Three weeks ago, Greco’s Co-Founder, Ozric Vondervelden, dropped a bombshell: the first-ever in-depth video interview with a professional bonus abuser, known only as “Stalker”.
In the fully anonymised four-part series published on LinkedIn, Ozric exposed how the shadowy underworld of professional bonus abuse works and, for the first time, provided industry stakeholders with an unfiltered look at the tactics and approaches employed by fraudsters – and the revelations were startling, from manufacturing identities to grossing six-figure profits.
To unpack the findings and discuss how the industry must change if it’s to tackle bonus fraud, iGamingFuture’s Curtis Roach invited Ozric for an exclusive debrief – read on.
When you sat down with “Stalker”, the professional bonus abuser, what did you hope to learn—and what ended up shocking you most?
“I wanted a candid look at the current economics of abuse. I expected clever tactics; I didn’t expect the scale of his operation.
“Stalker earns between $100,000 (£80,000) and $150,000 (£120,000) every month and spins up 50–100 fresh accounts every week – these figures reframe bonus abuse from a nuisance into a material line-item on the profit and loss sheet.
“And of course, Stalker is not the only one.”
A six-figure monthly profit implies a multimillion-pound annual leakage for operators. What does that tell us about current defences?
“It tells us that operators have large blind spots, seemingly due to a disjointed relationship between CRM, content management, platform function, and risk management.
“These are generally siloed departments, and the cracks between these functions are the same cracks that are being exploited.
“Instant withdrawals have also made it quite difficult for operators to react in time. Stalker is specifically targeting operators with instant withdrawals for this reason.”
Stalker buys identities and even manufactures “real fake IDs”. Where are the weak points in today’s player verification processes, and how can they be tightened without throttling genuine onboarding?
“The short answer is that you cannot – it’s a trade-off between user experience, cost, and risk management.
“Even when adopting the best solutions, the real weakness is that verification solutions don’t often have meaningful databases to cross-reference (excluding countries that have centralised government verification processes or mandated open banking). This makes synthetic identities a real issue. Anyone can essentially come up with a name and address, create a fake utility bill and ID, and appear in front of a camera for a liveness check.
“We can verify that the provided information is consistent, but there are significant gaps in understanding whether it is a real person. That’s without considering the challenges operators face with stolen/scraped IDs, or IDs that are being used with the owner’s permission.”
He described using ultra-low-stake dice bets to farm high-EV promos. What does that reveal about bonus design, and how should thresholds be rebuilt?
“This is part of a broader trend we are seeing with players undermining CRM segments. It exposes a wider issue. Operators often get it wrong when measuring the value of a player.
“The industry is built around volatility, and with a small sample size, a player’s performance is largely determined by luck. We need to instead look at what the player should have won or lost based on probability.
“Imagine every interaction a player had was repeated 100 million times, and the results were averaged. This is the true value of that play.”
Stalker shrugged at device fingerprinting, calling it a “losing game” for operators. Do you agree?
“The reality is that any data point that a fraud tool can track can be altered by a user. Fraud tools are an essential line of defence, but they’re not a silver bullet. Anyone who knows what they are doing can undermine these tools, as is the case with Stalker.
“Stalker highlights that even with relative effort, you will fall into a group among tons of false positives, and operators will play it safe.”
How would a behavioural analytics engine like Greco identify the threats that someone like Stalker hides?
“There’s an overdependence on fraud and verification tools, which Stalker has highlighted are not impenetrable. Both of these processes can be spoofed, but one thing that can’t be spoofed is that a bonus abuser will take value, and maximise the value they are taking.”
“To identify this behaviour, you must analyse the gameplay, which I see as the operator’s biggest blind spot. This is where Greco comes in.
“We analyse each player bet-by-bet to understand if they are adopting any exploitative behaviours, considering the amount of value they are taking. We do this in real-time so that operators can still provide instant withdrawals by funnelling these players off into a separate flow.”
Stalker says he won’t “go legit” because casinos underestimate the loss and underpay the solution. What needs to change?
“Two things need to change. Firstly, there needs to be true-cost accounting, and once the CFO identifies the leakage, the procurement ceiling for countermeasures must increase.
“Secondly, talent marketplaces and bug bounty programmes. We should pay professional abusers to document an exploit before they can profit from it. When the white-hat fee approaches the black-market yield, skills migrate.
“We have bug bounties for hackers; the best professional sports bettors become sports odds traders. It shouldn’t be any different for fraud and casino abuse.”
If you could change one industry mindset tomorrow, what would it be?
“The moment we frame abuse in exactly the same ROI terms as marketing spend, it gets managed with the same urgency, and margin graduates from collateral damage to competitive edge.”
Editor’s Note:
The Stalker interview upturned a long-standing assumption: that bonus abuse is marginal and we’re managing it. Instead, the series reveals the true cost, scale, and sophistication – one significant enough to feature as a line item on profit and loss sheets, and lucrative enough Stalker sees no reason to go legit.
What’s most alarming isn’t just the scale, but the ease with which Stalker achieves bonus abuse. He sidesteps our best defences, creates fake identities and evades traditional detection with ease, not force, exploiting systematic operational weak spots – all under the radar.
So, how can we really combat this type of fraud without compromising the experience of regular players?
According to Ozric, the answer is not more tools, it’s an industry-wide shift in mindset. Bonus abuse must be treated with the same urgency and investment as any other business area – only then can operators hope to close operational weaknesses.
And that’s not all.
Exposing this shadow industry–which is likely costing operators millions annually– requires greater visibility and incentive. For Ozric’s, this means true cost accounting, behavioural-level and gameplay monitoring of accounts and more controversially, white-hat bug bounty programmes for bonus abuse.
Why not? It worked for cybersecurity.
If you missed Greco’s groundbreaking Stalker Series, catch it here.
