Internet Betting Sites, Apps Fertile Ground for Fraud, Says TransUnion

Posted on: March 24, 2024, 09:15h. 

Last updated on: March 25, 2024, 11:20h.

Digital scammers are increasingly focusing on internet betting sites and mobile applications, with the U.S. being one of the prime jurisdictions for their misdeeds, according to a new study from TransUnion.

FBI cyberattack Scattered Spider MGM Caesars
Online betting sites and mobile apps are increasingly targets of digital fraudsters, according to TransUnion. (Image: FBI)

In its recently published State of Omnichannel Fraud Report, TransUnion noted that overall data breaches surged 15% last year to all-time highs. The research firm added that nearly 14% of all newly created digital accounts are started for fraudulent reasons.

Data breaches are a leading indicator of future fraud as cybercriminals steal credentials in unprecedented numbers,” noted TransUnion. “Now more than ever, knowing the identity of the person you’re dealing with is central to every organization’s fraud prevention strategies.”

The gaming industry has already experienced its share of high-profile cybersecurity issues. Last year, MGM Resorts International and Caesars Entertainment, the two largest operators on the Las Vegas Strip, were targeted by the same groups of hackers. Caesars paid at least $15 million to the cyber bandits, while MGM didn’t comply with such demands, incurring a $100 million loss as a result of the event.

iGaming, Sport Bet Sites Targets

Internet casino and poker platforms, as well as sports wagering sites experienced a noticeable uptick in digital fraud last year, with much of it tied to promotional offers.

“Despite retail’s overall exposure to fraud, gaming (online gambling) experienced the highest rate of suspected fraudulent transactions in 2023 in the most (six) markets analyzed: Colombia, the Dominican Republic, Kenya, Puerto Rico, Spain, and the U.S.,” observed TransUnion.

Both land-based and online gaming companies collect large amounts of personal data from clients, making operators desirable targets for cybercriminals and fraudsters. For example, regulated sports wagering mobile apps and websites may require customers to upload government identification and mandate that bettors provide financial information with which to fund accounts. Those items are sought after by fraudsters.

“This early phase new account digital fraud may represent a paradigm shift of sorts among fraudsters,” Steve Yin, senior vice president and global head of fraud solutions at TransUnion, said in a statement. “In lieu of using traditional tactics to gain access to and ultimately compromise existing accounts, they are increasingly choosing to create new accounts that they can control themselves. These fraudsters leverage synthetic identities assembled in large part through the use of credentials gathered as a result of one or multiple data breaches.”

Some online gaming companies have already had run-ins with fraudsters and hackers. In late 2022, DraftKings acknowledged approximately $300K was swiped across 68K client accounts, and that the bad actors likely gained access to clients’ names, addresses, phone numbers, and email addresses. That’s along with the last four digits of their payment cards, their account activity, and the date of their last password change.

Gaming Epicenter of Digital Fraud in US in 2023

Of note to bettors and operators alike is the point that in the U.S., the gaming industry had the highest rate of digital fraud in 2023 at 10.9%. TransUnion pointed out that the percentage refers to the location of the victim at the time the crime was committed.

Puerto Rico, a U.S. territory where several well-known gaming companies offer mobile sports betting, saw gaming account for 10.2% of digital fraud last year.

The top five industries in terms of percentage of digital accounts created for fraud are retail, travel and leisure, video gaming, social communities, and betting, according to TransUnion.