Lead generation fraud has become a more and more common problem up to a level where it seriously hurts businesses. In general, fraud in the lead generation industry can be split into two major groups:
Click fraud. Invalid traffic arriving at your landing page after a bot has clicked on an advertisement or link in an email in order to be able to claim the attribution
Lead generation fraud. Human operated fraudulent traffic originating from clickfarms and/or sweatshops where humans fill in your forms with stolen user data bought on the dark web.
What is click fraud?
Click fraud is a type of fraud where bots click your advertisements to get attribution. Another form of click fraud is when a competitor clicks on your advertisements to burn your marketing budget. So, the question is: How to detect click fraud? The answer is simple: Using a (click) fraud detection tool. How to detect competitor fraud? Competitor fraud can be detected using analytics, as the person or persons who click on your advertisements will have some sort of way to get your advertisements displayed in their browser. By searching for patterns in the click data you will see how they do it and you can simply prevent advertisements being served to certain geo regions, add/remove/change keywords, etc. It sounds simple, but this is how to stop bot traffic, and how you stop competitor click fraud.
What is lead generation fraud?
Lead generation fraud is much more sophisticated than click fraud mainly because the number of leads is smaller and the price per generated lead is higher. This means for a fraudster the profit per generated fake lead is way higher than a fraudulent click. Secondly, the availability of an almost unlimited workforce in low labor cost countries working from their homes using VPNs, custom built browsers ensuring anonymity, and the availability of stolen (personal) data of millions of US citizens (name, address, zip code, telephone, credit card data, date of birth, etc) enables fraudsters to fool and bypass bot detection tools and post-submit successfully pass the lead validation checks on the submitted data.
This enables fraudsters to keep on making money and keep on buying freshly stolen personal data on the dark web to keep on being up to date, renew their VPN/proxy subscriptions to appear to be browsing from US residential IP addresses, and pay their monthly subscriptions to the custom built browsers with lots of additional plugins and even more fake device profiles. And, of course, pay a few dollars per month to their human workforce.
Step-by-step guide to prevent lead generation fraud
Now that you’ve heard the bad practices, let’s talk about how to stop bot traffic, how to stop fraud traffic, and how to protect your lead generation program from phony leads, fraudulent chargebacks, and litigation risks due to TCPA violations.
Be in control of your landing page
This enables you to add the fraud detection tag to your pages, monitor traffic arriving at your landing pages, and have campaign metrics based on first-hand data. Subsequently, you need to create a unique identifier per page visit enabling you to flag, track, and reject individual fraudulent visits.
Validate your visitor’s traffic (to detect click fraud)
Using the SecureLead detection tag you can check your traffic for bot patterns, traffic from datacenters and from outside the geo-targeted area. This helps you to better understand which types of bots are targeting your campaigns, what sources these bots originate from, what the click through rate (CTR) and conversion rates are for these sources.
Validate your visitor’s traffic (to detect lead generation fraud)
Using the SecureLead detection tag enables you to know which submitted leads are generated by bots, clickfarms, or originate from the TOR network. Some companies place CAPTCHAs on their lead generation forms. This only stops bots which are unable to successfully solve the CAPTCHAs, or are not programmed to convey the CAPTCHA to a human workforce solving it. Companies placing CAPTCHAs on the lead generation forms don’t realize that fraudulent leads are more and more generated by a human workforce working in sweatshops and clickfarms which will solve these CAPTCHA as part of their work. Another side-effect of using CAPTCHAs is that it affects the page loading speed, and may kill your conversions due to its high bounce rate.
Validate and verify user data
The data fields of the submitted leads need to pass some basic verification tests. This is no rocket science and are in fact really simple checks, like: Does the postal address, zipcode and geo-location of the IP address match, run a phonenumber verification to check for disconnected numbers or reassigned numbers and check for reputation of the IP address.
Analyze campaign metrics
Analyzing CTR and conversion rates are good metrics to know which parts of the campaigns are performing. To be fully in control and spot outliers in your data you should run a more thorough analysis on campaign data. This enables you to spot poor performing sources, allows you to cutting down the sources with a high fraud percentage. Having these metrics enables you to identify fraudulent sources and/or affiliates and take action.
Analyze your visitor’s behavior
Using SecureIntent you are able to deeply analyze the behavior of your visitors on your lead generation pages. This enables you to capture your visitor’s behavior and infer the intent of the visit. This is not about basic metrics like ‘number of clicks’, ‘number of scrolls’, ‘the time spent on the lead generation page’ or ‘a heatmap where users click’. It is about how an individual visitor interacts with your lead generation page. Based on a visitor’s behavior and their way of interaction advanced algorithms are able to infer the level of interest a visitor has. This is called ‘the intent’. This metric can be used to determine the success of the campaign and is even able to determine the quality of individual human visitors. The latter can be used to only retarget visitors having exceeded some quality threshold.
Create and archive proof of consent
If you contact your prospects over the phone to close the sale you should create a proof of consent of the prospect filling in and checking the consent of the lead generation form. The proof of consent will be your evidence in case the called party starts legal action claiming that you have violated the tcpa act for contacting them without express consent.
Don’t pay for fraudulent traffic
If you have identified a fraudulent affiliate your action is to refuse to pay for fraudulent leads. This will reduce your campaign costs and prevents fraudulent data from entering your systems. By marking individual visitors as fraud you also prevent retargeting of bots or clickfarms, which indirectly saves you campaign budget.