The Botnet That’s Crashing Car Insurance Campaigns
Car insurance marketing campaigns have seen an increase in fraud rates lately, and one botnet is to blame.
This sophisticated botnet has been well hidden and it’s clear in observing it that its programmers have worked hard to escape detection. Its primary job is to generate traffic to make it appear that interested prospects have arrived at your landing page. Its behavior is designed to appear human so that it can blend in with normal human traffic. Our data indicates that this botnet has been mainly targeting car insurance campaigns, since they typically pay well for leads generated through their affiliate programs.
It’s easy to see why this is going largely undetected: most detection solutions don’t look for what this botnet is doing, or only look at previously documented details, rather than analyzing behavior in real time.
The botnet appeared in Fall 2021 and remained in the shadows for some time – out of the scope of most detection solutions. Researchers at Oxford BioChronometrics have been tracking it since October as it steadily increased in volume up to an average of more than 30% of the total traffic arriving at the landing page(s) of a car insurance campaign.
This chart shows how this new botnet (dark red, labeled as Botnet 1) steadily increased its traffic over the course of one month. Other fraud types remained more or less the same.
This table puts that fraud into numbers, showing you the wasted budget and the increased customer acquisition cost (CAC). Over the course of every 100,000 clicks, the total fraud percentage is ~30%. That’s a third of your budget wasted and 0 conversions. Even if a botnet does fill out your lead generation form, something that isn’t human obviously can’t convert.
This botnet is seeing increased use because it is escaping detection by common solutions. It’s stealing 30% of your money and tanking your conversion rate. To make matters worse, if the same fraudsters fill out a lead generation form using phony contact information, or worse contact information based on stolen data, you run the risk of TCPA violation fines.
Because this botnet is still active, no technical details on how to detect it will be shared yet. But if you have seen a similar uptick in fraudulent clicks in your car insurance campaigns – and if you don’t like to waste your money – please contact us.
Oxford BioChronometrics’ fraud detection solutions continuously monitor our clients’ campaigns and automatically flag any outliers for human inspection. We not only keep pace with, but try to stay ahead of, fraudsters tricks in order to protect your budget and your performance data.
So it’s time – now – to make sure you have the best proof of consent available with SecureLead. It costs the same or less as you pay now to verify those leads (and if you don’t use anything now, it will cost you a lot less than it saves you), gets you in contact with real human leads quickly and protects you from the lawsuits that are headed your way.
Fraud comes and goes, but this persistent and large botnet will continue until they see that more companies are able to detect them.
Give us a call.