- May 18, 2007
- Total posts
Greg “Fossilman” Raymer (2004 world series of poker champion) was shocked to find out that a thief had somehow gained access to his pokerstars online poker account and proceeded to chip-dump from Raymer’s account to his.
Fortunately, Raymer did not lose any money because the crime was discovered in time for PokerStars to freeze both accounts before the cheat could cash out. A player who happened to decide to watch Raymer in a few heads-up sit-and-go’s noticed that something seemed amiss. In each match, the hacker, who used the screen name “Ikeyrson,” raised pre-flop for all but 20 chips out of a starting 1,500 chip stack. Raymer, whose account was being controlled by Ikeyrson (or an accomplice) called, only to fold after the flop. This left him crippled with no chance to win, barring a miracle. Stakes ranged from $100 to $5,000.
The observer contacted a representative at PokerStars and posted his findings on 2+2 Publishing’s internet message board. Many more members of the forum, after reading about what was happening, e-mailed Stars, as well. Stars quickly froze the tournaments featuring Raymer’s commandeered account in order to sort everything out. Both Raymer’s and Ikeyrson’s accounts were frozen, as well.
In fact, a PokerStars staff member asked “Raymer” in the chat box at a table if he may call him on the phone, obviously to make sure he was really playing. The scamster replied, “wat kinda person needs to call me?” It was quite apparent by that sentence that it was not really Raymer playing, as he is much more eloquent than that.
Ikeyrson bilked over $26,000 from Raymer’s account through this chip dumping scheme, but again, as stated above, his account was frozen before he could withdraw and the money was returned to Raymer.
But how did Ikeyrson get into Raymer’s account? Said Raymer, “It appears that this ikeyrson bastard managed to guess my password after making multiple attempts.”
After fans on the message board expressed surprise at the fact that someone was able to guess his password, the champ replied, “My password wasn't 100% obvious, but it was pretty weak. If you were guessing, I would think it would take you at least 100 tries, on average, to guess it. More likely 500. But, if some bored punk out there was willing to guess 100, or 500, or however many times he tried, then it figures he would get to it eventually.”
It may come as a surprise that PokerStars allows people to guess incorrect passwords repeatedly without locking the account, it might make sense. If someone wanted to mess with another player and Stars locked an account after, say, five incorrect passwords, the prankster could simply purposely fail five attempts to login to somebody’s account. At that point, the victim would need to spend time dealing with customer support to sort things out.
A simple solution proposed by some players is for Stars and the other online poker rooms to require players to have a different login name from their screen names. This way, people who are up to no good cannot simply watch a game, grab someone’s screen name, and get lucky with their password. Some rooms, such as bodog and the Microgaming rooms, already institute this easy security method.
In the end, regardless of the complexity (or lack thereof) of poker room login procedures, this should serve as a lesson to everybody to make sure their passwords are difficult, if not impossible, to guess. Include random characters, lower case and capital letters, and numbers in the mix, as well as making sure that the password is long. Additionally, it is wise to change passwords every so often, just in case.
The good news is, everyone can have a good laugh at Greg Raymer’s expense. Nobody lost any money and a valuable lesson was learned.