Follow Us! ThumbsUp

Every edition of the Online Gambling Quarterly begins with answers to the same question: How would you assess the current industry climate?

Those operating in the vertical know they work on shifting sands. New regulations, an ever-evolving marketplace, changing player habits… It all creates a challenging environment. And that’s before we even factor in fraud attacks.

This is why, at SEON, we wanted to give iGaming businesses peace of mind on that front. We did a deep dive into our iGaming clients’ fraud data and investigated the nuances and macro-patterns of global iGaming fraud. Don’t wonder how to prevent fraud attacks at your company any longer. All the answers are in our downloadable guide.

What is iGaming Fraud?

iGaming fraud includes any kind of fraudulent attack against iGaming operators, online casinos, and online betting shops. Because of the nature of iGaming businesses, fraudsters have very specific methods of trying to abuse systems, cheat at games, and exploit loopholes. 

While some of these iGaming attacks fall within grey areas, others are absolutely considered fraudulent, for instance: creating multiple accounts under different names, using stolen IDs to bypass KYC checks, and using spoofing technology to evade IP blocks.

Types of iGaming Fraud

iGaming fraud is pretty unique when it comes to the variety of breadth of attacks. These include:

  • Multi accounting: players create multiple accounts under different names to cheat at games (collusive play), or abuse bonuses offered as part of marketing promos. 
  • Bonus abuse: as mentioned above, the marketing campaigns offering referral bonuses or new user signup bonuses incentivize fraudsters to create multiple accounts.
  • Affiliate fraud: because iGaming sites are restricted in the ways they can market their companies, they often rely on affiliates. However, unscrupulous fraudsters can set up wrong expectations and send bad quality traffic that eats away at marketing budgets with very low ROI.
  • Chargeback fraud: iGaming sites often act as e-wallets, where players can deposit funds using credit cards. Fraudsters use other people’s cards, which may work but incur chargeback fees. 
  • Self-exclusion fraud: offering players the opportunity to mark themselves as problem gamblers is a legal requirement. Some of them tick the self-exclusion box and log into the platform using an alternative account. They then blackmail the platform by saying they will report it to the authorities.
  • Game-specific fraud: then, of course, there are all the “exploits” that are specific to certain games, such as matched betting, chip dumping at poker tables, or gnoming.

iGaming fraud, like all kinds of fraud, is adaptive. This means it evolves constantly and you must stay on top of the latest trends. Here are the ones to keep an eye on this year:

Multi-account abuse

Fraudsters who are looking to maximize the returns on their schemes know that scaling is the most important part of their operation. The time that bad actors need to invest in, say, bonus abuse, is not insignificant, so in order to make it worth their while, they have to scale their fraud across many accounts — perhaps even dozens or hundreds. This may happen through a single machine, or potentially even a bot attack across multiple coordinated machines.

Synthetic IDs

The fastest-growing type of fraud in the US, synthetic IDs are what fraudsters now use to bypass KYC checks. They stitch together false information and real ID documents, which are harder to detect than completely fake profiles. 

According to the Federal US Reserve, the problem of synthetic IDs grew by 85-95% in 2019 alone, and it continued to accelerate during the COVID-19 pandemic.

The continuous flow of data breaches makes it easy for fraudsters to access real ID documents on the darknet, which may explain why the practice has grown in popularity in recent years. 

Self-exclusion fraud

As government bodies increase their crackdown on iGaming companies to protect customers with gambling additions, fraudsters have taken notice.

They know that they can essentially blackmail iGaming companies by marking themselves as “problem gamblers” on the iGaming site, and then use an alternative account to continue gambling. 

This is essentially a multi-accounting problem, which can be solved with the right tools – but iGaming companies have reported an increase in these cases over the past few years, and it’s set to continue being a problem in 2023. 

Deepfakes for video ID

Another technological innovation that fell into the wrong hands: video deepfakes. As the technology becomes more affordable, fraudsters are taking advantage of deepfakes to bypass video ID verification systems deployed as part of a KYC process. 

While video ID verification providers are always updating their systems, not all iGaming sites have the resources to check whether the videos are legitimate or not. 

What Our Guide Covers: The iGaming Fraud Challenges

In the first part of our guide, we quickly go over some of the key changes and challenges you’ll face in the oncoming years.

Examples include:

  • excessive regulation by the UK gambling commission
  • move to countries with fewer regulations
  • high fraud variance from region to region
  • a long-term shift in public opinion
  • onboarding high-quality advertising affiliates

But more pertinently, when it comes to fraud, we look at the rising rates of bonus abuse and payment fraud.

Breaking Down Bonus Abuse 

A key chapter of our guide focuses on breaking down and understanding bonus abuse in all its forms.

We look at how to prevent fraud attacks such as matched betting, arbitrage and advantage playing is leveraged by organized teams and how they automate processes to extract maximum gains from casinos. We also look at how to stop collusive play and multi-account bonus abuse.

Our section on marketing offers also shows how bonuses can backfire, and turn into lengthy manual reviews for the risk team. We offer some findings from our proprietary data that show exactly the link between bonus abuse and lost resources.

How Self Exclusion Fraud Works

This type of fraud is on the rise and can be extremely tough to flag using legacy systems. It is extremely difficult for companies to protect all players, even with the best intentions in mind.

  • A fraudster opens an account, sometimes uses it to play, and self-excludes it.
  • They open a second account with the same operator or those that fall under the same license as the parent company.
  • They deposit large amounts and play volatile games at max bet.
  • If they lose, they blackmail the operator into getting a refund, by claiming their self-exclusion was not respected.

Self-exclusion programs are usually taken seriously iGaming operators, which is why it can be so disheartening to be punished by a fine. And this is doubly more unfair when unscrupulous players try to leverage these fines against the operators via self-exclusion fraud.

Don’t Lose Your Profits to Self-Exclusion Fines

A Swedish gambling operator learned that lesson the hard way when it was issues a fine of SEK4M ($431,900) in 2019 for failing to block self-excluded players from accessing their websites with alternative accounts.

A bookmaker based in London was fined $31k for the same reason by the New Jersey Division of Gaming Enforcement (DGE) in December 2019.

Payment Fraud in iGaming: the Key Numbers

Last but not least, we cover payment fraud, chargeback fraud, and friendly fraud, the trio of classic fraud techniques that still cost operators too much, especially as a report found it rose by 37% from 2018 to 2019. But luckily, the second half of our guide offers solutions with concrete advice and tools you can implement today.

Examples of Solutions in the Guide: Digital Footprint

As you may already know, in fraud prevention, the more data you have, the better. The challenge is to acquire that data and validate it using data enrichment. A large section of our guide focuses on the process of enriching data through a variety of tools, such as:

  • Device fingerprinting: The phone, computer or tablet that players use to connect to the gambling platform contains tons of identifying data. From the resolution of the user’s screen to installed languages and plugins, a user’s device represents a nearly unique identifier. Multi-account abusers will often be emulating multiple device environments from a single PC, which can be detected through the connected accounts’ device fingerprints.
  • Email profiling: Does the email address exist? Is it from a suspicious, disposable domain? Or one that doesn’t require any verification during sign up? Fraudsters will create an email address fast, and without linking to Twitter, Facebook or other social media accounts. This is not the typical behavior of a genuine customer, who would use an aged email address, probably used to sign into multiple social media platforms. You can read more in our email lookup tool comparison here.
  • Phone analysis: Are they signing up with a real phone number? From a fixed line or mobile? And did they use that number for messaging services? Fraudsters are unlikely to register the phone number with messenger apps and other platforms. We can also flag phone numbers that come from “burner” apps, which allow people to enable numerous phone numbers on one device only.

Want to Fight iGaming Fraud on All Fronts? 

Make sure you download our guide today. We cover all of the above and much more, including:

  • How to use AI for self-exclusion fraud prevention
  • Behavioral patterns and patterns in onboarding data that suggest multi-account abuse.
  • Why a multi-layered fraud prevention system could benefit iGaming operators
  • What velocity rules and machine-learning insights can do to reduce false positives, friendly fraud, and multi-accounting
  • And much more…

To learn more about fraud attacks in the iGaming industry and our solution for preventing them, please download our guide today.

You might also be interested in reading about:

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API

Share on social media

Sign up to download

In order to download this PDF, please sign up to our newsletter.

Thanks for submitting the form, click the button below to download our guide.

Click the button below to download our guide.

download box icon