The Impact of Bad Bots in Gaming

Account takeover (ATO) attacks occur when a threat actor obtains personal information with the intent to illegally log in to a target account.

Gambling ATO attacks are becoming an increasingly common and costly problem. Posing as a genuine customer, a threat actor can use gambling bots to fraudulently change account details, withdraw funds or loyalty benefits, make online purchases, and leverage the stolen account information to access other accounts on different websites.

Web scrapers are used to quickly gather a large quantity of data from a target website or mobile application to be repurposed elsewhere.

In the gaming industry, scrapers are used to scrape odds from across websites by competitors and aggregators, who will use the data to manipulate odds to their own advantage or promote bets to the deliberate detriment of a business.

Arbitrage (arb) betting bots exploit imbalances in the odds across multiple bookmakers, using bots to place bets on multiple outcomes to guarantee that the bets don’t lose money. Automation makes compiling odds from multiple sportsbooks quick and easy; the bot operator can then promote which bets and what stakes are needed to guarantee a profit.

This activity amplifies the chances of the bookmaker being on the losing side and is detrimental to overall gross win percentage.

Incentives such as sign-up bonuses or credits for new and existing players are common in the gaming industry. These bonuses are effectively free money that can be leveraged to maximise the player’s profitability.

Bad actors target these offers, creating multiple free accounts and even bypassing restrictions on qualifying bets when used in combination with arb-betting.

The challenge for gaming organisations who lack the support of a sophisticated bot management solution is preventing the scale-up technique. Fraudsters utilise automated bot traffic to create multiple accounts from a variety of IPs and place their stake before internal teams can detect and stop the activity.

Try Netacea

Empower your business with control over bot traffic and the ability to detect bots and block malicious traffic in real-time.

  • Machine Learning Bot Detection
  • Access Shared Threat Intelligence
  • Rapid Attack Response & Real-Time Insight
  • Quick & Seamless WAF/CDN Integration
Get a Demo