Bonus Abuse in Gambling: Types, Risks & How to Prevent It 2025

Bonus abuse—the deceptive exploitation of promotional offers—is a growing problem in iGaming today. For companies, it means financial losses and reputational erosion; and for those who commit it, it can bring serious consequences in many jurisdictions. In one notable case, Jon Howard from the UK was jailed for five years for his role in a bonus abuse scheme believed to have earned £236,000 (~$320,000), which involved more than 1000 online gambling accounts. 

Bonus abuse accounts for 63.8% of all fraud in the iGaming sector, which has seen overall global fraud rates double in the last two years, according to Sumsub’s 2025 iGaming Fraud Report. 

Despite these striking numbers, companies often overlook bonus abuse. Unlike many other types of fraud, it can be performed by both criminals and legitimate customers—which makes it harder to spot. Yet, gambling platforms have to introduce new promotions in order to attract new customers and keep loyal ones happy. So, what should a company do to ensure its promos aren’t abused? 

We decided to answer this question by diving into bonus abuse and its most common types. We’ll also share some tips on confronting fraudsters while ensuring that promotions reach the intended audience.

What is bonus abuse in gambling?

Bonus abuse (otherwise known as promo, or promotional, abuse) is when customers misuse a company’s promotional materials. This can be referral bonuses, vouchers, sign-up bonuses, coupons, or discounts. While such campaigns aim to attract new audiences, certain individuals attempt to trick the system by taking more than their fair share—and, often enough, they succeed. 

In iGaming, bonus abuse refers to players exploiting promotional offers, such as welcome bonuses or free bets, in ways that aren’t intended by the casino or gaming platform. This often involves creating multiple accounts or using loopholes to maximize winnings unfairly, leading to significant financial losses for operators.

Bonus abuse fraudsters are now increasingly using AI as part of their schemes. This can allow them to rapidly generate multiple accounts, making it even more challenging for iGaming companies to stay ahead of them.

How bonus abuse works

Both fraudsters and customers start from the same place, which is creating multiple accounts. The main difference is in scale and in the details. For example, a person can send a referral link to themselves or alternate between several accounts to continue free trials.

Popular bonuses in iGaming

There are popular promotions in iGaming that are often targeted for bonus abuse:

• Welcome bonuses: Generous sign-up bonuses meant for new players, often with a deposit match or free spins, can be exploited by creating multiple accounts.
• No-deposit bonuses: Bonuses given without requiring an initial deposit attract abuse, as players can cash out small wins without risking their own money.
• Cashback offers: Promotions that return a percentage of a player’s losses are sometimes abused by players who attempt to meet minimum betting criteria to qualify.
• Reload bonuses: Similar to welcome bonuses, these offer extra funds on subsequent deposits, which some players exploit by coordinating deposits and withdrawals.
• Free spins and free bets: These allow players to try games without spending their own money, sometimes exploited by players who use multiple accounts to maximize winnings.

There are ways to abuse all of these campaigns:

– Any customer can create several accounts to get one free trial period after another, never paying for the subscription. 

– Sometimes, fraudsters pay someone to complete the KYC process and create an account for them. The amount they pay is much smaller than the potential winnings they expect to earn using the new account. This scheme is nearly impossible to detect through KYC alone, making advanced monitoring systems essential to prevent it.

– People can also abuse loyalty rewards by taking over accounts and transferring the bonuses to themselves or changing billing addresses. All of this can financially damage a company and lead to lengthy court proceedings. 

Any campaign can be subject to bonus abuse. Therefore, companies have to take action.

Suggested read: Uncovering the Latest Fraud Tactics in iGaming: “What The Fraud?” Podcast

Types of bonus abuse

Let’s break down the types now. There are different tactics used by fraudsters to carry out bonus abuse:

• Multi-accounting. Creating multiple accounts for the same iGaming platform allows a scammer to repeatedly take advantage of welcome bonuses and other promotions.
• Syndicates. Groups of players working together to identify and exploit the most lucrative bonus offers across the iGaming industry.
• Bonus hunting. Signing up to many different iGaming sites to receive welcome bonuses, playing the minimum amount to qualify for the bonus, then withdrawing the funds. Bots are often used by fraudsters for this, allowing them to operate on a much bigger scale. 
• Arbitrage betting. Placing bets on every possible outcome of a single event with various different companies. By taking into account the different odds offered by the different companies, the bettor is able to guarantee a profit. This is another area where bots are commonly used, allowing large numbers of bets to be placed in a short space of time.
• Chip dumping. Losing intentionally to other players or other accounts the fraudster controls in games such as online poker. This can allow a player to meet the requirements to receive a bonus and can also be used in money laundering to transfer funds to another person under false pretences.

In 2025, technology is also helping bad actors carry out bonus abuse. Where fraudsters use bots such as ‘sniper bots’ (used to place last-minute bets), it can make it even harder for iGaming operators to fight bonus abuse. Using AI-powered tools to detect bonus abuse is now the only realistic option in most scenarios.

Bonus abuse vs friendly fraud

Bonus abuse is not the only form of fraud that iGaming companies experience. Another common issue is so-called ‘friendly fraud,’ which can also be committed against iGaming platforms. Friendly fraud occurs when a legitimate customer attempts to reclaim their losses by disputing charges with their bank.

What typically happens is that a player puts money into their account, places bets, and then asks their bank to reverse the charge to the iGaming company, claiming it was fraudulent. This is a subtype of ‘chargeback’ fraud. 

Customers may commit friendly fraud for various reasons, including where they have lost money or regret gambling. It can simply be a case of an otherwise law-abiding person panicking when they have lost money and not realizing that they are committing fraud. However, friendly fraud can still cause very significant losses for iGaming companies, so must be tackled effectively with payment fraud protection tools.

What are the risks of bonus abuse?

Bonus abuse presents a variety of risks to iGaming companies, including:

• Financial losses. A third of operators estimate that fraud costs them 10-20% of their annual revenue. Financial losses from bonus abuse can be particularly significant—in fact, it’s the costliest type of fraud for iGaming operators. Even more serious losses can occur if a company faces restrictions or if its license is suspended or revoked following a regulatory investigation for failing to prevent fraud in general and bonus abuse in particular.
• Increased operational costs. Dealing with bonus abuse takes time, money and resources, significantly adding to companies’ operational costs. Therefore, cost-effective iGaming fraud prevention solutions are critical to managing bonus abuse risks.
• Regulatory consequences. iGaming operators have strict regulatory responsibilities to prevent bonus abuse in many jurisdictions. For example, in the UK, operators have a responsibility to prevent bonus and promotional offers from being exploited by criminals as part of their licensing compliance requirements. Compliance breaches could lead to consequences including financial penalties, licensing restrictions and, in the most serious cases, loss of gambling licences.
• Reputational damage. If it becomes public knowledge that an iGaming company has experienced serious bonus abuse (e.g., following a regulatory penalty), this may deter legitimate customers who are likely to be concerned about the platform’s security and fairness.
• Loss of legitimate customers due to strict wagering requirements. One approach iGaming companies can take to prevent bonus fraud is to have strict wagering requirements (e.g., needing to re-stake winnings achieved using bonus funds multiple times before being allowed to make a withdrawal). However, this can put off legitimate players who may consider such bonus offers to be a scam and lose trust in the operators.

Consequences of bonus abuse for iGaming companies

It might sound like a couple of customers getting an additional $10 or so from a giant promo campaign shouldn’t cause an issue. However, when this gets scaled to thousands of people simply taking money and not turning into actual customers, it’s a different story. Not only does this have a negative financial impact, but it also puts a company in a bad spot, as it diminishes its reputation and makes loyal customers feel less important. 

To prevent abuse, bonuses often come with rules, like wagering requirements. A wagering requirement is a condition applied to a promotion that specifies how many times a player must bet a bonus or deposit amount before they can withdraw any associated winnings.

However, these rules can make bonuses feel complicated or unfair to honest players, who might even think they’re scams—without realizing the restrictions are there to stop misuse. Casinos try to limit bonuses to prevent fraud, but honest players often see these bonuses as scams because they’re becoming so difficult to claim and use.

So, should companies just stop doing promo campaigns? Unfortunately, this isn’t the solution, as the very same campaigns have been proven to attract new customers and keep loyal ones happy. What companies should do is put more thought into protecting themselves. This can be done by tracing red flags, introducing stricter rules for campaigns, and implementing security systems on their websites and apps. 

Let’s see how bonus abuse can be successfully detected without stopping or complicating promo campaigns.

Bonus abuse red flags

Here are the warning signs of bonus abuse operators should pay attention to:

• Multiple accounts with similar details: Players creating multiple accounts with slight variations in personal information to repeatedly claim bonuses.
• Unusual betting patterns: Abnormally high bets with bonus funds followed by low-risk bets to meet withdrawal requirements.
• Rapid withdrawal requests: Players requesting withdrawals immediately after meeting the minimum play-through requirements without further activity.
• Use of VPNs or proxies: Players hiding their location to bypass regional restrictions or claim bonuses in multiple locations.
• Frequent sign-ups from the same IP or device: High numbers of accounts registered from the same IP address or device, indicating possible collusion or account farming.

These warning signs often signal attempts to exploit promotional offers rather than engage with the platform as genuine players.

How to detect bonus abuse in 2025

Various methods can be used to detect and prevent bonus abuse, including:

• Device fingerprinting: Identifies if the same device is being used for multiple accounts or if multiple devices are accessing the same account.
• IP address monitoring: Flags issues such as multiple accounts being accessed from the same IP, frequent changes in IP addresses, or suspicious use of VPNs and other proxy technologies.
• Email analysis: Detects suspicious patterns, such as groups of closely related email addresses (e.g., [email protected], [email protected]).
• Phone analysis: Identifies issues such as multiple accounts using the same phone number or numbers linked to known high-risk entities.
• Velocity checks: Flags high rates of account sign-ups or cash-outs, which may indicate bonus fraud activity.
• Play pattern analysis: Detects behaviors associated with bonus fraud, such as always placing the maximum allowable bet or sticking to low-risk games.
• Cash-out behavior analysis: Flags instances where players rapidly withdraw winnings shortly after opening an account, suggesting potential bonus abuse.
• Player profiling: Creates profiles based on legitimate behavior patterns, helping to spot atypical actions that may indicate bonus fraud.
• Cross-platform information sharing: Enables iGaming companies or brands within a company to share information on specific fraudsters and broader fraud patterns, helping identify and prevent bonus abuse earlier.

How to prevent bonus abuse in 2025

When confronting bonus abusers, companies still have to keep legitimate customers happy. Therefore, companies need to find a solution that fits everyone. 

Step #1. Ban multi-accounting in Terms of Service

First and foremost, iGaming operators must ensure their Terms of Service explicitly prohibit the use of multiple accounts by the same player (multi-accounting). The customer sign-up process should also be designed so that new users acknowledge that they have read and accepted the Terms of Service. Without this, a fraudster could argue that the operator never clearly banned the behavior, making it harder to enforce account closures, withhold bonuses, or take other corrective actions. Operators should also include wagering requirements in the Terms of Service to prevent abuse of promotional bonuses, ensuring that all players meet the defined betting conditions before withdrawing any winnings.

Step #2. Make more robust promo rules

If all a person needs to get a bonus is to register or simply click a link, there’s a huge risk of losses. Before organizing any campaign, companies should think of all the possible scenarios fraudsters and threat actors may use to abuse these bonuses—and create rules accordingly. For example, companies can award bonuses only after a customer makes their first purchase or impose other wagering requirements, such as needing to re-stake any winnings earned using a bonus a set number of times before they can cash out. However, the strictness of any wagering requirements must be balanced against the risk of putting off legitimate players, and they must comply with any regulatory requirements (such as those being introduced by the UK’s Gambling Commission).

Step #3. Use fast, effective identity verification and device intelligence

Another must-do is implementing an efficient Know Your Customer (KYC) solution to help conduct proper identity verification. This may include device intelligence (to ascertain who is using a particular device to set up an account), address verification, and document verification.

This way, companies will be able to spot multiple accounts created by the same person. Additionally, they can check digital footprints, device fingerprints, emails, and user behavior. AI anti-fraud solutions are now critical to this process, especially due to the growing use of bots by bonus abuse fraudsters. These anti-fraud tools include AI-powered advanced identity verification tools, such as biometric and liveness checks, behavioral analytics, device fingerprinting, and anomaly detection. 

These tools allow companies to quickly spot fraudsters who managed to present themselves as legitimate customers during the initial check without making the verification process so slow that it puts off legitimate customers. 

Yet, companies should remember that too many checks will lead to drop-offs in new customers. To avoid this, they can separate the checks into several stages. For example, users can be initially onboarded using a pre-screening process like email and phone risk assessment, followed by document-free verification. Over time, the user can be put through additional checkpoints as they use the service.

Step #4. Place limits on bonus promotions 

Companies should put limitations on vouchers, as some users may use and re-use the same one for years. Therefore, it’s important to ensure that bonuses can be used only once. 

Step #5. Make promo codes harder to abuse

Companies should use non-generic promo codes. For example, if your Christmas discount code is simply “X-Mas”, chances are that people will guess it and abuse your promo without adding any value to the company.

Step #6. Analyze links and track locations

Another way to spot promo abusers is to look at IP addresses and check the location. If you see that several accounts were created from the same IP address, then there is a significant possibility that you are dealing with multiple accounts. The same goes for several accounts created using a VPN IP address. To analyze all of this, companies can use special tools such as device fingerprinting or determine proxy IPs using VPN solutions.

Use Case: Goldrush Group Tackles Multi-Accounting with Sumsub’s 10-Second Verification

The Goldrush Gaming Group operates a range of gaming brands, including leading South African sports betting sites Goldrush.co.za and Gbets.co.za. They came to Sumsub for help with several challenges, including an increase in fraudulent accounts and fake IDs.

Goldrush.co.za and Gbets.co.za had been reliant on manual customer verification, which made detecting suspicious users difficult, creating operational risks and slowing down the onboarding of legitimate users. Bonus abuse through duplicate accounts was a particular issue of concern.

Using our ID Verification, Liveness & Face Match, Email Verification, and Ongoing AML Screening tools, the client was able to reduce verification times to 10 seconds, optimize the customer onboarding experience, and streamline the overall customer journey. This has empowered Goldrush.co.za and Gbets.co.za to swiftly identify and block applications for duplicate accounts, reducing the potential for bonus fraud while delivering a better experience for legitimate customers.

Onboard players fast and spot risks easily

The best solution for iGaming operators to reduce fraud risks, remain compliant, and ensure a flawless reputation would be to use Sumsub’s full-cycle verification and fraud prevention solution for iGaming.Get the first full-cycle verification platform for iGaming. Accelerate onboarding and deter all fraud in real-time

Sumsub prevents all gambling-specific fraud in real-time, including:

• Promo abuse
• Affiliate fraud
• Account takeovers

Sumsub’s full-cycle verification and fraud prevention solution also allows you to:

• Securely onboard new players from over 220 countries and territories in less than 30 seconds
• Utilize Non-Doc Verification in jurisdictions where it is allowed
• Set red-flag rules to identify vulnerable players and ensure Responsible Gaming compliance
• Verify proof of identity and proof of address in any language in under a minute
• Onboard age-verified gamers only

FAQ

• What is bonus abuse in iGaming?

  Bonus abuse in iGaming is where players misuse promotional offers, such as bonuses, to claim more than the iGaming company intended. Common bonus abuse methods include creating multiple accounts to receive the same bonus several times and exploiting loopholes to achieve an unfair advantage that maximizes the player’s profits.

• What is an example of bonus abuse?

  An example of bonus abuse is when a player creates multiple accounts to repeatedly claim a welcome bonus intended for new users only, thereby gaining an unfair advantage and winnings.

• How do fraudsters exploit casino bonuses?

  Fraudsters can exploit online casino bonuses in a number of ways. For example, a player might open multiple accounts with the same casino to claim a welcome bonus more than once. Players may also collaborate to take advantage of casino bonuses, such as through ‘chip dumping,’ where they play online poker as a group and intentionally lose to each other to meet the playing requirements needed to qualify for bonuses.

• What is promotional abuse?

  Promotional abuse is the exploitation of marketing offers, such as discounts, free trials, or bonuses, in ways that violate the terms and intent of the promotion, often leading to financial losses for the offering company. “Promotional abuse” and “bonus abuse” are often used interchangeably.

• Is promo abuse illegal in online gambling?

  Promo abuse is illegal when it crosses the line into fraud. Additionally, some tactics used by bonus abusers may be illegal in their own right and will almost certainly violate the terms of service of an iGaming platform. Examples of situations where promo abuse could involve additional illegal activity include creating counterfeit coupons and/or using stolen identities to open accounts.

• How can bonus abuse be prevented?

  Strategies iGaming companies can use to prevent bonus abuse include adopting an efficient KYC solution to detect fraudulent accounts without inconveniencing legitimate players, creating more complex promo rules to reduce abuse, limiting how often promotions can be used, making promo codes harder to guess, and monitoring players’ IP addresses and locations to identify those using multiple accounts.

• What tools help to prevent bonus fraud?

  Know Your Customer (KYC) and device intelligence are among the most effective ways to prevent fraud in iGaming, including bonus abuse. They help prevent fraudsters from creating multiple accounts, a common tactic in bonus fraud.

• How to detect multiple accounts in online casinos?

  Checking player IP addresses and locations is one of the most effective ways to spot multi-accounting. If more than one player account is active on the same IP address and/or in the same location, this could be a sign of multi-accounting. Multiple accounts using the same VPN IP address can also be a red flag. Know Your Customer (KYC) tools, including ID Verification and Liveness & Face Match, can help to pick up people using multiple accounts while allowing legitimate players at the same address to create separate accounts.