When it comes to sports betting, there isn’t a level playing field

Sports Betting

Photo Credit: WaveBreakMedia | Shutterstock

Andy Still, CTO at Netacea reveals why sports betting is the prime target for cyber-criminals and how they take advantage of the system to exploit bookmakers.

It’s been a long wait for many, but sporting events are finally back. However, experts in the industry expect punters to be cautious and have a look at a few games first to work out what bearing the break and current circumstances will have on games and results.

But whatever the odds, there is one person that wins big, every time: the cyber-criminal. Through techniques such as arbitrage betting, sometimes used in combination with bonus abuse, cyber-criminals are exploiting the business logic of bookmakers using bots. The notion is simple—exploit any odd to their advantage so they win every time, regardless of the game’s outcome. While manually checking all the different odds, across multiple betting sites, using different accounts is time consuming and complicated, bots make the process not only possible, but simple.

Arbitrage betting, therefore, poses a huge threat to the betting industry. While it doesn’t take long for a gambling organisation to earn a lot of money, all that profit can be lost just as quickly as placing a bet if arb-bots attack.

An own goal for cyber-criminals 


Arbitrage betting is when opportunists exploit bookmakers’ different predictions and odds on the outcome of an event. This enables them to place one bet on each outcome, therefore profiting from any outcome. It guarantees the bettors don’t lose money and gives them the possibility of winning big.

Let’s look at the example of a World Cup football match with no possibility of a draw between England and Sweden.

Bookmaker A has Sweden at 8/15 and England at 12/7, while bookmaker B has Sweden at 2/5 and England at 9/4. Say then the opportunist bets £100 on Sweden with bookmaker A and £47.18 on England with bookmaker B. If Sweden wins, they receive a return of £153.30*. While if England wins, they’d see a return of £153.30**. From that bet of £147.18, there’s a guaranteed profit of £6.12***.

Now, if cyber-criminals undertake arbitrage betting multiple times, with larger sums of money, it’s easy to see how serious risk-free profit accumulates. Add bots betting on arbitrage opportunities automatically into the mix, and the problem intensifies.

Bots are used to manage multiple different accounts at once, on behalf of a bad actor. Not only do they scrape bookmakers’ sites, collecting information on odds in real time, but many are also capable of interacting with the front-end of these sites. This means bad actors can programme bots to place arbitrage bets on their behalf. For example, the ‘each-way sniper bot’, automatically places bets on opportunities with only two outcomes. Using arbitrage, it guarantees the actor to win each time, and works 24 hours a day, in effect printing money while the bad actor sleeps.

Levelling the playing field


Many think the answer is to just block all bots. Problem solved. But the bot landscape is more complex than ever. There are bad bots mimicking human behaviour and good bots, such as search engine scrapers, which are key to ensuring online visibility. Not only do companies risk blocking customers through the ‘block all bot’ approach, but seriously hindering marketing and SEO strategies.

Instead, bookmakers must analyse their website traffic and identify patterns of behaviour. There are some obvious red flags. For example, speed—bots will place bets quicker, and in higher frequencies, than a single user ever could. Yet, betting companies must also watch out for unknown IP addresses or traffic from unexpected countries as these too can be characteristic of bad bot behaviour.

But there’s another tell-tale sign. Bots and bad actors exploiting arbitrage betting are likely to place very specific amounts of money, such as in the England vs Sweden example above. This is where the odds are most likely to be out of sync between the different bookmakers.

Yet, to truly protect their betting platforms, bookmakers must go one step further.

By looking at all their website traffic it is possible to build up a profile of what a ‘usual’ user journey looks like. From here, it’s then possible to identify ‘unusual’ user journeys and patterns of behaviour. Once bookmakers can understand and cluster groups of behaviour, it then becomes possible to investigate and take action against the nefarious bots and bad actors, while preserving the user experience for genuine customers.

The sports betting industry must get ahead of the bot problem to ensure profits are maintained and bad actors using bots are stopped. While the ‘block all bot approach’ doesn’t work in today’s complex environment, the industry must deal with this sophisticated threat with a sophisticated response, focused on the behaviour of their website traffic. Then, and only then, will the sports betting playing field truly become level.

*(100 *(1+ 8/15))

**(47.18 *(1+ 9/4))

***(£153.3 – £147.18)


Andy Still

Andy is a pioneer of digital performance for online systems. As Chief Technology Officer, he leads the technical direction for Netacea’s products, as well as providing consultancy and thought leadership to clients. Andy has authored several books on computing and web performance, application development and non-human web traffic.

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...