If you have been recently active you may have been confused about an official looking stake email in your inbox regarding VIP rewards.
The email was sent by a rogue individual who managed to get access to Stake's Sendgrid account. We are continuing to investigate with Sendgrid how 2FA was bypassed and access was obtained but we will share what we know in the meanwhile.
- There's a chance that a group of Stake users who were recently active may have their Email address available to this individual. Please note that there is no other associated information linked to these Email addresses. It would be simply a raw Email, unlinked to even a username or any form of identity. As a result we deem this to be a minimal risk threat.
- No user funds, passwords, KYC, or Stake accounts were effected. The phishing website was taken down within minutes and as a result no damage was incurred We are very lucky we have quick notifications around this & a great relationship with hosting companies.
We will have further information available soon. As always if you require specific help please contact your VIP host or our live support.
In the meanwhile we ask that you always make sure you are logging in on "stake.com" and set 2FA.
Topic: Stake.com - The Leading Crypto Casino - Drake, UFC, Everton, Alfa Romeo F1 Team - page 300. (Read 270572 times)
November 10, 2022, 09:11:32 PM
November 10, 2022, 05:59:17 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
Same here, I haven't checked my email since I don't have much activity on stake this past few weeks. I could say that my idleness saves me from possible phishing attempts. Though it is quite surprising that $10m is stolen from hacked accounts. Aren't they activating their security options? This is just a user data breach and not an internal system hack, so it is somehow impossible to lose a significant amount due to phishing if 2fa and other security feature is enabled by the account.
Yes, it's a bit dubious somehow he collected $10 million whereas every account that has a balance must have double security like 2fa or OTP
Indeed there are some users who do not enable 2FA for example me, but I never leave a balance in the account, I definitely withdraw it when I want to log out
oh @Stunna already clarified this issue at least this clarification relieved us, it is undeniable that this case will harm stake.com.
November 10, 2022, 05:47:50 PM
Same here, I haven't checked my email since I don't have much activity on stake this past few weeks. I could say that my idleness saves me from possible phishing attempts. Though it is quite surprising that $10m is stolen from hacked accounts. Aren't they activating their security options? This is just a user data breach and not an internal system hack, so it is somehow impossible to lose a significant amount due to phishing if 2fa and other security feature is enabled by the account.
Correct me if I'm wrong but I believed that verified Stake account users can't change their email used on the registration. Therefore, even if a user's account got compromised and their Stake account login details were input on a phishing site, the hacker can't just do anything on that Stake account.
By default:
- an email code is needed for a successful login
- withdrawals also need an email code if 2FA is not activated
Not unless the email login details were compromised, that's another story.
November 10, 2022, 05:36:19 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
Same here, I haven't checked my email since I don't have much activity on stake this past few weeks. I could say that my idleness saves me from possible phishing attempts. Though it is quite surprising that $10m is stolen from hacked accounts. Aren't they activating their security options? This is just a user data breach and not an internal system hack, so it is somehow impossible to lose a significant amount due to phishing if 2fa and other security feature is enabled by the account.
November 10, 2022, 04:49:50 PM
-snip-
If you read the announcement, is about phising.So, from my perspective the data has been leaked is mostly the email customer of "Stake". However, which data came from who has been leaked is still unknown (Example, If their "Email" provider for sending promotion and other thinks is getting leaked).
There is no personal information is being leaked, only Email.
November 10, 2022, 03:47:50 PM
Such a sad situation but also not an unexpected one. Websites such as Stake are always in the crosshairs of hackers, which means that %100 7/24 at all times there are people trying to hack these websites, and eventually, they do end up hacking into them. It could be for money, but if they can't get any money, they would be glad to get KYC and data from the customers to sell later.
If you know the right buyer, nearly half a million gambling emails stolen from stake could be worth a gold mine, because you can sell it to other big-name casinos and they could use it to send emails to people to convince them to switch to their casino instead. So if they got any money, hackers wouldn't really care about that part, the data is the thing everyone loves these days.
If you know the right buyer, nearly half a million gambling emails stolen from stake could be worth a gold mine, because you can sell it to other big-name casinos and they could use it to send emails to people to convince them to switch to their casino instead. So if they got any money, hackers wouldn't really care about that part, the data is the thing everyone loves these days.
November 10, 2022, 03:07:16 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
Is this for real? I am reading this for the first time and I can’t believe my eyes that I’m reading this about Stake. What on the earth might have happened so as to they were able to manage hack on the stake?
These scam bugs are everywhere. Last time one crazy article also stated that there is trend of making entire Mirror site so that user gets deceived with the fake site and deposit money over there.
Guys, this is the lesson for us. It’s about our money so always see and validate before you click. I hope Stake will be able to recover the money as well as stolen info.
Stay strong stake team!
November 10, 2022, 02:40:57 PM
-snip-
Everyone is also not forgetting.In the last few months ago, the stake system is updating needed every account to activate 2FA. So, this is also helping for the case phising site due everyone can't withdraw without activated first the 2FA.
Otherwise, the victim who get this can be more.
November 09, 2022, 08:05:45 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
I've found that on this forum
It seems that even Drake's datas would have been breached.
https://stakecommunity.com/topic/64397-phishing-e-mail-scam-november-2022/page/3/#comment-1357512
https://stakecommunity.com/topic/64397-phishing-e-mail-scam-november-2022/page/5/#comment-1357954
November 09, 2022, 07:47:44 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
It is it the first thing I read about this email hack and for one time I am lucky that, for some reason, I don't receive any emails anymore from Stake. Changed my password just to be sure also but we always need to be extra careful when receiving mails (even if they look legit).
The problem is that the email is sent from the official email so many people assume that it is not phishing. The only reason we suspect the email is because the style and contents of the email are different from usual there is no picture and there is no explanation related to the event even if there is a bonus, it is usually sent to telegram too.
November 09, 2022, 06:51:44 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
It is it the first thing I read about this email hack and for one time I am lucky that, for some reason, I don't receive any emails anymore from Stake. Changed my password just to be sure also but we always need to be extra careful when receiving mails (even if they look legit).
November 09, 2022, 06:46:32 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
We will never get a real estimate before stake.com announced it and it looks like Stake.com will not do it for privacy reasons
Based on unofficial sources Hackers managed to steal 430K customer data including email and maybe also KYC information
Another source said they stole at least $10 million from the hacked account, but this one is rather difficult to believe.
Luckily I was late to check the email and not click on the link sent to my email.
November 09, 2022, 05:01:30 PM
any estimation how many and how much funds were stolen with the last email hack thing ?
November 09, 2022, 04:43:49 PM
-snip-
What are you talking about?We talking about RTP or volatility is same or not from Demo & Real, we never talk about Money (Demo with Real) result win or lose. Please next time to understand the current situation discussion, while we are talking now about to "How to be verify demo and real play have the same RTP or Volatility" and that still the hottest topic without any valuable answer even from the person who are really understand slot.
Because there is no machine or third parties who give us regular person to check by our own check for the RTP and other things like hash game (Probaly fair).
November 09, 2022, 04:26:48 PM
Has Stake been hacked? I received what looks to be a valid email from [email protected] (email headers match - it's not simple spoofing), with the subject "Stake: Welcome to the new VIP program!" and a body offering more bonuses. Clicking the link, I get redirected to http://sso-stake.com, which is currently offline and definitely doesn't look like an official Stake domain. The domain was just registered today going off of whois records, so I suspect whatever platform Stake uses for email marketing might have been hacked and used for a phishing campaign.
They just posted this phishing warning few minutes ago to their telegram group.
Thanks for staying vigilant. I am paranoid enough to always check urls from anywhere i get them but getting post from correct email might fool people easily.
But correct me if i am wrong but Email spoofing doesn't need hacking the site to work afaik.
Yes, I also got the same message in Telegram and they said that they are working with it.
And also the email system was down, I try to withdraw a couple of hours ago, didn't get the unique withdrawal code. But after some time, their was a message from the live support (as I have ping them), that everything is normal now. So I try to withdraw again and it went it in. So just be careful about those emails that we are getting right now, there are lot designed to steal from us.
November 09, 2022, 04:23:33 PM
If you asking from the guy who are provided you the service.
Off course, they're gonna say that, because is a business scheme (You never say anything bad about your product). But, If you ask from regular person they're gonna tell you different things.
If there has some machine that can make us (Regular) person, verify the RTP and others thing is same. We will believe that, just like "Probably fair" for hash game while we can verify the result by our own check.
That is a bit of a sceptic approach and I wouldn't blame you. In this case demo and real are different because demo is fake money, so that alone should be a good reason not to see them the same because nobody would gamble with fake money just as the same when they are gambling with real money.Off course, they're gonna say that, because is a business scheme (You never say anything bad about your product). But, If you ask from regular person they're gonna tell you different things.
If there has some machine that can make us (Regular) person, verify the RTP and others thing is same. We will believe that, just like "Probably fair" for hash game while we can verify the result by our own check.
This is why I really hope that you do not end up with any misunderstanding but if demo and real are said to be the same, I would assume it could actually be the same. Why would there be difference anyway? It's gambling, you should be aware that you are going to end up losing money, that shouldn't be a secret to you, nobody should think that there is "maybe" a chance that they could profit in the long run.
November 09, 2022, 02:19:33 PM
[$1,500] Fight Game Part 6| Sports Challenge
Win a multi bet with at least x5 by betting on minimum 3 matches.
You can bet on any fighting competition we have available on our site.( MMA, BOXING, KICKBOXING, etc)
The odds per match must not be less than 1.15x.
The minimum bet amount is set at 1$ (in any currency).
Giveaway's Topic: https://stakecommunity.com/topic/64203-1500-fight-game-part-6-sports-challenge/
Win a multi bet with at least x5 by betting on minimum 3 matches.
You can bet on any fighting competition we have available on our site.( MMA, BOXING, KICKBOXING, etc)
The odds per match must not be less than 1.15x.
The minimum bet amount is set at 1$ (in any currency).
Giveaway's Topic: https://stakecommunity.com/topic/64203-1500-fight-game-part-6-sports-challenge/
November 09, 2022, 08:15:09 AM
-snip-
If you asking from the guy who are provided you the service.Off course, they're gonna say that, because is a business scheme (You never say anything bad about your product). But, If you ask from regular person they're gonna tell you different things.
If there has some machine that can make us (Regular) person, verify the RTP and others thing is same. We will believe that, just like "Probably fair" for hash game while we can verify the result by our own check.
November 09, 2022, 08:01:21 AM
-snip-
To be honest.There is no single proof, the RTP is same or not from Demo & Real. What we only can do only trusted the casino, how you can make sure the RTP of the game from Real & Demo modes is the same?
We can't even check or verified them, this is still on the hottest topic without any valuable answer from my perspective.
I read about it, and not once, guys from the industry were saying that Demo and Real mods are programmed exactly the same way. They were also saying that regulators wouldn't allow those modes were different. It seems logical to me, so I trust them.
But we have official representatives of Stake here on this forum. We can ask them. @Stunna, @Symphonized, can you comment on this please?
November 09, 2022, 07:15:18 AM
Has anyone tried logging into stake.com at this point? I tried it but after waiting for more than 5 minutes the code to login was not sent to my email, a few hours ago there was no problem getting the login code.
Edit: received the code after the second attempt
Edit: received the code after the second attempt
I keep my account always logged in,I know this is bad practice in Windows but I use Linux and also use Google Authenticator which for me that I am a fanatic and I never lose my phone or crash it works much better than login code sent to emails,Stake has it as an option so it is easy to implement.
I type stake website link in the browser and as I said I was already in and played yesterday for a long time more than 1.5 hours in the slot machines and everything went smoothly except the part of the slot provider Play n Go which has really but really the slowest servers on earth.
Jump to: