Phil Galfond, Chance Kornuth among latest victims of ID-theft and bank-fraud schemes

Haley Hintze
Published by:
Posted on: November 22, 2022 4:42 pm EST

Two more prominent poker professionals, Phil Galfond and Chance Kornuth, have confirmed that they are among a growing list of poker notables who were targeted in an ongoing theme involving the creation of bogus online-gambling accounts using stolen personal data, followed by the fraudulent transfer of funds from their bank accounts.

The revelations come as a second version of the ongoing fraud comes to light, involving what may have been the use of identities and passwords from another site stolen and sold online, with the data used to create bogus accounts at sportsbetting-only sites such as DraftKings and FanDuel. Whether this newer version of the scam involves the same perpetrators remains unknown at this time.

Galfond and Kornuth join several other prominent victims or attempted victims of the frauds, including Joseph Cheong, Kyna England, Todd Witteles, Kathy Liebert, David Bach, Sam Panzica, Clayton Maguire, Brock Wilson, and Melissa Burr. Several other pros have also been victimized but have chosen not to acknowledge that publicly. The preponderance of poker pros among the scams’ known victims implies that the perpetrators have some knowledge of the poker world and have selected would-be victims likely to have established deposit limits larger than those of the typical gambler, thus allowing for more funds to be stolen from a given victim.

Galfond and Kornuth tweet about theft attempts

Both Galfond and Kornuth tweeted about their discovery of the fraud attempts launched against them. Galfond, the online-poker legend and later the founder of Run It Once Poker, offered some new information he received from investigators:

Three-time WSOP bracelet winner Kornuth confirmed on Twitter that he was another one of the scammers’ intended victims and was notified of the issue by BetMGM, where many fraudulent accounts associated with the fraud have been created.

Existing DraftKings/FanDuel accounts now implemented in schemes

As Burr noted in her response to Kornuth’s post, the frauds attempted via DraftKings and FanDuel involve gamblers’ existing online accounts, rather than the creation of new, but bogus, accounts, as was typical in the thefts run through BetMGM. Witteles noted in continuing comments in his PokerFraudAlert thread about his personal investigation into the scheme that this inferred that the fraudsters who accessed DraftKings and FanDuel accounts had some access to stolen passwords as well.

Witteles theorized that the fraudsters had stolen or purchased personal IDs and login data, including passwords, from another site, then used those stolen login/password combos on DraftKings and FanDuel to see if the same combo had been used by a gambler on more than one site. The practice is unfortunately quite common among users for convenience and memory’s sake but increases the risk of accounts being compromised and emptied of funds. Witteles devoted a second thread to the DraftKings/FanDuel thefts despite addressing his personal belief that the same fraudsters were behind both versions of the fraud scheme.

DraftKings is one of the first sites to have publicly acknowledged the ongoing fraud issues. The sportsbetting and DFS giant issued a warning to its users on Twitter.

However, some respondents to the DraftKings tweet have asserted that they’ve had funds stolen via DraftKings accounts for which a unique password was used. Many users also reported that the first known step the scammers took upon gaining illicit account access was to change the user’s phone number, thus locking the user out of resetting the password or using other online methods to re-secure the account.

Witteles shares some details from Global Payments call

Witteles also reported having an extended contact with an official at Global Payments, the Las Vegas-based online-payments company that works with hundreds of American casinos. Witteles claimed that Global Payments, BetMGM, and California’s Viejas casino have been working together to identity the fraudsters and close what may have been multiple security holes. Witteles’ sharing of certain details also supports his assertion that the DraftKings/FanDuel situation is a separate series of events from the BetMGM/Global Payments/Viejas situation.

The PokerFraudAlert owner also reported that the thefts were the work of a “fraud ring”, though whether that ring included a possible former employee of a company such as Global Payments was not something the company itself could speak on, despite Witteles’ assertion that it was the likeliest explanation for how the thefts occurred.

Witteles aldditionally confirmed that he received a reimbursement on Friday of the more than $9,000 stolen from his own checking account. “Once Joseph Cheong went public with the fraud against him,” Witteles wrote, “I thought to myself, ‘My goal for the next week is to turn this story into something too big for them to ignore.’ Mission accomplished.”