In 2025, online scams continue to escalate, with hundreds of sites recently exposed as malicious online gaming and gambling platforms[1]. These sites lure victims by advertising themselves as the “#1 crypto gaming platform,” often claiming ties to billionaires such as Elon Musk, Bill Gates, and MrBeast to appear credible [3]. Beyond fake endorsements, the platforms offer financial incentives and unrealistic winnings. These sites are not randomly created; they form part of a larger, coordinated network designed to defraud thousands of users[2].
KrebsOnSecurity first identified this network through a tip from a 17-year-old Discord user known as “Thereallo,” who noticed misleading spam messages promoting multiple gaming sites. This discovery led to a deeper investigation, revealing a sprawling criminal network of more than 1,200 scam domains [1].
Figure 1: Example of scam online gaming sites identified by KrebsOnSecurity [1].
Examples of High-Risk Scam Sites
Many of these sites were recently created and share gaming or wagering theme and some invoking the same API keys, following a consistent scam strategy[1]. Several have been flagged as high-risk due to fraudulent activity, with some established as recently as 15 days ago. Examples include:
- Socmex.com
- Liobax.com
- Gambwex.com
- Toprexx.com
The communities behind these sites are tied to a Russian-language affiliate program known as Gambler Panel. This program rewards its partners with up to 70% of the profits generated from exploited users. In addition, Gambler Panel supplies affiliates with detailed strategies and ready-made gaming content, making it easier for them to carry out these scams[2].
How These Scams Work
- Social Engineering via Ads
Scammers post advertisements on platforms such as Discord, YouTube, and Twitter, offering promo codes that claim $2,500–$10,000 in credits. These credits appear in-game/website but are never actually given [1]. - Free Gameplay
Users play games using the promo credits, feeling no financial risk and trusting the platform [1]. - Withdrawal Trap
When attempting to withdraw winnings, the sites request a verification deposit of $100–$500 in cryptocurrency [1]. Users are led to believe they remain at a net positive. In the withdrawal trap, scammers exploit cryptocurrency to collect users’ deposits. Here’s why they rely on cryptocurrency for their schemes:
- Side Note/Crypto Lesson: In cryptocurrency transactions, a public key functions like an address, allowing users to send funds to a specific wallet. The private key is held by the wallet owner and is required to authorize withdrawals. Once a transaction is recorded on the decentralized and irreversible blockchain, scammers who control the private keys can immediately access all deposits, making it impossible for victims to recover their funds[6].
- Continuous Deception
The platforms provide excuses to block withdrawals and may request additional deposits, ultimately causing victims to lose real money [1].
\
Figure 2: Person at computer, illustrating online activity [7].
How to Avoid Getting Duped
Although social engineering is the main tactic scammers use, several precautions can help reduce risk:
- Watch for fake endorsements [3]– Celebrity images or endorsements without verified affiliation are red flags [3].
- Question inflated stats[3] – Claims such as “50,000 active users” may be fabricated [3].
- Beware of withdrawal requirements[3] – Sites that lock withdrawals until a verification deposit is made are typically fraudulent .
- Check for licenses and policies[3] – Legitimate platforms clearly display legal information .
- Avoid unrealistic promo offers[3] – Offers of $2,500–$10,000 in free credits are usually scams .
- Use security tools – Antivirus software and adblockers help prevent malicious pop-ups or access to fraudulent sites.[3]
Conclusion
With online crime on the rise, it is essential to stay informed about the latest tactics used by cybercriminals. Scam gambling platforms now exploit social engineering and cryptocurrency’s irreversible transactions to deceive and defraud users. As thousands of new domains continue to emerge, awareness and education are critical to avoiding these traps. Practicing strong security habits and promoting caution online remain the most effective ways to protect against such evolving threats. Having been tricked by ads and scam websites in the past, this topic is particularly important to me. Next time you see a celebrity endorsement on a website or a random link in Discord, exercise caution. While visiting the site is often harmless, it’s always safer to remember that you don’t have to click the link or interact with the site at all.
References (IEEE style)
[1] B. Krebs, “Scammers Unleash Flood of Slick Online Gaming Sites,” KrebsOnSecurity, Apr. 15, 2025. [Online]. Available: https://krebsonsecurity.com/2025/04/scammers-unleash-flood-of-slick-online-gaming-sites/. [Accessed: 25-Sep-2025].
[2] B. Krebs, “Affiliates Flock to ‘Soulless’ Scam Gambling Machine,” KrebsOnSecurity, Aug. 28, 2025. [Online]. Available: https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/. [Accessed: 25-Sep-2025].
[3] Gridinsoft, “Socmex.com review: Scam website analysis,” Gridinsoft Online Virus Scanner, Sep. 2025. [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/socmex-com. [Accessed: 25-Sep-2025].
[4] GridinSoft, “Online Virus Scanner — liobax-com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/liobax-com. [Accessed: Sep. 26, 2025].
[5] GridinSoft, “Online Virus Scanner — toprexx-com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/toprexx-com. [Accessed: Sep. 26, 2025].
[5] GridinSoft, “Online Virus Scanner — gambwex‑com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/gambwex-com. [Accessed: Sep. 26, 2025].
[6]S. Susnjara and I. Smalley, “Blockchain,” IBM THINK, IBM, [Online]. Available: https://www.ibm.com/think/topics/blockchain. [Accessed: 26-Sep-2025].
[7]Unsplash, “Person sitting at a desk with a computer,” [Online]. Available: https://unsplash.com/photos/a-person-sitting-at-a-desk-with-a-computer-cAuANa0VvGw. [Accessed: 25-Sep-2025].
Great post!!
Crazy how these scams don’t even need advanced hacking, they just play on trust with fake endorsements and so called “verification deposits.” The crypto angle makes it even harder for victims to recover funds. Awareness like this is the best defense.