Shady Bets: How to Protect Yourself from Gambling Fraud Online

Introduction

Scammers are becoming increasingly sophisticated in using fake betting game ads to target unsuspecting users across social media platforms. The Group-IB CERT Team has identified more than 500 deceptive ads and over 1,377 malicious websites designed to trick users into downloading fraudulent applications that promise users easy money in a matter of seconds. Despite their appealing claims, these ads are designed to steal personal data and money from users.

In this blog, we’ll focus on how these scams work, how they target users, and the risks involved. Our goal is to help individuals and businesses understand the tactics behind these scams and how to protect themselves from becoming a victim.

Key discoveries in the blog

• Deceptive Ads: Scammers use social media ads that look legitimate, luring users with promises of quick financial gain through betting games.
• Global Targeting: While the majority of the ads detected are focused on Egypt, they have also been spotted targeting various regions, including the Cooperation Council for the Arab States of the Gulf (GCC),  Europe, and Asia, using the same methods but different languages.
• High Risk: Once users engage with these ads, they are instructed to download apps that steal personal data and money that could potentially result in significant financial losses.
• Reputational Damage: Many of these ads impersonate banking and fintech brands, which could cause trust issues with users, as well as reputation damage for businesses.

Global Spread of Scams

Group-IB CERT  discovered these scams across multiple regions, with more than 200 ads targeting Egypt, 160 ads in the GCC, and another 140  in Europe and Asia. The momentum of such scams  have rapidly increased, with scammers continually expanding into new markets.

One of the key tactics used by these scammers is the use of AI-generated voices in different languages, making the ads seem local and trustworthy, regardless of where the scam is being carried out.

Figure 1. A graph depicting the spread of fraudulent betting-related advertisements globally

The Rise of Betting Game Ads

The increase in betting game ads reflects a broader trend in online fraud. Scammers take advantage of social media’s large audience and advanced targeting features to reach vulnerable users. By using flashy ads that promise easy money, they trick users into sideloading fraudulent apps, often distributed through third-party websites or APK files, bypassing security checks on official app stores.

Figure 2. A screenshot of a fraudulent betting app targeting users in the Arabic-speaking region.

A major factor in the success of these scams is the use of fake reviews and testimonials. Scammers flood social media platforms and fake review sites with fabricated success stories to enhance the perceived legitimacy of their fraudulent apps. These fake reviews often include detailed narratives, screenshots, and even photos of “successful” players, creating the illusion of a highly profitable and trustworthy game. Users are tricked into thinking that others have won large sums of money, further drawing them into the scam.

Figure 3. Screenshot of a video depicting a ‘user’ explaining the app and its rewards.

Figure 4. Screenshot of a ‘testimonials’ from other ‘users’ for the fraudulent betting app.

During its investigation, Group-IB CERT discovered social media ads from scammers targeting users in Egypt, featuring advertisements in Arabic, and alleged winnings from other ‘users’ that were generated through the fraudulent betting apps. These ads often highlight winnings or currency in Egyptian Pounds (EGP).

Figure 5. Screenshot (left) and translation (right) of an advertisement on social media promoting the app for the fraudulent betting scam.

Figure 7. Screenshots of alleged winnings from ‘users’ in Egyptian Pounds.

The increase in these advertisements can be attributed to several factors. First, the widespread use of social media platforms has provided scammers with a vast audience and sophisticated targeting tools. These platforms’ algorithms can be manipulated to display ads to the most susceptible users, increasing the likelihood of successful scams. Additionally, the low cost and ease of creating and distributing these ads make them an attractive option for fraudsters looking to maximize their reach and impact.

Executing the Scam

The betting games advertised are presented as legitimate opportunities to win money, but they are carefully designed to trick users into depositing funds, which they may never see again.

Here’s how it typically unfolds:

Figure 8. Screenshot of the registration panel on a fraudulent betting website, where users provide their personal information in order to gain access to the betting games.

Figure 9. (Top) A screenshot of the landing page of the fraudulent betting site, and (bottom) a screenshot of one of the betting games.

Through these fraudulent apps and websites, scammers would steal both personal and financial information from users during the registration process. Victims can suffer significant financial losses, with some reporting losses of more than US$10,000.

Figure 10. A screenshot of user reviews for a fraudulent betting app that was advertised by scammers on social media.

Conclusion

The rise of fake betting game ads on social media platforms represents a growing threat to unsuspecting users. With over 1,377 malicious websites and hundreds of deceptive ads identified by the Group-IB CERT Team, it’s clear that scammers are becoming increasingly sophisticated in their approach. These scams prey on users’ desire for quick, easy money, but ultimately aim to steal personal information and funds.

Understanding how these scams operate and recognizing the red flags can go a long way in protecting yourself and your business. By staying informed and vigilant, you can avoid falling victim to these dangerous tactics and ensure your online security remains intact.

Recommendations

It’s essential for both individuals and businesses to stay vigilant, report fraudulent ads, and ensure they are only interacting with verified and trusted apps. By understanding how these scams work and recognizing the signs, users can better protect themselves from becoming victims of these fraudulent schemes.

Group-IB CERT recommends the following for users:

•   Avoid Untrusted Downloads: Only download apps from official stores like Google Play or the Apple App Store. Be cautious of third-party APK files.
•   Be Skeptical of Quick Money Promises: If an ad promises easy money, it’s likely too good to be true.
•   Verify Authenticity: Check whether the app or ad is associated with legitimate banking or business

For businesses:

Scammers are continuously refining their tactics, often posing as legitimate businesses or leveraging real credentials to deceive their victims. As a result, it is crucial for businesses to safeguard their reputation and online presence to maintain continuity and uphold consumer trust.

Group-IB’s Digital Risk Protection service helps protect both victims and companies targeted by impersonators. Through 24/7 monitoring of social networks, our analysts can swiftly identify and respond to these types of fraud, minimizing the impact on businesses and their customers.