Spammers, threat actors who send irrelevant or unsolicited messages over the internet to large numbers of users to spread malware, strike again! This time, they are exploiting affiliate programs to advertise online casinos such as Ducky Luck, Raging Bull Casino, Sports and Casino, using deceptive emails.

Multiple important online casinos use an affiliate program that enables other sites or influencers to advertise their merchandise and receive payment for everyone who registers an account.

To transfer users, the affiliates will design specially crafted URLs that include an affiliates ID or release a cookie that enables the casino to give them credit every time a referral signs up for a new account.

According to BleepingComputer, an online spam operation organized by affiliates of online casinos is flooding users with bogus emails announcing they won the ‘Grand Prize,’ that a large cash payout is ready, or that the recipient needs to confirm their account.

A constant stream of online casino spam


Even if the free email service provided by Google Gmail did a great job marking these types of emails as spam, there is a possibility that other email services may not perform as well, allowing the spam to make it into the general mailbox.

Below you can see a spam email for Raging Bull Casino where they promise a $3,500 reward.

Spam email from Raging Bull Casino affiliates


When clicking on the links, the user is redirected via another website that releases an affiliate cookie and then redirects them to the casino.

For instance, the redirection to Raging Bull Casino includes the affiliate ID (affid) in the URL so that the affiliate can get credit for the signup.

Online Casino site with affiliate ID in the URL


After you sign up for the account and happily wait for the payout they have promised, you’ll probably be surprised to find out there is no money waiting for you. The affiliate who sent you the email is the only one who’s making money in this case.

Email bombing is a form of cyberattack seen in many unrequested emails sent to your address. It can have negative outcomes for organizations by weakening their communications, but the impact is also problematic for individuals.

When receiving these types of emails, just mark them as spam so that your email provider’s spam filters will be able to recognize them next time.

Our Heimdal™ Email Security and Heimdal™ Email Fraud Prevention work in tandem with the Office 365 suite to increase protection in Outlook. By their powers combined, they form our Advanced Email Security module, which protects your enterprise against a variety of email-based threats, including spam, malware, phishing, DNS high jacking, CEO fraud, and other forms of BEC.

Heimdal Official Logo
Email communications are the first entry point into an organization’s systems.

Heimdal™ Email Fraud Prevention

Is the next-level mail protection system which secures all your incoming and outgoing comunications.
  • Deep content scanning for attachments and links;
  • Phishing, spear phishing and man-in-the-email attacks;
  • Advanced spam filters to protect against sophisticated attacks;
  • Fraud prevention system against Business Email Compromise;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

An Overview of Traditional Email Security Solutions and How to Enhance Them

Business Email Security Contributes to Business Stability – Find Out Why

Email Protection 101: What You Need to Know About Secure Communication

Email Security 101: Protecting Your Business Against Email Threats

Leave a Reply

Your email address will not be published. Required fields are marked *