PJ has over a decade of experience in fraud prevention and a strong understanding of mitigating fraud across the full spectrum of use cases. Currently, PJ is the Head of Fraud Strategy & Education at SEON
This blogs helps how to stay ahead of Marketing fraud by understanding some common fraudulent practices in the marketing world.
For some content marketers, affiliate marketing programs can feel like the worst due diligence. These programs get spoken about with a little sheepishness, like an ex-partner or embarrassing schoolyard nickname.
Why? Because for many marketing-minded professionals, affiliate marketing is synonymous with fraud. And marketing fraud can have unpredictable and unpleasant consequences, including on your budget and customer segments.
While any kind of performance-based marketing can potentially be exploited, affiliate schemes like pay-per-click and cost-per-lead models are still valuable pipelines to profit yield. This is especially true if you stay aware of vulnerabilities in your system and proactively work to defend them.
Where do marketing and fraud meet?
Unfortunately, the nature of fraud is such that fraudsters will materialize wherever there is a cash incentive.
Are you running a cash-per-click scheme? Perhaps a signup bonus? Shaking these trees will inevitably have fraudsters raining down around your head, but there will always be more climbing up the moment you close your eyes for a nap in the shade.
Staying ahead of their game starts with understanding some fraudulent practices common in the marketing world:
Bonus abuse fraud
This is often a result of multi-accounting, which is common in the iGaming sector, fintech and elsewhere, where fraudsters take advantage of a one-time incentive offered to new customers. This is often free bonus money at an online casino subject to a playthrough.
This means that the new player has a certain amount of money to play with at their disposal, but they cannot withdraw the sum until they have used it to play a certain amount of time. Unfortunately, fraudsters sometimes find a way around this system, abusing it to their own advantage.
iGaming is just one example; this can affect any company that offers something for free with registration. By using multiple forms of ID, stolen or otherwise, fraudsters make multi-accounting possible and maliciously cut into a marketing department’s ROI.
Account takeover (ATO) fraud
Here, either your branded marketing accounts or your customer’s accounts are hacked into and controlled by a fraudster, can be a pain point for your reputation and your bottom line. As many businesses put more effort into developing account-based marketing strategies, having your Twitter account compromised and abused represents a public embarrassment and a lost marketing opportunity.
However, there is certainly worse: An ATO where your customers’ accounts are targeted instead could lead to poor publicity and an uptick in fraud losses through chargebacks, investigations, and product loss. Depending on your sector, the loss of trust between the company and its customers can significantly affect its bottom line.
It attacks your marketing strategies, abusing whatever incentive the affiliate payout scheme offers. By first posing as a legitimate affiliate, fraudsters can take advantage of nearly any cost-per-model. Paying out per click, impression, sale, or lead?
Fraudsters can use bots with stolen personal information to spoof all these metrics. They can fake clicks, fill out forms, and complete unauthorized purchases automatically, then disappear with their payout, leaving disgruntled customers with justified claims for chargebacks.
While fraud is always evolving to match the evolving online ecosystem, many of these basic strategies remain the same. Very often, new techniques in marketing fraud – as well as other types of fraud - are old techniques combined and repurposed, and understanding the original building blocks is incredibly valuable when trying to anticipate the fraud of the future.
Importantly, it is essential to remember that fraud against a company's marketing department can be devastating too – it is not just about sales.
How can marketing fraud be prevented?
- Fraudsters generally operate at scale, potentially leveraging thousands of bots or identities against your system. This amount of traffic requires fraud prevention software both to handle the sheer numbers, as well as develop insights into any patterns hidden within the volume.
- Software-based fraud solutions can analyze individual users at various points of their customer journey, looking for anomalies. These anomalies are usually found either by taking a user’s email, phone number, or other provided personal information and cross-referencing them with an existing database of previously risk-scored identities.
- The provided personal data can also be inspected for a person’s publicly available information, called OSINT, potentially returning results like social media posts, photos, and messaging app registrations. All of this data can then be analyzed and flagged in real time.
- Most solutions that can help with marketing fraud will take any available registration information, such as an email address, and combine them with the IP address to develop a digital footprint of that user. If they appear suspicious via an IP address with a poor reputation, or from a country unrelated to their customer data, the software can block the transaction or put it on hold for escalation to manual review. This is crucial to mitigating scams like cost-per-acquisition abuse and account takeovers.
- Performing your own due diligence when it comes to vetting affiliates is an important step that can be handled internally. Companies that use programmatic advertising – when ads are purchased and placed automatically via software – are particularly prone to fraudulent practices.
Let’s look at a few examples of what forms these could take:
Click farms are made up of people repeatedly clicking on ads on different devices, generating clicks artificially with no intention of ever converting the click to a sale.
Arbitrage websites are sites that secure a high-paying PPC contract, offer low-price PPC to their affiliates, then drive that traffic through the high-paying ad, collecting the difference but only ever acting as a middleman. Services like "similar web" score websites based on how likely they are to be a unique property with its own value, rather than an arbitrage gateway or click farm.
"Zooming out", fraud solutions also help you see where patterns in large-scale attacks are taking place. Most software stacks will have a set of rules in place that are leveraged against incoming traffic. If an account is found to be in violation of the rules, its journey can be blocked or paused.
For example, you notice that your pay-per-click scheme is developing a lot of traffic, but none of the users arriving via your incentivized link are returning any profits whatsoever. Closer inspection of those users’ devices – a device fingerprint – shows that many of them have a suspiciously similar setup, with all of their web browser preferences being the same.
Your predetermined risk ruleset bumps their risk score up a bit. Maybe a coincidence, but looking closer still, all of those transactions had approximately the same time spent in the marketplace, and all occurred within two hours of each other.
Thankfully, you have a real-time rule in place to check for “velocity” like this so you get notified of the high-velocity transactions as they are happening – risk score now goes into the red, affiliate scammer successfully detected.
Finally, designing and executing a strong affiliate onboarding program that minimizes loss to both inefficiency and marketing fraud is crucial. Some specialized software platforms specifically offer fraudulent affiliate detection from the onboarding stage.
Use that process to get to know your affiliates as well as possible, so even if one turns out to be an abuser, you’ll have one more profile of what an affiliate fraudster looks like when inside your ecosystem and be able to shore up defenses in the future.
Your key takeaways are…
While affiliate marketing remains an evergreen source of ROI for e-commerce businesses – 16% of all e-commerce sales are still generated through affiliate programs – it pales slowly when faced with unchecked fraud. There is a sad reality where, without software-assisted scrutiny, some of your affiliates might generate mostly fake traffic, which you pay for.
What’s more, beyond the potential to waste part of your marketing budget, marketing fraud can seriously skew your understanding of your target audience or even of your customers, with bad data potentially leading you to bad decisions.
So, before you contract a relevant influencer for a social media ad, consider that some of their following might be like-bots who won’t make a valid purchase in your marketplace unless they are programmed to (and you don’t want that either).
There is no shortage of websites, tools and forums enabling both professional and amateur fraudsters to eat into your marketing spend or even the company’s bottom line.
It pays to perform your due diligence and keep fraud in mind even if you’re a marketer.
Subscribe to weekly updates
You’ll also receive some of our best posts today