How to Combat Referral Fraud in the iGaming Industry

Casino operators in both the digital and physical realms know that half of their battle is getting customers in the door. One of the best lures to dangle out on the street is the offer of free money in the form of bonuses and referrals.

But innovations like this always attract the attention of fraudster innovators as well.

Referral fraud in the iGaming industry is, put simply, the abuse of programs put in place to attract new customers through existing ones. A premium is awarded, perhaps in chips or credits, for each person who registers at the online casino, sportsbook, poker room, etc. While most applicants are happy to collect some money from referring a friend to their favorite gambling site, malicious fraudsters see these programs as opportunities for exploitation.

Don’t Gamble with Your Bottom Line

SEON is trusted by leading iGaming providers to stop the savviest of fraud schemes, including bonus abusers, money laundering and affiliate fraud.

Ask an Expert

Why Is Referral Fraud a Problem for iGaming?

Casinos have been targeted by fraud for the entirety of their history. The shift of large gambling operations from brick-and-mortar to digital both opened new avenues for fraudsters to exploit vulnerabilities, as well as offered some unique ways of fighting them.

In 2021, Statista estimated that referral and affiliate fraud accounted for almost 21% of all ecommerce fraud. Considering that online fraud is now a $41 billion dollar industry, this is not an insignificant amount of money – and certainly an amount that companies would prefer not to lose.

By comparison to, say, reaching over a blackjack table and grabbing for a stack of chips, referral fraud can be particularly hard to detect. This is because it often relies on fraud teams noticing patterns of behavior that develop over time. A customer sending lots of profitable referrals and a fraudster exploiting referral bonuses might appear very similar in behavior, until they don’t.

By the time a security team determines which accounts are friendly and which are fraudsters, significant amounts of ill-gotten referral rewards might have been awarded.

Common-sense, low-tech methods of mitigating referral fraud include:

  • offering coupons or free spins/credits instead of cash
  • awarding only the referrals that actually engage with the gaming platform
  • introducing hard limits to referrals and rewards

The obvious drawback of these methods is that they may attract fewer new customers than the offer of free money – everyone knows what to do with free money. 

Apart from the losses to paying out bonuses that don’t result in a healthy addition to the customer base, referral fraud can also increase overhead by adding to the workload for manual review teams and the costs associated with heavy KYC checks, where needed. 

How Do You Detect Referral Fraud in iGaming?

A meticulous fraud prevention software suite alongside a smart fraud analyst team are the best line of defense against referral fraudsters. 

Referral fraud can manifest in iGaming wearing different masks, though its goal is always the same. Knowing what kind of fraud is being perpetrated is a huge part of the fight against it.

Consider: Are the referral fraudsters…

  • self-referring by creating many new email accounts, or using hacked ones to create accounts and refer themselves?
  • directing referral traffic through an external website gateway, like a forum, coupon site, or other shell website that only leads to your site?
  • exploiting a technical loophole in the security infrastructure?

In all likelihood, the fraudsters that iGaming operators have to deal with will fall into one of these categories, each of which necessitates its own detection and prevention strategy.

In addition to a fraud team with a keen eye and healthy suspicion, algorithmic fraud detection software such as SEON can be adjusted to target referral fraudsters. To close the common loopholes exploited, there are some key points that can be scrutinized for suspicious data elements:

  • Phone numbers should be monitored for instances of burner phones. The same goes for internet phone numbers used to create dummy accounts, which get a referral payout but don’t actually contribute to the casino’s economy. 
  • Email addresses should be scrutinized to make sure the email account was not created purely for the purpose of a false referral. A sign of this can be a lack of historical data breaches or having no social media accounts or site registrations associated with it. For example, according to, only 10% of bonus abusers have registered Meta accounts).
  • IP addresses can be checked for signals associated with location obfuscation, like VPNs and data center proxies. These anonymized IPs can be used to create a network of false referrals that don’t represent actual users.
  • Device fingerprinting helps ensure that a single fraudster is not sitting at home creating new accounts to refer themselves. 
  • User revenue from new, referred customers should eventually be on par with the general user base. Where several referred users are under the average threshold can potentially indicate they are gaming the system.

Any fraud prevention suite worth its salt should be able to implement checks on these data points as they move through the iGaming website’s user experience.

That software should be able to develop insights on patterns and outliers emerging in the user base, helping fraud teams to detect instances of shepherding users to a particular referral email that don’t comply with referral T&Cs, for example.

Top 3 Custom Rules for Referral Fraud in iGaming

Referral fraudsters often fall into certain patterns to do their dirty work.

Here are some rules to deploy within your fraud fighting infrastructure to cast a net over their activity and maintain your bottom line. 

#1: Monitor Device Hashes for Signs of Multi-Accounting

If your site pays out cash bonuses immediately, fraudsters abusing referral programs may use dummy accounts to send referrals to their own account and collect the rewards. Device hashes are unique datasets that reflect a user’s specific computer or mobile device, akin to a device’s fingerprint.

These kinds of fraudsters can be detected and stopped by configuring fraud software to look for anomalies where many users have the same device hash, and all of them are directing their referrals to a particular account (or accounts). At SEON, there are also default rules in place to detect both spoofing and browsers that show signs of automated bot behavior.

Introducing rules like this will allow you to attach a customized risk score to the account activity, or set it to be automatically declined or escalated to a manual review.

In the interactive guide above, you can see what data can be unpacked with SEON.

Notably, the discovered device data can be layered with other APIs, and custom rules can be set from the various unique hashes generated, stopping the user journeys of suspicious device hash matches that may indicate a multi-accounter.

#2: Check for Newly Created Email Addresses

Similarly, the average multi-accounting referral fraudster will need a large number of dummy emails to register to your iGaming platform (and then refer to themselves to collect the bonus).

Freshly-minted emails and disposable domains are already a reasonable warning sign. According to, 92% of referral fraudsters will be using a email new enough that it will not have any historical data breaches. 

New Email No Data Breaches

The screenshot above shows a default rule set up inside SEON’s dashboard, which adds to the fraud score of an email address found not to have any online activity, despite the system checking over 90 social media and online platforms in real time.

No legitimate user is likely to never have used their email to sign up for a site like TripAdvisor or a social platform like LinkedIn, for example, so this should raise a red flag.

#3: Watch Out for Anomalous Velocities in Referrals

On-the-ground components of referral fraud are harder to catch for software, and certainly require human insights to go along data ones.

Consider, for example, a fraudster recruiting referees at, say, a University campus. Maybe they hold up a tablet device to the student and say something like, “Hey! Sign up for this online casino and use my email address at the referral stage for a chance to win a t-shirt!” Then dozens or hundreds of referrals flow in, but almost none of them convert to actual customers. 

If your fraud or referral team notices an anomalous amount of payouts, custom rules can be set up to exclude a particular user or particular range of IPs.

SEON’s default cookie hash velocity rule can also detect when multiple people are using the same browser repeatedly, without clearing the cookies. This way, even if the user is genuinely a new person, workarounds like the one above are harder to execute.

Cookie Hash

Here, SEON’s machine learning has noted a pattern of suspicious behavior in this user and created a cookie hash to detect different accounts from the same browser. Further activity from users on this browser can be set to always be declined or sent to manual review automatically.

Combat Multi-Accounting with SEON

SEON’s fraud-fighting platform lets iGaming platforms catch multi-accounters, helping stop referral fraudsters and bonus abusers.

Ask an Expert

How SEON Helps iGaming with Referral Fraud

SEON’s advanced, modular API calls cast a broad net over fraud techniques of many kinds, including methods most commonly used by referral fraudsters. 

In industries like iGaming, where getting customers in the digital door is a costly process already, this low-friction experience is crucial to keep your operations in the black, so to speak. SEON’s platform introduces as few points of customer friction as possible while also aggregating the maximum amount of data possible based on submitted as well as passively collected information.

This way, stopping the laziest forms of automated referral fraud is simple, and the tools to uncover the more complex scams are at your fingertips to leverage and fine-tune according to your risk appetite.

Related Articles


  • Talkable: Preventing Referral Program Fraud: Actionable Tips and Trusted Methods
  • About-Fraud: Bonus Abuse in iGaming (infographic)
  • Statista: Most common types of fraud attacks experienced by online merchants worldwide in 2021

Share article

Subscribe to our newsletter

Get anti-fraud and compliance insights and tips from SEONs experts.

Author avatar
Tamas Kadar

Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.