Monday, March 24, 2008

Beware! Full Tilt Fraud Attempt

Someone tried to scam me by spoofing Full Tilt's e-mail address and asking me to download a "Full Tilt Security Update."

This e-mail was a fraud, confirmed by the real Full Tilt support staff. Fortunately, I didn't fall for it, but I bet some people will.

Here is Full Tilt's response:

Hello XXXXX,

Thank you for contacting Full Tilt Poker Security.

The email you received is not from Full Tilt Poker as it has been
determined that it is a hoax.

It appears that they spoofed our email address
"support@fulltiltpoker.com" in an attempt to obtain your account
information.

Please note that we will never ask for your password or ask you to
download a third party links. Any updates for Full Tilt Poker will be
done directly from the game client.

We are pleased that you have not downloaded the link in question as this
may have caused serious computer and account problems.

At this time we request that you change your password.

Once your password is changed, your account will be properly protected
and you should not have any further issues regarding this.
_____

For future reference, there are several ways to protect yourself and
keep your account secure:

1) Never share your password with anyone, not even family or friends.
Treat your password like your bank card PIN, and keep it top secret.

2) Use a complex password. Ideally your password should include at least
8 alphanumeric symbols. For example, "po_k3R-One" is a stronger password
than "poker1".

3) If you decide to use the "Remember Password" feature, be cautious
when allowing others to access your computer. Family and friends may log
in and play without realizing your account contains real money.

4) Regularly scan your computer for viruses and spyware to ensure there
are no harmful programs on your computer that could capture your
password.

While these precautions cannot completely guarantee the protection of
your Full Tilt Poker account and computer, they will improve your
account and computer security.

If you would like to change your account password to make it more
secure, just follow these four steps:

1) Log in to your Full Tilt Poker account.
2) Select "Account" from the top menu bar.
3) Select "Change Password".
4) Enter your current and new password and press "OK".

For other ways to protect you online at Full Tilt Poker, please visit:
http://www.fulltiltpoker.com/identityProtection.php

Thanks in advance for your cooperation. If you have any other questions,
please feel free to email us. We're always here to help.

Regards,

Sean H
Security and Fraud
Full Tilt Poker

----------------------------------------------------------------------
Please remember never to give out your password or enter
account details over the Internet. Full Tilt Poker staff will
never ask you for your password. For your security, always
keep this information a secret.

Learn, Chat, and Play with the Pros at Full Tilt Poker
----------------------------------------------------------------------
And here is a copy of the original hoax e-mail. It looked suspicious but could fool someone who wasn't on-guard:

From: "support@fulltiltpoker.com" <support@fulltiltpoker.com>
To: xxxxxx@yahoo.com
Sent: Monday, March 24, 2008 5:52:21 AM
Subject: Important Information About Your Full Tilt Poker Account.
Please Read!


Dear member,

Full Tilt Poker Security teams have recently discovered that different
blacklisted I.P's have
tried logging in to your FullTilt Poker account and several Memorable
data and password
failure were present. For Security reasons we have reset your password.

To avoid fraudulent activites on your account please take a minute to
download and install
the newest Full Tilt Security update:
Click here to download the Full Tilt Poker Security Update (link was inserted here to a third-party Web address)

Failure to do so will cause problems with your FullTilt Poker account
and immediate account suspension.

Thank you for your cooperation in this matter and we apologize for any
inconvenience this may cause.

Regards,
Bobby
Full Tilt Poker Security Team
----------------------------------------------------------------------
Please remember never to give out your password or enter
account details over the Internet. Full Tilt Poker staff will
never ask you for your password. For your security, always
keep this information a secret.
----------------------------------------------------------------------

3 comments:

Gnome said...

I received another scam attempt that also looked like it was from "support@fulltiltpoker.com." This one is a little more obvious:

This is an automated message sent from Full Tilt Poker.

Your Player ID: smizmiatch
Temporary Password: TJYTUR

Please follow the instructions below to reset your password.

As a security precaution, we never send passwords by e-mail.
But you may use the temporary password above to reset your
password. Until you have completed the process of resetting
your password, your existing password will not be changed.
This temporary password will only be valid for eight hours.

==========================
HOW TO RESET YOUR PASSWORD
==========================

To reset your password...

1) Launch the Full Tilt Poker application
2) Choose "Login" from the menu bar
3) Enter your Player ID and Temporary Password
4) Choose the Login button.
5) Enter your new password in the space provided
6) Choose "OK"

==

Alan aka RecessRampage said...

Holy cow. Great post and thanks for the warning.

Drizztdj said...

Excellent catch Gnome, I'll check tonight to see I got one.


And I'll hang a post about it.