Suggestion for all poker sites Re: dealing with scammers and thieves

[WhoIam]

[ QUOTE ]
Is there any conceivable legit reason why anyone would need to receive a player-to-player cash transfer and then immediately send it to some other player?

[/ QUOTE ]
I've used inter-account transfers to settle debts and even to pay my rent. It isn't too far-fetched to come up with scenarios where this happens. For example, friend A and I go to a poker game. I realize I left my bank card at home and friend A lends me some money. I bust out but pay him back the following day through Poker Stars. Friend A owes money to friend B and pays him back when he's sure he has his money from me. Probably not too common, but I'm sure it happens.

[TobDog]

I dont remember the exact nature of how it worked, but when I played at Sun Poker(US no more now), you had to set up your computer to be able to use the software, they emailed you a link and you logged on that way the first time, I wouldnt mind seeing something like this, I know it still is possible to get in from the outside, but it will detur at least some if not most of the incidents of someone logging in unauthorized.

[slim]

[ QUOTE ]
Slim,

Generally, yes. Someone gets anothers passwords, then arranges transfers (usually with high level, trusted players). They transfer the money first, then get the reciprocal transfer. They may play some hands and then do another trasnfer, or just withdraw. Also, sometimes chip dumping is involved.

As to how they can trust the stranger, there is an awful lot of money swapping at sites among high rollers. I believe usually legit guys (LucLongley in skipolo's case) are asked. If someone screws the scammer on an exchange, it is not like it costs them anything other than opportunity since without moving the money somehow they can never get at it.

[/ QUOTE ]

I would imagine that once the password is gained, the theif needs to drain it within a couple of hours because anyone who has 5 figures or more in their acct probably plays often enough to notice their password no longer works or that their money is slowly missing. That would be tough to pull off.....you would think. BUt then I'm sure it's been done before many times.

[2461Badugi]

[ QUOTE ]
[ QUOTE ]
http://en.wikipedia.org/wiki/Security_token

[/ QUOTE ]

That is a great idea. AOL used to give the RSA SecurID to their employees and the way it works is: the service sends a new one-time password to the token every 10 minutes or so, and you have to input that password along with your regular password. Very secure and affordable ($45 on the RSA website), and I'm sure there are inexpensive alternatives that work just as well.

[/ QUOTE ]

I would happily shell out for something like this. Hopefully sites and wallets could coordinate so it would be possible to have a single authentication box across them all.

[cwar]

[ QUOTE ]
That is a great idea. AOL used to give the RSA SecurID to their employees and the way it works is: the service sends a new one-time password to the token every 10 minutes or so, and you have to input that password along with your regular password. Very secure and affordable ($45 on the RSA website), and I'm sure there are inexpensive alternatives that work just as well.

[/ QUOTE ]

This is really funny because my dad helped design the software for the SecurIDs. Poker sites would never implement this though.

[BluffTHIS!]

Anything that the sites can do, including providing extra security for greater fees if necessary, should be done. As should *quick* replies regarding such issues brought to them by a customer, and *quick* resolutions of such issues.

We constantly see in these forums both sides of the coin. On one side is those who get scammed, and on the other side are those who are wrongly accused/suspected of fraudulent activity. The first situation needs to be handled very quickly as time is of the essence to stop a con, but the second also needs to be handled in a reasonable time period coupled with *good* communication with the player. Obviously the sites have a hard time balancing all of this, and for the sites that have the highest stakes play, it is also obvious, to me at least, that Full Tilt, UB and Prima have the most shortcomings.

BUT, there also are many common characteristics of these situations and the players involved:

1) transferring money via interaccount transfers on a site

2) same as above but on neteller

3) surfing sites known to be more likely to infect your computer with a trojan or other security threat, e.g. porn sites and torrent sites

4) communicating via IMs to online "friends" who are still anonymous and have never been met in real life and clicking on a keylogger virus ostensibly for the purpose of looking at a hand history

5) allowing a B&M friend to use one's computer

6) playing from multiple computers, especially on those of a friend



There are legitimate reasons for doing all of the above, and if one is a good judge of not just human nature, but also of the current potential level of desparation with a formerly trusted friend, then *mostly* you won't have a problem. But it is clear that your chances of having a problem are greater than for someone who never does any of those things (like me).

The simple fact is that if you jaywalk, even if you look both ways first and generally are an accurate judge of speed and distance, you could be wrong one day, and with disasterous consequences.

So it really comes down to 2 things:

1) your level of risk avoidance

2) your level of gullibility, especially regarding potential conmen who specialize in the "long con" of first building up a relationship before striking, and regarding those formerly trustworthy "friends" who are now in desparate financial straits.

Note that I used quotes around "friends". The level of trust regarding financial and other matters some of you place in either people you know in real life, or long time but still mostly anonymous online friends, is far greater and extends to more such people than is the case for me.

This past holiday season one of my sisters was in town with her family and stayed at my parents' house. They came over to mine one day and one of my nephews asked to use one of my computers to check his email and I said sorry but no. Now I trust that kid 100% as far as not stealing from me. And I have excellent security procedures on my computers. But I also take care not to surf potentially dangerous sites and not to click on suspicious email links, and I can't trust a kid with that when I have a lot of money online in various accounts. So I was not willing to take any risk whatsoever, just for the convenience of a trusted family member. Maybe that makes me paranoid, but my chances of ever posting a "I got my roll scammed" thread are much less than most here, plus I would hate to even in the back of my mind suspect a family member or friend of screwing me. If something bad happens, it will either be my fault, or at least not the fault of someone I love or trust as a friend.

The poster kyleb has given and relinked in other threads, good info on avoiding hacking, and all here should read and implement same. But all here should also take the greatest care to avoid entangling themselves with anonymous online "friends" (includes those met in other cities on only a small handful of occasions), or in placing a greater level of trust in real world friends or family even than is prudent or necessary.

Regarding posters on 2+2, there are a handful I have friendly PM correspondance with, and whom I regard as some of the most trustworthy posters on this site. But I have still never actually met any of these people in real life. So I wouldn't transfer $1 to them on stars or neteller or whatever. I wouldn't even mail them a check and let them have one of my bank account numbers. There simply is no good reason to take the attendant risks with same. And that goes doubly because although they practive a form of gambling that is +EV, they still are in the gambling world where lots of cons and scams abound, and because you not only are trusting them, but everyone they trust as well, when you allow an online account of yours to get linked to someone else's, and who then links to a 3rd party and so on.

My motto regarding financial dealings:

"In God I trust. All others pay cash."

[Triggerle]

[ QUOTE ]
[ QUOTE ]
Is there any conceivable legit reason why anyone would need to receive a player-to-player cash transfer and then immediately send it to some other player?

[/ QUOTE ]
I've used inter-account transfers to settle debts and even to pay my rent. It isn't too far-fetched to come up with scenarios where this happens. For example, friend A and I go to a poker game. I realize I left my bank card at home and friend A lends me some money. I bust out but pay him back the following day through Poker Stars. Friend A owes money to friend B and pays him back when he's sure he has his money from me. Probably not too common, but I'm sure it happens.

[/ QUOTE ]Yes, but a 24h or even 48h waiting period before transferred money can be shifted around again wouldn't hurt in these cases?

[Unabridged]

[ QUOTE ]

Poker sites would never implement this though.

[/ QUOTE ]

why? if you made the user pay for them it would cost the site nothing. and it wouldn't interfere with the players who didnt want them in anyway. it might save the site money for having to investigate less accounts being hacked.