Today I would like to kick off the “Fraudster on the Roof” series. If you know of a scam or scheme that you believe readers of iPensatori would find interesting, send it along to me and I’ll post it up for everyone’s benefit. Just to be clear here, I intend for readers to learn from this series so as to better detect fraud, not to improve how they implement it.
Our first post in this series comes from an iPensatori reader that prefers to remain anonymous. She calls it the “Burn to Earn” scam. It has affiliates targeting merchants with an affiliate program that has a higher payout to affiliates for a sale than what it costs to actually sign up. So if the merchant ACME sells an ACME subscription for $5 p/m, he would be eligible for this scam if he paid affiliates $10 for each subscription that is sent their way as a result of the affiliate’s actions.
At first this does not make sense. If X costs $5, why would a merchant pay $10 to sell it? This makes a lot more sense when you consider that the merchant is not just making a once off sale of X, instead the merchant sells X again and again over a long period of time. The best example of this type of merchant (and the one provided by the contributor of this post) is a hosting provider.
I have not changed my hosting provider in years. I had been with the previous hosting provider for five years before the current one. So if my existing hosting provider had paid $10 to get me on a $5 p/m subscription, it works out to be next to nothing (for I paid the $5p/m for several years). I’d imagine this is something that is fairly common with hosting providers, hence the reason they pay affiliates so much for a sale.
Take a look at the affiliate program for Hostgator. Note that their minimum payout is $50 per signup. This number increases if you get more people to sign up with them, eventually hitting a cap of $125 per signup (at 21+ signups p/m).
Now point your browser to how much it costs to actually sign up with Hostgator: their hatchling plan costs $3.96 p/m. If it has not hit you yet, the scam here is to repeatedly sign up using one’s own cash and affiliate id. With a minimum payout of $50 per signup, you’re basically spending $3.96 to make $46.04 (hence Burn to Earn). Not a bad rate of return for a fraudster.
Needless to say, this activity is forbidden by Hostgator, from their Terms and Conditions:
4. Commission Payment. Commissions deemed due and owed to you under the program will be paid to you directly by hostgator.com after any holding period and in accordance with a regular payout cycle established by HostGator.com. No commission will be paid for signups by you, your household, or anyone within your organization. HostGator reserves the right to only pay for referrals that are active.
The anonymous contributor of this post explained to me that it’s not too difficult avoiding detection with this scheme, for the glory of the Internet and Prepaid Debit cards (you can buy these from Walgreens) make this a fairly reliable earner. Of course, avoiding detection in an effective manner adds more cost, thereby lowering the rate of return. She explained that even if the scam is detected, there are so many hosting providers paying more for a signup than the cost of a signup that moving an operation from one target to another is trivial.
How to detect this?
I think that for as long as a merchant pays more for a sign up than what it costs to sign up, then this is going to be a problem. There are definitely ways to raise the barrier to entry here, and Hostgator already employs a few of them.
I chose Hostgator for this example for they are one of my current hosting providers. When I signed up with them, I had to go through a screening process via a phone call before they made my subscription active.
One could argue that there are ways around this as well, since it’s simple and cheap to buy phone numbers online. That’s true, but it’s not simple to keep faking (and remembering!) who you are supposed to be all of the time.
“Hmmm, isn’t it strange that affiliate X only sends male signups between the ages of 30 and 45 to us?”
Another barrier to entry would be increasing the delay between confirmation of an active account and actual payout to an affiliate. In doing so, one could effectively shut this scam down if the cost of running a fraudulent campaign were greater than the cost of signup, or at least a lot closer than it is now. For example, instead of paying a month after a signup, the merchant could pay 6 months after a signup. The fraudster would then have to spend 6X$3.96 in order to make any money.
Affiliates could complain that six months is too much of a delay. But even this can be countered by reducing this delay once the affiliate has become a trusted and valued contributor to the affiliate program in question.