In 2025, online scams continue to escalate, with hundreds of sites recently exposed as malicious online gaming and gambling platforms[1]. These sites lure victims by advertising themselves as the “#1 crypto gaming platform,” often claiming ties to billionaires such as Elon Musk, Bill Gates, and MrBeast to appear credible [3]. Beyond fake endorsements, the platforms offer financial incentives and unrealistic winnings. These sites are not randomly created; they form part of a larger, coordinated network designed to defraud thousands of users[2].
KrebsOnSecurity first identified this network through a tip from a 17-year-old Discord user known as “Thereallo,” who noticed misleading spam messages promoting multiple gaming sites. This discovery led to a deeper investigation, revealing a sprawling criminal network of more than 1,200 scam domains [1].
Figure 1: Example of scam online gaming sites identified by KrebsOnSecurity [1].
Examples of High-Risk Scam Sites
Many of these sites were recently created and share gaming or wagering theme and some invoking the same API keys, following a consistent scam strategy[1]. Several have been flagged as high-risk due to fraudulent activity, with some established as recently as 15 days ago. Examples include:
- Socmex.com
- Liobax.com
- Gambwex.com
- Toprexx.com
The communities behind these sites are tied to a Russian-language affiliate program known as Gambler Panel. This program rewards its partners with up to 70% of the profits generated from exploited users. In addition, Gambler Panel supplies affiliates with detailed strategies and ready-made gaming content, making it easier for them to carry out these scams[2].
How These Scams Work
- Social Engineering via Ads
Scammers post advertisements on platforms such as Discord, YouTube, and Twitter, offering promo codes that claim $2,500–$10,000 in credits. These credits appear in-game/website but are never actually given [1]. - Free Gameplay
Users play games using the promo credits, feeling no financial risk and trusting the platform [1]. - Withdrawal Trap
When attempting to withdraw winnings, the sites request a verification deposit of $100–$500 in cryptocurrency [1]. Users are led to believe they remain at a net positive. In the withdrawal trap, scammers exploit cryptocurrency to collect users’ deposits. Here’s why they rely on cryptocurrency for their schemes:
- Side Note/Crypto Lesson: In cryptocurrency transactions, a public key functions like an address, allowing users to send funds to a specific wallet. The private key is held by the wallet owner and is required to authorize withdrawals. Once a transaction is recorded on the decentralized and irreversible blockchain, scammers who control the private keys can immediately access all deposits, making it impossible for victims to recover their funds[6].
- Continuous Deception
The platforms provide excuses to block withdrawals and may request additional deposits, ultimately causing victims to lose real money [1].
How to Avoid Getting Duped
Although social engineering is the main tactic scammers use, several precautions can help reduce risk:
- Watch for fake endorsements [3]– Celebrity images or endorsements without verified affiliation are red flags.
- Question inflated stats[3] – Claims such as “50,000 active users” may be fabricated.
- Beware of withdrawal requirements[3] – Sites that lock withdrawals until a verification deposit is made are typically fraudulent.
- Check for licenses and policies[3] – Legitimate platforms clearly display legal information.
- Avoid unrealistic promo offers[3] – Offers of $2,500–$10,000 in free credits are usually scams.
- Use security tools – Antivirus software and adblockers help prevent malicious pop-ups or access to fraudulent sites.[3]
Conclusion
With online crime on the rise, it is essential to stay informed about the latest tactics used by cybercriminals. Scam gambling platforms now exploit social engineering and cryptocurrency’s irreversible transactions to deceive and defraud users. As thousands of new domains continue to emerge, awareness and education are critical to avoiding these traps. Practicing strong security habits and promoting caution online remain the most effective ways to protect against such evolving threats. Having been tricked by ads and scam websites in the past, this topic is particularly important to me. Next time you see a celebrity endorsement on a website or a random link in Discord, exercise caution. While visiting the site is often harmless, it’s always safer to remember that you don’t have to click the link or interact with the site at all.
References
[1] B. Krebs, “Scammers Unleash Flood of Slick Online Gaming Sites,” KrebsOnSecurity, Apr. 15, 2025. [Online]. Available: https://krebsonsecurity.com/2025/04/scammers-unleash-flood-of-slick-online-gaming-sites/. [Accessed: 25-Sep-2025].
[2] B. Krebs, “Affiliates Flock to ‘Soulless’ Scam Gambling Machine,” KrebsOnSecurity, Aug. 28, 2025. [Online]. Available: https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/. [Accessed: 25-Sep-2025].
[3] Gridinsoft, “Socmex.com review: Scam website analysis,” Gridinsoft Online Virus Scanner, Sep. 2025. [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/socmex-com. [Accessed: 25-Sep-2025].
[4] GridinSoft, “Online Virus Scanner — liobax-com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/liobax-com. [Accessed: Sep. 26, 2025].
[5] GridinSoft, “Online Virus Scanner — toprexx-com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/toprexx-com. [Accessed: Sep. 26, 2025].
[5] GridinSoft, “Online Virus Scanner — gambwex‑com,” GridinSoft, [Online]. Available: https://gridinsoft.com/online-virus-scanner/url/gambwex-com. [Accessed: Sep. 26, 2025].
[6]S. Susnjara and I. Smalley, “Blockchain,” IBM THINK, IBM, [Online]. Available: https://www.ibm.com/think/topics/blockchain. [Accessed: 26-Sep-2025].
[7]Unsplash, “Person sitting at a desk with a computer,” [Online]. Available: https://unsplash.com/photos/a-person-sitting-at-a-desk-with-a-computer-cAuANa0VvGw. [Accessed: 25-Sep-2025].
Great post!!
Crazy how these scams don’t even need advanced hacking, they just play on trust with fake endorsements and so called “verification deposits.” The crypto angle makes it even harder for victims to recover funds. Awareness like this is the best defense.
Interesting! While I am not surprised that such networks exist and apparently flourish, it is still crazy to me that people so easily fall for these kinds of scams.
I understand that it is impossible to get people to check where and when domains are registered (although that would be ideal), people still should understand that anytime someone offers a “free” money, it is MOST likely a scam, and advanced background checks are needed them.
I also want to add that it is important to keep a cool head and do the critical analysis. If something seems too good to be true – it most likely is.
This blog is a great reminder to stay alert online. Many scam sites appear legitimate because they use well-known names such as Elon Musk or Mr Beast to mislead users. They make false promises of free money or large rewards. The scammers make you feel safe with free credits, then ask for a small “verification” deposit and that’s how they steal your money. Once you send crypto, you can’t get it back.
It’s smart advice to always double-check if a website is licensed and to ignore offers that seem too good to be true. If a site asks for money to withdraw “winnings,” that’s a big red flag. Using antivirus software and exercising caution when encountering advertisements or random links can also help.
Thank you for sharing this, Israel; many people are still unaware of how easy it is to fall for these scams. Staying informed can help you save money and reduce stress.
Great post! It’s surprising how easily people fall for these scams. Those websites seem suspicious, and .com domains usually are not cheap. They must use keyloggers or a malicious widget to get the user’s private key. But I can see why gamers are the target. It is easy to let your guard down while gaming online.
Nice Write up!!! The network demonstrates that scams have evolved from individual websites into a complex organized system. The combination of fake celebrity endorsements with verification deposit schemes represents traditional social engineering tactics which become more dangerous when cryptocurrency is involved because funds sent to these sites become permanently lost. The sites have become so sophisticated in their appearance that they now present a frightening level of authenticity. The only protection against scams exists through education and skepticism because any offer that seems too good to be true usually turns out to be a scam.
This is quite an interesting blog, Isreal. Time and time again we see how these scams show just how easy it is for people to get tricked online especially with the usage of crypto and fake endorsements. We all just need to stay careful and pay extra attention to the red flags.
Great post Israel ! What I found really cunning in the scammers part is that the withdrawal deposit tactic is not just technical it also targets the human psyche and behavior, a “sunk-cost fallacy” in other words. When the victims are convinced that them paying a small verification fees would eventually earn them larger “wins” the $100 to $500 fees feels rational, ultimately it is the real theft. This really highlights the psychological aspects of Cyber threats.
Hey Israel, this is super relevant to gamers. I’m a gamer and I’ve been through a lot of these scams myself, and my friends who downloaded games from unauthorized sites had their PCs and accounts compromised, personal info changed, and some even lost access entirely. I’m also trying to sell a game account right now, and it’s wild how many people try to scam you by asking for weird “verifications,” account details, or deposits that are obviously red flags. My quick tips don’t download from sketchy sites, ignore promo links in Discord, use unique passwords and 2FA, and if you sell accounts, use a trusted escrow/payment method or better yet, try to sell in person. Awareness and caution go a long way.