How to Detect Bonus Abuse in Forex Trading

Forex trading became all the rage in recent years – especially so during the pandemic.

But attracting retail investors to your platform requires marketing elbow grease, which notably often comes in the form of welcome, deposit, or rebate bonuses. 

Unfortunately, fraudsters professional and amateur jump at the opportunity to exploit incentives like these. Let’s see how you can detect bonus abuse at your forex trading platform today.

Why Is Bonus Abuse a Problem for Forex Trading?

Bonuses are meant to help attract new customers and retain old ones. When fraudsters exploit them, your FX platform stands to lose a lot:

  • Wasted marketing budget: Every bonus given is money you won’t see back.
  • Attracting fraudsters to your platform: Once fraudsters sign up with your bonuses, they can wreak all kinds of havoc, increasing chargeback rates and bad transactions.
  • Potential KYC and legal issues: Multi-accounting is at the core of bonus abuse. And to create multiple accounts, fraudsters will use stolen identities. This has dangerous ramifications for your compliance mandates.
  • Higher numbers of manual reviews: Filtering out the good from bad users requires time and effort. These are resources your risk team would probably rather spend elsewhere. 
Challenger Bank Reduces Bonus Abuse

Mexico’s leading challenger bank, albo, reduced bonus abuse by flagging bogus email addresses with SEON.

Read the Case Study

How Do You Detect Bonus Abuse in Forex Trading?

As mentioned above, a key point to look at when looking to identify and stop bonus abusers are multiple accounts created by the same person.

It could be a lone, unsophisticated fraudster. Or it can be a large organized crime ring. The results are the same: dozens of accounts, all originating from the same source, attempt to take advantage of your bonus scheme. 

This knowledge should inform how you fight back. Here are some options:

  • Stronger identity verification checks? IDV is ideal in theory, but high-friction in practice – especially when you’re trying to grow your user base.
  • More manual reviews? This would work, but your company may not have the necessary resources. Plus, it doesn’t scale.
  • Behavior analysis? Sometimes, understanding who is going to be high-risk or not requires investigation into how they interact with your FX platform. A sophisticated fraud prevention platform will help you do this.
  • Spotting connections between accounts? This is a key tactic to identify suspicious accounts as soon as they begin signing up on your platform or even claiming bonuses.

In addition to streamlining your bonus abuse prevention, you should also regularly reevaluate your bonus program and adapt it based on your reporting and findings, to find that sweet spot that brings in more customers without incurring too much risk. 

Top 3 Custom Rules for Bonus Abuse in Forex Trading

Now that we have a better idea of our risk strategy designed to catch bonus abusers, let’s dive deeper into the rules to deploy on your FX exchange. 

#1: Users Have the Same Password Hash 

Bonus abusers who create multiple accounts can’t spend hours carefully crafting every signup detail to make a fake identity. Sometimes, they repeat certain elements. And this way, evidence of a connection between multiple accounts slips through the cracks. 

Nowhere is this more evident than with a password hash. This is an encrypted, anonymized identifying parameter generated for each of your users’ passwords. When two of them are the same, it means the users have the exact same password, although you can’t see it.

And when two or more users share the same password hash, the likelihood that you’re dealing with the same person increases.

Two Users

Note that the same rule can be created with a device hash or browser hash. These look at a number of parameters relating to software and hardware configurations (OS, window size, device version, etc.).

You can create unique identifiers based on these configurations to spot connections between users.

device fingerprinting with Hashes

#2: Cookies Disabled by Customer

Speaking of browsers, the one your user chooses to connect to your site offers a treasure trove of information. We’ve already mentioned using their configuration as an identifier, but you can also focus on specific data points that are considered suspicious. 

In the case of this rule, it’s an absence of data points that raises red flags: missing cookies on the user’s side.

Cookies Not Enabled

Why is this suspicious?

Well, there are two potential scenarios. One, you’re dealing with a privacy-focused extension or a fresh new session.

But you could also be onboarding a user who relies on a browser specifically designed to avoid anti-fraud detection.

Here again, this is a pointer that you’re dealing with a fairly sophisticated fraudster who creates multiple accounts manually (or using bots). The fact that they’re trying to avoid identification is exactly what should ring alarm bells. 

privacy focused browsers

#3: Card Country and IP Do Not Match

So far, we’ve looked at two rules deployed at the signup stage. There is another crucial time to monitor users: the time of their first deposit onto your FX platform. 

Chances are that you only allow customers to collect their bonuses after that step, which is why there’s still time to collect more data in order to spot fraud.

Here, a simple custom rule is designed to help us spot cards linked to a geographical location that’s different from the IP address. 

Card Country IP Mismatch

This covers two potential attempts at deception.

  1. The customer is using their real card but signing up with a VPN (which we can also detect) to spoof their IP address.
  2. More worryingly, you could be dealing with a stolen credit card. In both scenarios, you want to increase the risk score for that deposit in order to ask for extra verification.

Finally, it’s also important to note that the type of card you are dealing with can indicate potential fraud. Pre-paid cards, for instance, tend to be higher risk than standard credit cards. These checks are the perfect job for a card BIN lookup tool, such as the one included with SEON.

Learn How Fraud APIs Protect You

Learn how SEON’s flexible system of APIs works, their benefits, and how they can stop fraud at your company.

Ask an Expert

How SEON Helps Forex Trading Companies with Bonus Abuse

SEON was designed to let you gather as much data as possible from your users in real time. This includes gathering a wealth of additional information based only on their signup info: an IP address, email address, or phone number.

We even let you create rules that analyze user behavior in order to filter out low, medium, and high-risk interactions with your platform.

The goal is to let you manage risk more efficiently. For FX trading platforms, this is also key to spotting connections between customers designed to exploit your promos and bonus schemes – including between existing accounts and at signup stage. 

Want to learn more about how SEON can help your forex trading company? Book a demo or sign up for free today.

Related Articles

Share article

Speak with a fraud fighter.

Click here

Author avatar
Bence Jendruszak

Bence Jendruszák is the Chief Operating Officer and co-founder of SEON. Thanks to his leadership, the company received the biggest Series A in Hungarian history in 2021. Bence is passionate about cybersecurity and its overlap with business success. You can find him leading webinars with industry leaders on topics such as iGaming fraud, identity proofing or machine learning (when he’s not brewing questionable coffee for his colleagues).


Sign up for our newsletter

The top stories of the month delivered straight to your inbox