Affiliate with more joins than uniques = fraud?
 

Like the title says, I have an affiliate with more joins than uniques. (nats)

I am trying to find a reason to be charitable and am wondering if there is any scenario where this is not credit card fraud, like for example if there's some system like a link shortener that would suppress uniques. I've heard cookie stuffing for example can insert a cookie without a unique click.

Account is over 90 days old, CB rates are not unusually high (though retention is fairly anemic compared to overall program stats) the amount of joins is decent enough to draw meaningful conclusions based on stats.

Any ideas?

ive got some days where sales are higher then uniques before, guess its the cookie working....

OK but have you ever had a campaign with 18 sales on 9 uniques? (not the same customer over and over)

Maybe it is a circle jerk of guys all using same computer LOL ...everyone wanted to become a member :)

Well,there is indeed hugh chance how this is fraud,so check few things:
1.See the names behind orders(for example,are all members names males,sometime fraudsters uses woman cards).
2.Try to contact those members to verify did they indeed ordered
3.If affiliate start to bother you to get payout asap then it is definitely fraud

How can they have more sales than uniques?

Do you not have tracking on your join page? Or are they going straight to the billing page of the processor?

Different IP addresses in widely disparate geo locations. A typical mix of residential cable providers and mobile phone network IP's, nothing out of the ordinary there.

Every single time I have seen this, which is about 10-15, it has been fraud. The scammers are also good at letting accounts age before they push sales through. I've had 2 year old accounts all of a sudden start doing sales. If you want to email me I will tell you other things to check. I do not want to give them a "how to scam guide" on this board.

adam @ searches (dot) com

Ask the members if they shop at Target ?

Well the reason I am asking is because I don't know. Yes there is tracking. Join page is being hit. Somehow a cookie is being created without a unique hit being logged. Here's the possibilities I can think of:

1) Affiliates signing up directly with stolen info using a browser plugin to switch IP's like TOR or "foxyproxy" or some unknown botnet. And forgetting to clear cookies between signups, - but then where are the chargebacks?

2) Affiliates creating their own fake join page with some backend crap that passes the info through to my site using either an iframe or something more advanced.

3) Some new technology that I am not aware of, browser anonymizer or something.

4) Cookie stuffing

Is there any referring data? I've had affiliates in the past just copy and paste the NATS join url from the browser (without using the proper http://domain.com/natscode/join syntax) which would still credit sales but not track clicks.

Chargebacks doesn't always appear immediately - it can pass a month before user of card discover how he got his card stolen.And one more trick - if used things like TOR or anything else what hides real ip,it usually leaves traces.Google for each ip and see does it shows any results about it.It is quite common for having same ip to be used for spam and fraud and other shady things.

Isn't the Internet FUN?

Is your payout per signup ($30 or more). I've had someone try that before. Pumped about 20 signup's into our system over a couple of days...we banned them. Sure enough over half the signups were fakes and I'd assume the other half were too but the credit card owners didn't notice or complain to their CC company.

I'd say it's time to open up a dialogue with him.
Ds

I've been a "manual" adult affiliate for many years and this has happened to me many times, and I have never had problems with my traffic or had my account terminated, but then again, I always let the owner/AM know my methods before sending traffic. This has also happened to me with other offers I've promoted, usually due to how I set up my sites, or my URL shortener. I have worked with networks before where there were no uniques showing up. Most of the time when this would happen though, it would be because of midnight system reset and cookie length-- due to my methods sometimes uniques would come in and the sales a bit later. Not saying it's not fraud, but just giving my experience. I would also suggest opening up a dialogue and ask a bit about traffic sources etc. and maybe also a reference or the names of other companies they've worked with.

Chat traffic?

Yes it's chat traffic.

I have a pretty solid theory about how they are doing it. They are bypassing the first page of the join form and sending the second part, hosted by netbilling to the customer. In my tests this fails to generate a raw or a unique in nats.

I am evaluating the productivity of the customers, since the fraud rate is not high enough to suggest credit card fraud, and a quick glance indicates at least some of the customers are active and productive on site.

Right now my concern is that in order to do this they have to pre-fill the user, pass and email fields, and if I am not getting the correct emails then customers are not getting their welcome emails and would be unable to retrieve passwords or make billing inquiries etc.

So we'll have a talk and see if there's a way they can continue to be successful while addressing my concerns.

I know that for sure. Absolutely fraud since you're working with chatters. That's absolutely fraud. No need to dig deeper in that.

don't forget to update after you talk with him

Ordinarily I would say the same but this has escaped my notice for some time and I have 90 days of history with more or less steady volume to look at. We are talking about very close to 500 joins here, the chargeback rate does not stand out. This is why I am looking deeper.

Obviously you don't want to ban them and I wouldn't either with 500 joins over 90 days. I've always linked to join pages creatively and I'm extremely glad no sponsors were dumb enough to ban me because their broken system didn't count traffic correctly. Just tell the dude to make sure he gets the right email, he probably thinks he can make a custom join that suits his traffic better than your default and with 160 joins per month on average you can believe that he has tested this previously to know for sure.

The idiots in here claiming "absolutely fraud" are showing their naivety at the multitude of ways affiliates generate sales.

Well theres "fraud" a word people toss around pretty lightly and then theres credit card fraud. Joins aren't easy to get and if I could do it alone I wouldn't have affiliates at all.

I don't tolerate credit card fraud from anyone for any reason in any amount. But we both know that's not the end of the story.

For me when dealing with creative affiliates, chatters, black hats etc. the criteria is this:

What you provide is joins, and that's what I pay for, because in the short term thats all I can measure - but its not what I want.

I want customers. I don't have any way to tell if your joins will become my customers until its all said and done. So I give it some time then evaluate. If I am getting customers we are fine. If it's just joins thats not what I want, and I'll let you find a program that wants your joins.

If it's your own merch think fraud & get the facts later.
Ds

Even if it's not your own merchant account... The chargeback rules are the same.

of course, but that risk is mitigated by them in a 3rd party solution. That's one of the upsides to using epoch, seg etc.
ds

strange teencat isn't here yet

You already said his joins are active on the site and look normal or perhaps a little below average. That is not standard with credit card fraud I would assume?

All I was pointing out is that there are many ways of sending traffic where hits do not get counted properly. Where you came up with the idea that I was defending bullshit traffic or credit card fraud I have no idea but I said no such thing.

Hi Duke,

That's the what the rules used to be, but no longer. Chargeback thresholds are the same for merchants with their own mids as they are for merchants under a third party processor. All merchants and sub merchants have to be reported to the card associations as far as registration, sites and chargebacks.

I would look very carefully at what Fuzebox is saying here. If the sales mostly seem to be legitimate, and you've made quite a few posts saying they do, then look for a technical reason.

I don't know what your site is so I'm going to pick a NATS site at random to use as an example. The example is http://pornpros.com

There are two ways to link to their join form.

1) http://join.pornpros.com/signup/sign...ATSCODE&step=2
2) http://join.pornprosnetwork.com/track/NATSCODE

If I use link 1, the sale will track to me through the ?nats parameter, but no hit in tracking will have been generated.

If I use link 2, a hit will be generated because of the /track/ and it will be tracked through the nats code.

look very closely.
sounds fishy.

90day history is nothing btw. Cbs Take a while to play out...

look at the receipts from these joins, IP addresses, name on card, see if the IP address is from a legit ISP. Look for the signs of fraud

was thinking this.. or other versions of the same type of situation

As I mentioned before, I have solved the mystery. I am using netbilling's hosted join forms, and they are linking directly to that. So that's why the uniques don't show up in nats.

ga chat traffic.. wow

I do all of that every day, I frequently discover and remove cheaters but I have not found any conclusive issues with this affiliate.

I also don't have direct contact with the actual individuals doing this. They were brokered to me in a double blind deal (they don't know who I am either) by a broker who got me another dozen or so high quality affiliates, this is the only one that stands out as fishy. I have had concerns in the past and been able to get them resolved through the broker, so I don't doubt this situation will be the same.

I have an online meeting with him tonight where I will present a new product he's been begging me to let him push, and with that leverage I will insist this other affiliate use my standard pre-join forms or else discontinue the campaign - there are disclosures and descriptions there that I am not comfortable having bypassed.

When trying to spot fraud it is always helpful to look for patterns... you will always find one...

fraud, end of thread ... :2 cents:

It happened to me that an USA person resold/brokered me a Filipino guy who hired "chat agents" who ultimately was doing signups. These chat agents in turn had contacts with filipinos living in USA and Australia who was friends with some US and AU citizens neighbours of them, with whom they had a deal so they will submit a $10 sale with their credit card and IP in order to get $20 back. I paid $80 PPS for each of these $10 submissions, so $70 profit for affiliate, and the split it was like $10 to cardholder, $10 to filipino expat friend of cardholder, $10 to filipino agent in the philippines, $20 to the boss of the filipino agents in philippines, and $15 to the USA reseller who ultimately I paid.

Since the cardholder just wanted to multiply $10 into $20, he been given the join page and did not even checked what the site it was about, even less cared to buy more. Even if most did not chargeback, this is not good for PPS, but only for rev share (but in such case, you do't find chat traffickers easily). I remember a chat traffic guy making $3000 worth of PPS, then no one (zero) in next year either buy more or chargeback, all it was legitimate cardholder from own IP signing up, incentivized to signup in some off-site way, at times that's to get a cam show in yahoo/skype or just to be nice to the agent; i.e. I want help you because have sick mother or young kids to feed, and rather than send you $10 directly, I go deposit $10 in that one link you give me so you get $80 instead.

I have been monitoring chat traffic for fraud for over 5 years now and been pretty successful at it. This is nothing new for me. I've seen good sales, bad sales, great sales and unspeakable horror.

The reason I made this thread was to find out what I was missing because aside from the impossible ratios everything else checked out.

It's not hard for me to imagine the scenario you mentioned above. One thing that has helped me is not paying out too much. Chat agents are all on their way to the dark side, they will almost all get there sooner or later. They have direct contact with the customer and hold a lot of influence over the customers actions both before and after joining.

Paying too much is a sure way to both attract the worst agents and also turn the decent ones down a dark path. One of the easiest ways to minimize fraud is to find out how much a stolen credit card profile costs on the street and always pay less than that. If carders can't turn a profit they won't card. Nobody does that shit just for fun. Of course, it's not quite that simple because your site is not the only one they can run that card on, but if you have good fraud scrub and solid contact with customers you can make a good portion of the stolen cards worthless and spot the other fraudulent transactions before they do any real damage.

Very well said. Be sure to use our negative database both local and global and use our ip vs card number scrub too. The fraud tools help of course as well as your keen eye and review of these types of transactions.

Good job.

Mitch

I believe it is possible to manage it, and we tried until a year or two ago, but honestly it takes too much time and risk for us to accept chat traffic in PPS mode. And so now we accept it only for cpa/ppl free signups. In any case, chat or not, 4 out of 5 new affiliates in cpa/ppl are fraudsters but they just make fake free signups with fake emails and IP addresses for $3 each, so is ok, this is not as bad as 100 PPS signups = $8000 chargebacks, or even 100 signups = $8000 paid from minimum 100x$10 = $1000 deposited... you can't win against this... so just one of these loss chat cases screws a dozen of other worth ones, can't live with suspect and terror this way.
When you have a new chat traffic affiliate making 10-20 paid signups a day, that can end up very bad quickly. Chat traffickers always send us screenshots of what they say it is their sales stats in other programs, as proof they're good, then I tell them: ok keep with that other program if does that well :)

So for those who were asking for an update here it is:

I demanded they use my tours instead of linking directly to the biller page, and was assured the matter would be handled.

Traffic immediately halted. I have no reason to expect it will resume. As I imagined, these kind of operations have a process and you can either be a part of it or not, you cannot change the process.

Whatever. I will miss the joins but not the headaches.

I guess you will see whats happens next

You have the emails of the signups. You could write to each something like: "We're the site X, sorry for asking, but how you got to know of our site, had someone invited you and had you been promised something for signing up?".
At times you get funny replies.

IMO that's way better than sending 10 or 20k visits with zero sales....
I have those ratios with many sponsors today...

Could have been figured out by looking at their landers to see if they were sufficient. If some of the big cam programs had told people they couldn't link to join many years ago a lot of people that got rich would have never made it.