The Rise of Bot Traffic at iGaming Brands

Posted by Harry Kane on Saturday, August 14, 2021

While we have yet to see the amount of money actually wagered at UK sportsbooks during Euro 2020, a comprehensive YouGov poll conducted prior to the tournament found that up to 18% of British adults intended to place at least one wager during the four-week period.

What’s more, 35% of respondents claimed that their hunch or feel is the most important factor when determining how to bet, with this suggesting that Brits will have wagered huge amounts on England to prevail against Italy in last Sunday’s final.

Interestingly, recent studies have also shown that bot traffic on sportsbooks and gambling sites increased both immediately before and during Euro 2020. But what did the research actually reveal and what can we learn going forward?

What Did the Research Tell Us?

The most recent research was carried out by cybersecurity company Imperva, while it revealed that bot activity on global betting and gambling sites increased by a staggering 96% year-on-year in the weeks before the tournament.

What’s more, this activity increased by 26% through April alone, as operators (and particularly major sportsbooks) increased their advertising spend in anticipation of the Euros and an incredibly busy summer of sport that will also include the Olympics.

The week prior to England and Scotland kickstarting their respective Euro 2020 campaigns saw heavy targeting on bot operators, with the days immediately before England’s first game against Croatia creating a particularly high level of risk.

OK, we hear you ask, but what is the fundamental risk here? Well, bot activity tends to be focused on account breaches and takeovers, with a view to obtain bettors’ digital wallet data and payment information and ultimately gain access to their hard-earned funds.

Overall, the number of such attacks increased by two or three times when England played a Euro 2020 game when compared to other days during the tournament, with UK operators reporting the biggest spikes and increase in risk levels.

However, operators in other countries were also targeted, with German betting brands reporting a 41% hike in bot attacks in the immediate aftermath of Germany’s impressive 4-2 win over defending champions Portugal.

Thanks to the impressive data collation and analytical tools available at the Imperva Research Labs, the team has been able to identify a clear “pattern of attacks getting larger as the tournament progressed, with a noticeable peak occurring on June 26th (which marked the commencement of the round-of-16 fixtures).

According to Edward Robets, who’s the Director of Strategy and Application Security at Imperva, “this level of sustained bot activity is unprecedented for sports and gambling sites and indicates that operators are evolving their tactics successfully”.

“For example, Euro 2020 is the first major international tournament where, thanks to the coronavirus, typical revenue sources such as ticket scalping have disappeared”.

Because of this, there’s no doubt that bot operators have re-engineered their tactics to target the rest of us watching at home instead, creating a new risk from the perspective of operators and yet another challenge in terms of safeguarding individual players and regular punters.

What is Bot Traffic?

Ultimately, the timing of such attacks was crucial, as they were able to targe players just as they were loading up their accounts with significant sums ahead of a sustained period of wagering during the Euros.

It’s thought that VIP customers will have been at a particularly high risk, thanks to their penchant for high wagers and extended periods of betting.

Of course, bot activity has been a common threat to sportsbooks and online casinos for years now, with this referring to the part of online traffic that gives rise to actions artificially generated by automated bots and spiders.

However, bot activity is also hard to both identify and quantify, making the evaluation of the real-time risk particularly challenging unless we witness the type of obvious spikes observed in the build-up to Euro 2020 and during the tournament.

According to Shield Square, which recently completed the analysis of more than one million websites, their team identified that a staggering 50% of all web traffic comprises bots, highlighting the challenge facing online operators and particularly remote sportsbooks across the globe.

Unfortunately, bot activity can also be particularly costs for sportsbooks, especially when you consider the amount of cash that may become vulnerable to the machination of operators and hackers.

This is certainly true when you consider the organised nature of hackers, who are able to harness the power of automation to speed up tasks and facilitate intuitive bot programs that require minimal effort to oversee.

Of course, the same power of automation is what underpins so-called “good” bots, which are often used to crawl sites and collate complex datasets for the purpose of SEO and determining search engine rankings.

The good news is that the technology clearly exists to help combat bot activity and repel the machinations of hackers, which includes powerful, 128-bit SSL encryption and two-factor authentication on certain devices.

The biggest iterations of bot activity include automated scripts and tasks, which are specifically designed to compromise websites and spread malware. Ultimately, this can contribute to a weakening of account security and the increased risk of theft, leaving sportsbooks at the mercy of sophisticated hackers.

The Last Word

This rise of bot attacks highlights one of the many security challenges facing iGaming brands and sportsbooks in the digital age.

We can also see that the risk becomes even more prominent during times of increased wagering activity and high profit wagering markets, as bot operators look to target high-rolling accounts directly and gain control of individual’s digital wallets.

As a result of this, it’s little wonder that operators are continuing to invest in hiring adequately skilled tech and cybersecurity employees, as a way of warding off this growing threat and safeguarding the interests of players.