Affiliate Fraud Detection: What Is It & How Does It Work?

Affiliate fraud is a growing concern for online marketers. Here’s how it works, and a primer on choosing the right prevention tools.

What Is Affiliate Fraud?

Affiliate fraud refers to any attempt to take advantage of marketing opportunities with your company. It can be performed by sending junk traffic to your site or using bots to trigger affiliate rewards. In any case, it is a relationship with an affiliate where the other party is using deceiving practices to take money from you.

How Does Affiliate Fraud Work?

Affiliate fraud can follow many schemes, which depend upon your payment model:

• Cost-per-acquisition (CPA): the affiliate gets paid upon fulfillment of a sale. Huge CPA businesses include MoneySuperMarket and TripAdvisor, amongst others. Fraudsters will use stolen IDs and credit card numbers to finalize the conversion, often using bots to automate the process. This can incur huge chargeback fees for your company.
• Cost-per-lead (CPL): the affiliate gets paid upon completion of a registration form, subscription to a newsletter, or simply by delivering the right user data. Unscrupulous affiliates will deliver bad customer data, use bots to fill forms, and even give you opt-out lists instead of opt-ins.
• Cost-per-click (CPC): affiliates receive a rate based on the number of ad clicks. Fraudsters use bots to automate clicks, and find ways to direct unsuspecting users towards the clickable link.
• Cost-per-impression (CPM): the M in that case, stands for Mille, referring to every thousand impressions. Fraudsters will create fake websites and use bots to increase the number of ad “views”, and even layer multiple ads on top of each other to count as impressions.
• Influencer model: you offer freebies to an online personality with enough of an audience. But of course, here again fraudsters have no qualms about creating fake accounts and boosting their numbers with bot views and comments. A whole cottage industry of social profile boosting exists for that purpose. 

Example of Affiliate Marketing Fraud

Let’s look at an example we’ve encountered multiple times in the iGaming world. The iGaming industry is susceptible to affiliate fraud, simply because it needs affiliate marketing more than other types of businesses (Google Ads don’t allow online casinos and gaming sites, for instance).

1. Fraudsters sign up to your referral program
2. They purchase stolen ID data on the dark web
3. Bots automate the signup process on your site, using stolen IDs
4. Sophisticated bots can even replicate human behavior (browsing, transactions, etc)
5. Fraudsters get a referral fee; you are left with bad users

Let’s break it down in detail.

In this scenario, the gaming company has set up an affiliate program with a CPA model. The action required, or KPI, is a user registration on the site. They will need to enter their details (full name, email address), and verify their age (a legal requirement).

Because of the fact that reducing friction is primordial, some iGaming operators will try to wait until the withdrawal stage to request ID verification.

Now, a fraudster signs up to become an affiliate.

Their first goal is to bring in legitimate traffic to the site. It can be done with domain spoofing, where they create fake landing pages that look like legitimate ones. Users who end up on these fake pages are redirected toward the iGaming site. If some of them sign up, that’s a plus for the fraudsters.

But to ensure they get the reward, fraudsters can rely on multi-accounting. They will source stolen IDs from data breaches purchased on the darknet. By using bots, they can automate the process and scale it to their liking.

Because all the conversions appear legitimate and from different users, the fraudsters receive high payments, but meanwhile, your business has to live with the consequences.

How Affiliate Fraud Impacts Businesses

According to Juniper’s Future Digital Advertising: Artificial Intelligence & Advertising Fraud 2019-2023, advertisers’ total loss to fraud will rise to $100 billion by 2023. And most of it is to blame on affiliate scams.

If it affects your business, the best scenario is that you realize you’re wasting marketing money on the wrong people and cancel the contract.

But the problem is that by the time you perform a review of the affiliate’s performance, it’s already too late.

• Bots will play havoc with your analytics.
• You waste precious marketing dollars.
• Campaigns’ KPIs are harder to measure.

And for the worst-case scenario, you also put yourself at the mercy of KYC or AML fines. If your bad affiliates go all the way to the transaction stage, you’re also left in a lurch when it comes to processing chargeback fees. 

Finally, let’s not forget that you could also be losing money if you offer signup bonuses. There is an overlap between affiliate fraud and promo abuse, which bad agents will only be too happy to exploit.

3 Ways to Stop Affiliate Fraud

If affiliate fraudsters are targeting your business, you want a three-pronged approach to check the quality of your marketing partner. Ideally, your fraud prevention solution should be able to deliver the following tools:

Monitor the Traffic

The first step is to keep track of traffic quality. Make sure your system allows you to log affiliate IDs, and that you get an accurate view of how many of the users they bring. You should also know how many of their visitors go through the conversion stage successfully. 

In the screenshot above, we can clearly see that each merchant (or affiliate) brings in users whose transactions are approved, reviewed, or declined. These three results can of course be automated by your fraud prevention system.

But the key point is that after logging every conversion for a while, you’ll have enough data to start separating good affiliates from bad ones. 

But what if you want to block fraudulent traffic before it enters your system? You can look at device fingerprinting. 

Enable Device Fingerprinting

Each user that lands on your conversion page will arrive with some data. We call it a digital footprint, and it includes the configuration of their software and hardware. 

With a device fingerprinting module on your site, you can create IDs for these configurations, and see when anything looks suspicious. For instance:

• Has this exact configuration already been found on your site? There is a possibility you could be dealing with a fraudster trying to fool your system with multi-accounting.
• Does the device point to an emulator like FraudFox, Kameleo, Linken Sphere, MultiLogin or AntiDetect? These are tools favoured by fraudsters who use bots to abuse affiliate programs on a mass scale.

Combined with other data enrichment tools, you will be able to build a pretty complete profile of your users – all in real-time.

Note that device fingerprinting is also a fantastic tool for curbing bonus abuse, for instance in the gambling world, or even to reduce chargeback rates and manual reviews.

Behavior Analysis

In fraud detection, the behavior is tracked via a series of risk rules. Every time the user data is checked against the rule, a risk score increases or decreases. 

The most obvious example would be a standard IP analysis. Is the user’s IP address pointing to the same location as the cardholder’s address? But you can of course get much more sophisticated with the rules:

• How many connection attempts did they make per hour?
• How fast did they complete the fields on your signup form?
• What was the average time it took them between landing on your conversion page and going to checkout?

When it comes to risk rules, the sky’s the limit, and this is where having a talented team of fraud managers can make all the difference. Provided, of course, that your fraud management solution allows you to create risk rules manually – or to get suggestions from a machine learning engine. 

Affiliate Fraud Software Solutions

Cutting through the noise is harder than ever for marketers, and things are made more complicated by fraudulent affiliates. The thing is, affiliate marketing is more important than ever for modern online businesses. We live in the age of comparison websites, YouTube influencers, and heightened customer expectations for sourcing engaging content.

The good news, however, is that affiliate fraud software solutions are faster, easier, and more affordable than ever.

Using a simple combination of decent traffic monitoring, device fingerprinting, and tailored risk rules such as SEON’s solution, you should be on your way to flag bad partnerships and focus on the best ones that can really help grow your business.

FAQs about Affiliate Fraud Detection

You might also be interested in reading about:

• SEON: Here’s How You Can Win Against iGaming Affiliate Fraud
• SEON: How to Reduce Customer Acquisition Risk In Affiliate Marketing
• SEON: Fraud and Bot Attacks- What to Know to Stop Them
• SEON: Referral Fraud: Stop Fraudsters from Wasting Your Marketing Dollars

• AWin: MoneySupermarket Insurance
• TripAdvisor: What is the Tripadvisor Affiliate Program?
• Influencer Marketing Hub: How to Spot Fake Instagram Followers