CC Fraud By Affiliates

[cdc]

Just talked to one of my friends and she had her credit card information stolen. She still has the card in her possession, but someone got a hold of the number, expiration date, name, etc.

So how does she know that her card info was stolen? Well, she just got a package of acai berries, some government grant information, was signed up for some book clubs, and lord knows what else is on the way to her house.

I wasn't aware that people are doing this, but I guess it's easier than ordering the products and hoping you won't get arrested when you go to pick them up.

 

[Mike619]

it could be a malicious spyware or virus on her computer than stole her personal information or a malicious website, just check your statement online everyday i guess.

 

[ayzo]

Yep it happens all the time, I used to do some security work for an electronics affiliate program and you'd be surprised how much affiliate-based fraud I'd discover on a day to day basis. That's why networks insist on contacting you via phone to make sure you are who you say you are and not some guy in Nigeria or Malaysia who will more than likely jack credit cards and signup for the offers.

These fraud rings are getting smarter though, hiring Americans and Canadians from craigslist to answer the phone and collect the payments. Some are even just hacking/buying CPA network accounts and using their techniques on those accounts.

 

[johu]

Affiliate fraud is HUGE right now, especially from fraudsters in China, usually purporting to be from the US, UK, or Canada. I'm not going to list some of the tip-offs that lead me to find the fraudsters (I work for some advertisers in a network that does not phone verify affiliates), but it can be quite easy at times to track down.

 

[miketpowell]

Affiliate fraud is HUGE right now, especially from fraudsters in China, usually purporting to be from the US, UK, or Canada. I'm not going to list some of the tip-offs that lead me to find the fraudsters (I work for some advertisers in a network that does not phone verify affiliates), but it can be quite easy at times to track down.

How sophisticated are they getting and how good of a handle do you feel your advertisers or the industry as a whole have a handle on it?

As a newbie I'm curious to hear the opinions of others on this.

 

[Sonny Forelli]

I guess the only upside in that story is free acaiez! Talk about uber flat tummy time.

 

[nachoninja]

Well if she wasnt already sounds like she'll be slim, rich, and well educated in a few weeks - pics plz

 

[MaxSteve]

There aren't just problems with stolen credit cards - there are also lots of scammers who make use of low-balance VCC's to signup for trial offers where the CPA rate is much higher than the trial cost.

Based on what I'm seeing, fraud isn't any higher than it was in the past. It is just the methods that are getting more sophisticated. And the dollar value of fraud as compared to the dollar value of legimiate sales is low enough that it isn't going to put the industry at any sort of risk as long as networks/merchants stay on top of it all.

Ignoring the fraud is where things can get serious. If the scammers realize you're an easy mark, you'll be swamped with them and then your fraud/good lead ratio WILL take a beating.

Thankfully it's still relatively easy to identify the scammers.

 

[Travis_Ecomlead]

Steve is absolutely right. The fraud is about the same level as before, but it is getting much more sophisticated.

We are seeing a lot more cc fraud and purchased data (buying data from one source then using it to input into a higher paying offer) are showing up more often. Also the info they are using to try and get accounts is getting harder to weed out.

It's very possible to stay on top of it, but god help you if you let it slip for a little bit. I see on average 20 to 30 fraud applications a day trying to join our network.

 

[QAT-Mirza]

I guess doing phone verifications and asking the various promotional methods will reduce FRAUD applications even if the Fraudster try to arrange someone for phone pickup as he /she will not be aware of the questions that a network would ask prior to acceptance.

 

[HarveyJ]

Not that I'm endorsing this in anyway, shape or form, but I am wondering.

Let's say you've got an offer that's converting REALLY well.
Is it technically possible to iframe the offer, and in the hidden external frame, have script that's capturing the data, which you can then use to submit elsewhere?
If so, other than keeping an eye out for the moron that fucks up and submits it all from the same IP, or within a short space of time, how would you know?

 

[mkrongel]

to all networks i believe there is a thread in the networks section of wf started by mike at fire lead. We should maybe all discuss what we have found to prevent and stop fraud. I see it more and more in other networks running our offers lately.

If you need access to that section ask a moderator. It may be a good place to start with an industry blacklist of addresses used to scrub out of our systems. Fraud affects us all and the ability for this industry to grow

 

[coolguy20]

^

Agreed. Not only is fraud a huge problem for networks, advertisers, and consumers, but for affiliates as well.

If someone is benefitting from fraud (e.g. the fraudster) you can be damned sure someone is losing out. Whether its an advertiser pulling the offer, the networks margins being hammered, consumers being ripped off, or legit affiliates being pushed off an offer....no one is benefitting.

 

[tvmatt]

How sophisticated are they getting and how good of a handle do you feel your advertisers or the industry as a whole have a handle on it?

As a newbie I'm curious to hear the opinions of others on this.

In my experience, some advertisers are oblivious, while others are overly cautious. Same with networks - it really varies, and it's hard to put a finger on it overall. Any other thoughts?

 

[marfarma]

I had this exact thing happen to me about two months ago. The way I got wind of it was when the trial package of that rebilling acne solution arrived.

I immediately phoned the company and complained that I had certainly not ordered it. They had my cc #, my correct address -- but not my email addy. I checked my account online, and I had been signed up for netflicks and reunion.com, and a few other things. I filed a fraud claim with the cc, and got all the charges removed, and a new card number.

The strangest thing was that the final fraudulent charge to my account was for some product billed as "makemoniesonline" --> I have no idea what product that was, but figure it's something one of y'all sell. Sorry that you had to get the charge-back, whoever you are -- not my fault, but still, I know it costs the merchant when that happens.

 

[Dispel]

A bit off topic but here's a thread about a scam someone's pulling on facebook where they promise people Yoville cash (dont ask) if they sign up for offers.

YOVILLE CASH | Facebook


Then advertisers get emails asking 'yo, where the fuck is my Yoville cash, mofo?!"

Anyway. Fucktards.

 

[Travis_Ecomlead]

to all networks i believe there is a thread in the networks section of wf started by mike at fire lead. We should maybe all discuss what we have found to prevent and stop fraud. I see it more and more in other networks running our offers lately.

If you need access to that section ask a moderator. It may be a good place to start with an industry blacklist of addresses used to scrub out of our systems. Fraud affects us all and the ability for this industry to grow

Would love to be able to participate in this discussion, it seems like dealing with fraud is the most time consuming part of my job.

I have asked a mod previously for access, but never heard back.

 

[ayzo]

Quick tip for the network owners, try using Java to find out the "real ip" of your signups. A good example of this in action can be found here:

Still's JAVA Checker

Scroll down to the end of the page and you'll see that even if you're behind a proxy it spits out your real ip, and then the ip of the proxy. It shouldn't be that hard to code some java that checks the ip's and then reports that a php script.

I think you can also do this with flash and actionscript but i'm not 100% sure.

 

[mfishy]

yeah, this is everywhere these days. If you are running a cpa program, check every new affiliate's first few sales. Sucks shipping product out only to have it returned weeks later after having payed the affiliate/thief