

Thu Sep 15, 2011 8:36 pm

jeff never thought of that. i only have one registered, cant remember how to register an account its been yaers since i joined and have used the same account from the begining. i suppose it would be quite straight forward. quite scary really.

think i will cahnge all my online passwords, email, amazon etc etc, just to be on the safe side, if thats possable :lol:

Post Reply
  • Information
  • Who is online

    Users browsing this forum: No registered users and 2 guests