What Is IESNARE ? (+Proven Method To Block It)

iesnare bookies

Know what IESnare is? Looking for ways to block it? This post covers the lot…

In short, IESnare is a dirty little tool bookies are using to spy on their customers. If you’re purely trading, it affects you effects you less, assuming your cool with bookies prying on your every move?

However, if you’re reducing premium charges or topping up profits with the occasional Arb, or matched bet, read on. I’ll give the best explanation possible along with the proven remedy to keep their dirty tricks at bay.

What Is IESnare?

IESnare is an analytical tool created by a company called Iovation. IESnare is designed to counter fraud and abuse, such as money laundering between accounts. It works through tracking information about users through time visited on-site, other sites visited, IP addresses along with any other personal information it can gather. You can read a little more about ‘fraud prevention on their site.

That’s a totally legitimate and useful thing to be doing, right?

Of course… unless a bookmaker is considering its use for matters other than preventing crime.

Note: one of the things it tracks is other websites you visit. Perfect if you want to look for a user potentially arbing prices between bookmaker and betting exchange. A little naughty maybe.

Why Do Bookies Use IESnare?

Bookmakers only like losers, no surprises there. But before the internet, they managed to keep account closures and limiting winners like Patrick Vietch under-wraps. The odd news article maybe, but very few talked about it.

Now it seems to be pretty mainstream. The rise in betting exchanges has made it far easier for anyone to make a quick buck, be it through matched betting, arbing or trading. Unfortunately, programs like IESnare have made it easier for the bookies to close them down just as fast…

I’ve yet to see a bookie talk openly about IESnare. If they did they’d probably just quote the ‘doing their bit for fraud’ line.

ie snare used to detect fraud

It’s just part of the industry I guess, it seems to be common knowledge. By recording your internet history the bookies can quite clearly see what kind of user you are, profiling you in the process. If they suspect you’re a bit shrewder than the average user they may impose betting restrictions.

A little like the YouTube videos I created for fun: Beating the bookie in 24 hours.

How Do You Know If You’ve Been ‘Snared’?

It’s simple to find out if IESnare is active on your machine. Just run a quick search for ‘mpsnare’.

mp snare

If the machine you’re on has been infected, it’ll soon show up. To remove IESnare is really quite simple, preventing catching it again is slightly harder.

If you’re regularly using bookies websites it’s likely to be a reoccurring issue, we’ll show you how to block it in a sec…

How do you remove IESnare? Easy. Just delete all the files that appear following the above search and it’s gone, simple. See the process below for some simple steps.

But how do you stop it from coming back? the slightly harder part…

How To Block IESnare (5 Step Process)

The first point to note is: you cannot stop IESnare from being installed on your machine. But you can stop it from sending back any data it has gathered, rendering it useless.

To do this though, you need to change a couple of things. So, in 5 quick steps…

(you can enlarge any of the following images by clicking)

Step 1: Locating IESnare files.

How to find IESnare

  1. Locate notepad via your machines start menu (bottom left).
  2. Right-click notepad.
  3. Select Run as administrator
  4. You’ll be asked for additional permissions, click Yes.

The notepad will then open. Now, select File > Open (make sure All Files is selected, bottom right).

For the file path, cut and paste the following line: C:\Windows\System32\Drivers\Etc and hit open.

If you’re unsure where to post this line, see the image on the next step. The red box at the top is where you need to paste or type this line.

Step 2: Editing IESnare host file.

Blocking IESnare with notepad

Once locating the correct file path from the previous step you’ll see a selection of files. You want to:

  1. Right-click and select Properties (seen above).
  2. Uncheck the tick box that specifies Read-Only.
  3. Hit Apply, followed by OK.

Now, when opening your host’s file you will be presented with something like this:

Hosts file IESnare

Step 3: Paste the following.

Now we need to add some lines to your host’s file to block IESnare.

The link below contains all the lines, in order that needs to be added below the line 127.0.0.1 localhost. To avoid confusion, just click the link below, copy and paste.

Click this link for the text you need to paste.

After, you’ll be left with something looking like the following:

Hosts file IESnare Updated

The red box denotes the text that has been added (found on the link above the image).

Step 4: Save and finish.

Your host file has now been edited appropriately in order to block IESnare from working on your machine. You just need to Save the file (with the new lines inside) and reboot your machine!

But it’d be foolish not to check the edit has not worked…

Step 5: Check IESnare is blocked for good.

You can check the block has worked by going to:

  1. Start Menu.
  2. IESnare Command Prompt MenuCommand Prompt (shown above).
  3. Once open, type: ping mpsnare.iesnare.com

The reply should come back from 127.0.0.1 and look like:

IESnare Blocked

…that’s it. All done!

 

Removing IESnare on MAC

I haven’t got a Mac, although I’m led to believe this works if you have…

launch terminal apple

How to remove IESnare from a MAC machine:

  1. You need to Launch Terminal, found in /Applications/Utilities. You can also launch through Spotlight.
  2. When prompted to backup hosts to your documents folder add this: sudo cp /private/etc/hosts ~/Documents/hosts-backup.
  3. Then, when prompted to open the host’s file, input this: sudo nano /private/etc/hosts.
  4. You’ll have to add your administrator password for verification (it won’t be able to see it as typed on-screen). Hit enter.
  5. When the host’s file has loaded up, navigate to the bottom to add the lines of code in the text file below these steps. Linked below.
  6. Once added, hit Control+O and then enter to save your changes. Finally, hit Control+X to exit from nano.

The lines you require for input (point 5):

Download the text file here.

I’m Unsure Of This – Should I Block IESnare?

The above may seem like a bit of an effort, but it is worth it. Do you want the bookmakers spying on you 24/7?

Think of it like this; would you allow a hacker to stay on your computer and do nothing about it? The same logic applies to this. If you have come across IESnare on your computer, you have to get rid of it!

It will definitely affect your betting in the future.

Final Thought For IE Snare

It doesn’t really matter which angle you come at it. IESnare might have been created with the best possible taste, to catch fraudsters. But over time, the use of IESnare by the bookies has become questionable. It wouldn’t have ended up in the mainstream media if there wasn’t any truth to the claims. A nasty way to do business, but the way the industry seems to be headed.

For you and I, the best course is to block IESnare regardless. There just isn’t any potential upside for the user. Some have even reported being gubbed by a bookmaker before placing a bet, believing it was because of the program. Make sure you get in there first so that doesn’t happen!

The more that become aware of IESnare, and how to block it the better. Feel free to use this post as an explanation to your friends that don’t understand. Word of mouth seems to be the only way the masses are to find out. You don’t often see it discussed on the racing channels, that’s for sure.

Related Article: BOOKIE BEATEN – Account Closed In Just 1 Day!

20 thoughts on “What Is IESNARE ? (+Proven Method To Block It)

  1. Hi Caan
    Good to know about this issue, I wasn’t aware of it.
    Just a little words about your workaround: windows hosts file (that is not IESnare hosts file) configured in this way will forward all requests do localhost and this can create a bad behaviour with a lot of timeouts and decrease the performance of your pc.

    I suggest instead use the windows firewall to block all that address. That is the correct tool to filter bad requests at network level.

  2. I was aware of iesnare, as for the past couple of years, I have been matched betting.
    Yet to meet an honest bookie – they are all scum and will close down your accounts at some time after winning a few £.
    I use 2 desktop pcs. 1 connected to my home broadband, the other uses a mobile dongle.
    Keeping matched betting and exchange sites on 1 pc, and bookies on another helps reduce the risk when the internet connections differ.

    Started learning to trade the horses. But finding it harder than what it appears. I shall keep preserving with that though.

  3. ‘Ghostery’ a browser add-on is an easier way to block ‘iesnare’. It also blocks other similar products that bookies like Hills use in Australia, e.g. Threatmetrix. If you live in the EU covert customer profiling using online tracking will become illegal in May 2018, so hopefully this will put a stop to this despicable corporate activity. Possible fines ca reach £100 million – food for thought for even the biggest bookmaker.

    1. Thanks for this Jimmy. Will the usage of Ghostery blocking Threatmetrix on Australian Bookeeper websites show up for them? I.e. will the blocking of threatmetrix itself raise any redflags for them?

      Also, in the context of matched betting, is theatmetrix effectively being used to determine whether betfair has been used within x time of a bet being placed on the bookie etc. ? Or does Threatmetrix also track the MAC address (and therefore blocking it protects MAC?) Apologies for the many questions, it would be so much if you could help me out here.

      Kindest regards,

      Michael

      1. I think that’s the problem as you say there in some ways; if they pick up you are blocking, they may be concerned. Although its becoming more popular for people to block and use VPN’s regularly.

  4. “The first point to note is: you cannot stop IESnare from being installed on your machine.”
    I honestly find this hard to believe. They can’t just silently install spyware without our permission, that’s against the law and people go to jail for that. Do you have any proof of where the spyware is located on the computer or what process is it in the taskmanager? Thanks!

    1. Maybe check the bookmakers Ts&Cs. I haven’t checked but I have had to remove it from a laptop. It doesn’t seem to pop up on mobile as yet but I haven’t checked for a while.

  5. Jon Boy, No T&C supersede law. You cannot just make up terms and conditions which are against law. It doesnt work that way 🙂 It is illegal.

  6. i think it should be noted that removing iesnare also flags you up, when i removed it i got 3 accounts gubbed on the same day
    just a thought, but from their perspective, removing iesnare immediately flags you up as a pro bettor, i would even go as far to say that it’s possible they designed it that way, so the people who remove are self-flagging themselves. Can we even really trust people who are promoting matched betting websites? imagine the power they have to flag up bettors with certain patterns of betting, who would not refuse a few thousand a month from them to lead them ‘down the garden path’…… removing professionals makes the bookmakers 3x richer

  7. If you block iesnare before you get infected by it, I cannot see how you could be flagged up as an arber because the installers of iesnare cannot receive information about your machine. If bookies are using this then blocking it might be the best form of protection against being gubbed. It’s just my opinion but this might not be illegal. Data Protection Laws are mainly to stop information about individuals being accessed without permission, if a company can openly sell the information that iesnare captures, then it may be the case that the information about your computer is not covered by data protection laws. For instance, anyone can check a car number plate here in the UK . anyone can find your name and address in a phone book if they know your number.

Leave a Reply

Your email address will not be published. Required fields are marked *