Topic: Diamond 5 Stake, account was hacked - page 2. (Read 1327 times)

Most likely this is not as much money for the OP as it is for us, and as we know a great deal of traders and gamblers out there use online wallets to store their funds as they find this arrangement more practical for them, but as we know this convenience comes with a price, and the price is that their coins are at a higher risk of being stolen as hackers have all the time on the world to try to figure out how to access their account and steal everything that is in it.

Wow
I was first moved with the fact that you had over $165k in your betting account and I was really mad that what the f*ck are you doing with such amount of money in your betting  aaccount ? I'm so sorry for your loss mate but I really don't think it will be possible for stake or any other casino to share responsibility of the loss with you because you made all the mistake to have clicked on the link and you don't expect the casino to partake in fixing a mistake causes by you exoevt they just wanted to be fair with you.
This is another wake up call for everyone to stay very active in protecting their accounts and checking eveey links thoroughly before clicking non them.

Hey all, random one as i am not trying to make any big accusations against the company or cause any unwanted commotion(yet).

I am diamond 4(6 percent from diamond 5) member on stake and the account is 5 months old. So I am one of if not their biggest sports players on the site.

Recently I was trying to login to check the status of my bet and was logged out of my account. I didn't think much and wrote the chat, finally got back in and saw I had a zero balance and my live bet had been cashed out. The company wrote to me and queried a set of tips that were sent from my account totaling 165k. the balance would have been 205k if the hacker had not cashed my bet out.

Anyway long story short, I was either phished on telegram or in the stake chat on the site and the link i had opened disabled my 2fa, so the hackers waited and stole the money after I had grown a balance. My issues here are many but I obviously hold a lot of responsibility for clicking the link. If I had my account and email compromised and people accesed my account and stole the funds I wouldn't have much of a gripe but they didn't, they were only able to 'tip" another brand new account 55k and 110k in a matter of seconds, the thief managed to steal the 60k and get it off the site and the rest was blocked. Also, should be noted my 2fa was removed from the acct at 944am and the theft at 11am and still no triggering on the site to block six figure tips(which i've never done before) to a brand new acct that automatically withdrew them.

Anyway i am hoping they will do the right thing and at least split responsibility with me as I did make the mistake of clicking on the phishing link but to have no protocol to stop and internal funds transfer within the site and a withdrawl of those sizes an hour after 2fa was disabled is pretty sickening.

I have the hash for the withdrawl here https://etherscan.io/tx/0x1ae29bdb23b038de73b398947343013ba0df7d45ec322b87de53e0d798c7fa62  

The phishing site I ended up on is here https://stake.com-bonus.io/?action=login&modal=auth&error=fail  it's obviously pretty pathetic replica but it was 5am when i clicked and it did the trick.

If anyone would be willing to help out and see if any real info is connected anywhere I would be super grateful and happy to send a reasonable bounty out.

Wow
I was first moved with the fact that you had over $165k in your betting account and I was really mad that what the f*ck are you doing with such amount of money in your betting  aaccount ? I'm so sorry for your loss mate but I really don't think it will be possible for stake or any other casino to share responsibility of the loss with you because you made all the mistake to have clicked on the link and you don't expect the casino to partake in fixing a mistake causes by you exoevt they just wanted to be fair with you.
This is another wake up call for everyone to stay very active in protecting their accounts and checking eveey links thoroughly before clicking non them.

but also at least you have to be careful even though the problem has existed for some time. because there are so many incidents that fraudsters send phishing links via e-mail and the e-mail of the sender or fraudster is almost the same as the official Stake email.

what I do is usually if I receive an email or through any message and claim to be from the gambling party or the Stake party, I usually always ask the support team whether it is an official message from gambling. if the support team answer is not official message i will ignore and delete the message immediately.

If this is so common then there is only one explanation for this, and that is that scammers are getting a lot of success with such methods and they are unwilling to let go and they will keep phishing as many gamblers as they can until something is done about it, and while it seems there are several things that could be improved at stake, it is essential for gamblers to understand that scammers are always out there and we need to be incredibly cautious or one day we may become their unsuspecting victims.

On the stake community forum, topics about phishing emails coming to users periodically appear, starting from November last year, there is also a topic about a data leak from Stake and emails about allegedly receiving bonuses, so this was not something new.

https://stakecommunity.com/topic/64397-phishing-e-mail-scam-november-2022/
https://stakecommunity.com/topic/69379-stake-data-leaked-did-you-get-a-bonus-email-for-another-casino/

     It seems unlikely that you will recover what the hacker stole from you, even if we say that someone will help you because I have not heard anything after being hacked that the hacker has recovered what was hacked from him.

    Maybe learn a lesson from what happened to you, at least you know what to do next time because hackers can attack wherever we are if we are careless and we are not the ones to go around in this cryptocurrency situation.

No there was no notification whatsoever that 2fa was removed at all. That is the point, there is no security, they changed this after my money was stolen, they should have changed it when people had their money stolen through the same method in the months leading up. The amounts and players weren't important enough for them to take action. To all the people saying the blame is fully on my side, keep in mind the company had a massive data breach which gave hackers and competitors all their clients email lists, player ranking etc etc. This has never been mentioned for whatever reason, likely because they don't want any responsibility in any of the attacks or violations going on.

On the stake community forum, topics about phishing emails coming to users periodically appear, starting from November last year, there is also a topic about a data leak from Stake and emails about allegedly receiving bonuses, so this was not something new.

https://stakecommunity.com/topic/64397-phishing-e-mail-scam-november-2022/
https://stakecommunity.com/topic/69379-stake-data-leaked-did-you-get-a-bonus-email-for-another-casino/

No grieving process, the fact that you can't seperate feelings from how a company should be run is a bit concerning. But promoting a company in your bio that bought all of stakes stolen email and player lists I guess sheds some light on how you feel about player security. If you take money from people, you should do your best to protect their money, not the least. Does it concern you at all that the company your promoting is trafficking in the profiles of all the players who's data was hacked and stolen from stake before New Years?

     It seems unlikely that you will recover what the hacker stole from you, even if we say that someone will help you because I have not heard anything after being hacked that the hacker has recovered what was hacked from him.

    Maybe learn a lesson from what happened to you, at least you know what to do next time because hackers can attack wherever we are if we are careless and we are not the ones to go around in this cryptocurrency situation.

But the main thing here is that the procedure for enabling and disabling 2FA is not protected, for example, on many exchanges to disable the authenticator, you need to enter, in addition to the 2FA code itself, additional codes received by email and phone, and as the OP says, he just received a notification by mail about disabling 2FA after the fact.

This is what I find ironic- Stake if not, is one of the most popular gambling platforms out there but there are a lot of concerns and problems being posted on this board. Given with what they can achieve (e.g. hiring Drake as their brand ambassador), they should have at least put security as their main priority and focus in this aspect.

In addition to this, OP has been one of their bigger spenders in the platform. I truly wish that Stake should address these concerns carefully and with haste. While I do understand that there may be some issues, they should prioritize their customers feedback and concerns more if they want to retain their loyalty of players.

There is a problem in security system. When you increase security you decrease the comfort of the user the same time. If you have to send video(for example) for every action with money you will become angry very fast. If it will help you to save money, you`ll forgive everything of course, but until this moment you`ll be angry. I can`t say was the stake security level balanced or not, but i can understand why they didn`t increase it. And, as i said for increasing security level we need some big incident.