Fraud 2.0

As though straight out of some biblical parable, for whatever reason, a percentage of those engaging in an activity will do it the good way while a percentage will do it the bad way. In sports or academics, they call it cheating. In our industry, they call it fraud, and despite that it can lead to a loss of revenue, relationships, even jail, it still exists. And, no amount of lamenting or commenting that these wonderful misguided souls could do so much good if they just chose to apply their efforts to more accepted and law abiding forms of productivity, it won’t go way. Worst perhaps, it only continues to evolve and become more sophisticated, just as their counterparts in the less dark arts continue to improve their services. Take spyware for example. Those behind one of the newest strains have the skill to excel just about anywhere; they could have gone to Google, had their food, dry cleaning, and options. Instead, they seem content to earn millions by letting everyone know indiscriminately of their gender or age that their male genitalia need enhancement, and continue to innovate new ways of spelling that would confound even those in charge of naming Web 2.0 companies. While our space and particular brand of direct / affiliate marketing tends not to deal with promoting oral enhancements, we certainly can’t escape the impact, perhaps wrath of those engaging in fraud. I know I wouldn’t want to run a click based business, and much of the fraud in our space focuses on those perpetrating against click based businesses. Given that our industry revolves around actions, not clicks, it has always felt that we had less exposure to the dark side, and to some extent I think that holds true. Unfortunately, we see now that this doesn’t quite hold true, as a new type of fraud has begun to rear its head. It’s being called the Indy virus, a somewhat politically incorrect name based on the role that those in India inadvertently or perhaps knowingly play.

If you wanted to make some relatively easy money, unethically, it unfortunately doesn’t take much. Sign up for an ad network, especially one that has incentive promotion offers and do the following – enter an email address, a reasonable one. Do this across five such offers, perhaps two to five times daily. That will give you fifteen to twenty conversions, which at $1.25 will mean around twenty dollars daily. Then find one or two lead generation offers, perhaps an auto finance or insurance offer. Fill out one of those every other day, etc. Before you know it, you could end up earning $500 to $1000 per month in extra income. And, given that the average larger size affiliate network has hundreds of people earning several hundred dollars per month, you could slide by unnoticed for a while. The relative ease of pulling off low volume fraud is the very reason why networks tend not to allow affiliates from dollar weak countries where that $1000 could mean a real income. The person might have a legitimate website, but the risk is simply too great to take a chance. And, while $500 to $1000 can add up, the ambitious folks want more, and they know they can’t do it alone. This used to mean writing scripts that would fill out these email only forms or go through an address book and enter real but nonetheless bogus data into data only offers. With volume comes scrutiny, and the beauty of offers like the incentive promotion one comes in the form of relatively real time feedback on performance. An email address or zip doesn’t make the marketer any money. Only actions throughout the flow do, so if an advertiser sees a bunch of conversions coming from a certain source id that yielded no real revenue they can spot fraud fairly quickly. In other words, you can’t quite teach a machine to be human, but you can teach a human, and here is where we get into the heart of the Indy virus.

The Indy Virus flips the classic fraud model upside down, i.e. someone from overseas signing up as an affiliate. It has someone from the US signing up as an affiliate and using the same low wage / cost of living that makes it attractive for the overseas person to do fraud to hire that person to do fraud. Hearing about it only shows me the limitations of my imagination. It is the world is flat model only deviously leveraged. Those spreading the virus will post in an outsourcing forum like GetAFreelancer.com something like this, "I need 2500 free signups per day. Provider ll be selected with in 2 hours. PMB for more details. Indians preferred" He offered $100 to $300 had twelve bids at an average of $154. If it cost him $250, then he just found a cost per signup of ten cents. This particular person actually lives in India and if you view the services that his firm offers, you can’t help but have some suspicions, as you can hire his team for "….Captcha entry jobs, Emails creations (Yahoo, hotmail & gmail), Data submissions…Filling forms." Another person looking for talent to fill out forms even offers those who work for him software to mask IPs and the data to use. You see this new breed of fraudsters realize that you can’t just fill out form, you have to really fill out forms. They arbitrage across continents – buying cheap user data from any number of firms that will sell user data then hand it over to the Indians (sorry guys) along with the links to the offers they should complete. And, to make the problem harder to identify, they will create tens if not more accounts at a particular affiliate network, where they will choose offers that are not exclusive / run by that network. That gives them an additional layer of hiding and could mean the difference between being caught early and getting the money. Plus, you can also see how someone in India who gets hired to do this might turn around and do it themselves, and PayPal makes that easier for them to accomplish. They can enter phony contact information and select payment via PayPal in many networks. No one really checks if they really have an office where they say.

To the networks, these affiliates will seem valid. They fill out information in the user flow and participate in offers, meaning the incentive promotion advertiser initially finds them OK as well. It isn’t until they start to receive emails like this:

"Recently I have be deluged with telephone calls from a variety of sources claiming that I filled out an survey online and they are following up. The name used by the person who has filled out the survey is the same as mine. However, the email address used by this person is NOT mine and I have confirmed this with several of the callers. Unfortunately, my personal home telephone as well as my cell phone number has been given to these clients…"

Those committing the Indy Virus aren’t just perpetrating fraud. This is identity theft. Many offers require just a phone number to initiate billing, and by filling out offers as someone else, these people are costing the real users money, let alone the time, headache, and frustration of receiving sales calls and not knowing why. And, just as scary, those in the identity theft business have realized that they can use the data they collect by becoming affiliates rather than trying to make money buying goods with the stolen information. While there isn’t a solution – we are just starting to become aware of its scale and prevalence – the pieces for a solution exist.

We can get halfway there with patience and process and the other half with technology. Credit card companies have to deal with fraud and have developed advanced algorithms for detecting irregular behavior. I believe we can implement similar predictive models and see what data doesn’t fit, to pick up anomalous patterns in all aspects of the data beginning with the affiliates’ very own.