How cybercriminals profit from money laundering through gambling sites
A new report by McAfee sheds light on the underground world of online gambling. It identifies the proliferation of online casinos, an industry set to grow nearly 30% over the next three years, and how their use is fuelling cybercrime by making it easy to “cash in” on illegal activities.
Online gambling involves huge volumes of transactions and cash flows that can obscure and disguise money laundering. Players are not dealing with a tangible, physical product; physical currency does not change hands. As a result, illegal proceeds can be laundered by wagering them on one end of a transaction and receiving the payouts as gambling wins on the other end.
Furthermore, gambling winnings are tax free in many jurisdictions, making official reporting to governments unworkable and authorities often incapable of monitoring transactions.
Online gambling sites facilitate money laundering while the number of unlicensed sites is over ten times that of licensed operators. This trend, combined with the many sites now operating on the Dark Web and leveraging virtual currencies, shows the extent of the challenge for law enforcement.
Troels Oerting, the Head of the European Cybercrime Centre comments: “Since the days of prohibition – in Al Capone’s Chicago – “follow the money’ has long been the key to getting criminals behind bars. In the “old days’ the money trail was easy to follow, but today, money flows inside and between countries, regions and globally at lightning speed, which is a necessity in our global interconnected world. Taking advantage of this, more and more cybercriminals are turning to cyberspace to seize a new ‘business opportunity’ with endless income and limited risk. Cybercrime also presents the ability to be unidentifiable on the dark net and on stealthy services.”
To tackle the sum of these various factors of money laundering online, McAfee has identified three critical areas enabling the use of online gambling to launder “dirty’ money:
1. Anonymity – Online gaming was initially designed to operate across jurisdictions, in a commercial trade illegal in many jurisdictions. As a result, operators are fairly explicit about the level of anonymity afforded to online players. In some instances, gamblers are not even required to give any personal information when logging into sites. This makes it a lot easier for “faceless’ cybercriminals to use money laundering tools to acquire virtual currencies anonymously and illegally.
2. Payment options – Credit cards, debit cards, prepaid cards, bank wire transfers, ACH transfers, cheques, payment gateways, player-to-player transfers, mobile telephone billing debts and credit. Forget cash – there are a whole host of new ways that gamblers can exchange money in online casinos, which makes the whole business of tracking money trails much more complex.
3. Too many to police – The sheer number of online casinos is so great that it is difficult for local authorities to monitor them, let alone police specific activity. As of November 2013 there were approximately 104 international jurisdictions that regulated a total of 2,734 internet gambling websites (for 867 gaming-site owners). A couple of months later, 47 of those 2,734 gambling sites were deemed “rogue’ and not trustworthy. With dozens of illegal gaming sites being created every day, it’s likely this number has increased significantly.
The report concludes with advice on how to mitigate the risks posed by the ever-changing landscape of online gambling players and enablers, particularly for operators looking to create strategies and tactical capabilities to prevent further activity from occurring on their sites.
Raj Samani, CTO EMEA, McAfee and co-author of the report explained: “Knowingly or unknowingly, online casino operators are fuelling the increase in cybercrime by making it easy to “cash in” on crimes perpetrated. As online casinos grow in popularity – with more games, more access options and more transaction methods – operators are often left unaware to the greater opportunities being provided to would-be, opportunistic criminals who are able to hide their illicit gains from the prying eyes of global law enforcement.”
“The odds may appear to be stacked in favor of the cybercriminal, but operators shouldn’t fold or shut up shop just yet. With a strong online law enforcement capability – reinforced by partnerships and collaborations between cross-border authorities, law enforcement, ISPs, Internet security companies, academia and financial institutions – the online gambling industry can prevent cybercriminals from hitting the jackpot and getting away with it. Awareness of the situation is the first step, action comes next. Now we’ve shed light on the situation at hand, it comes down to working together in order to shut these activities down and call the cybercriminal’s bluff,” Samani concludes.