Ultimate guide to lead generation fraud

Contents: Fraud has long been a challenge for those in lead generation. A complex supply chain model allows for multiple points of entry for those aiming to commit fraud. This is particularly true in scenarios where you may be purchasing leads from an aggregator, who is buying those leads from an affiliate network, who is […]

lead generation
Kevin Roy
Product Marketing Manager


Fraud has long been a challenge for those in lead generation. A complex supply chain model allows for multiple points of entry for those aiming to commit fraud. This is particularly true in scenarios where you may be purchasing leads from an aggregator, who is buying those leads from an affiliate network, who is buying them from a sub-affiliate network, and so on. 

The more players involved in a lead generation supply chain, the more opportunity there is for fraud to take place. Understanding how each of these parties interact with one another, and their role within the ecosystem, is vitally important. Here’s how each of them play a role:

Key Players in Lead Gen Fraud

  • Advertisers: These are the lead buyers, who pay for leads in a variety of different ways to drive more business. Some examples of advertisers may include insurance companies, loan organizations, and any company providing an end-product or service at the end of the supply chain.
  • Lead aggregators: Lead aggregators are marketing firms that act as middlemen between the client (or advertiser) and the affiliate networks. Aggregators negotiate a fixed price per lead with their client and then contract with third parties at lower prices to generate the leads. Lead aggregators provide a single point of contact. That point of contact will then handle the minutia involved with managing the many smaller firms that are generating the leads.

    This can be beneficial from a time-saving perspective, since the onus is not on the client to manage multiple relationships. Unfortunately, this arrangement also opens the door for fraud within the supply chain due to lack of transparency and great variation in quality. The goal of the lead aggregator is to make money on a per-lead basis, thus leaving room for a focus on quantity over quality, and legitimacy.

  • Affiliate and subaffiliate networks: These are the third parties with whom aggregators work to source leads. Just as quality varies when it comes to lead aggregators, the same holds true for affiliate networks and, by extension, subaffiliate networks. In this subset of the lead generation ecosystem, advertisers are mainly after quantity of leads over quality, with affiliate and subaffiliate networks motivated to deliver a higher number of leads and thus make a higher profit. The more layers built up between an initial incoming lead and the time that lead reaches the advertiser, the more opportunities there are for bad actors to enter the system. 

A look at the fraud supply chain

As technology provides new opportunities to explore as-yet untapped opportunities through lead generation partnership programs, it is also encouraging bad actors to find increasingly creative and difficult-to-spot ways to defraud those programs.

But what exactly is behind the global rise in fraud? One big piece of the puzzle is the globalization of the digital world, leading to a larger number of channels, devices, and tools through which bad actors can execute. Another piece of the puzzle: marketers fighting over a relatively small piece of the pie has led to a “speed over legitimacy” mindset that pushes for lower standards and a lack of transparency in a race to get to the top.

While fraud may seem like something that “happens to other companies,” that assumption can be a dangerous one. That’s why smart marketers are educating themselves before a problem arises, to not only be better able to identify fraud, but also to prevent it in the first place. This ebook examines the most common types of fraud associated with lead generation and how marketers can identify, understand, and protect against these bad actors.

The most common types of lead generation fraud and fraud definition

Identifying and naming these types of fraud is a good first step, but the true power lies in understanding how bad actors perpetrate these schemes, and how to be armed against them. Marketers need to familiarize themselves with the five common types of lead generation fraud within their partnerships, ranging from schemes implemented via bots to those based on incentivized traffic.

Bot fraud definition

What happens? 

In the case of bot fraud, fraud scheme operators automate nonhuman traffic, including click events, on a large scale. This technique is especially prevalent when it comes to cost-per-click (CPC) and cost-per-lead (CPL) activities. Bot clicks can even be leveraged to generate fraudulent likes and follows, effectively committing influencer fraud across social media.

How they do it:

  1. The malicious publisher registers for the advertiser’s CPC affiliate program and features text links directing traffic to an advertiser’s site.
  2. The malicious publisher hires a traffic broker to augment their click volumes.
  3. The traffic broker operates a large botnet, which emulates real devices/human browsing behaviors to produce invalid click traffic.
  4. The botnet is directed to the malicious publisher’s site to click through the text link to the advertiser’s site.
  5. Additionally, the bot net could be programmed to click on an offer and paste in lead information in CPL campaigns. 
  6. Ultimately, the advertiser attributes credit to the publisher for an invalid click event and pays them the designated CPC or CPL. 

Device spoofing fraud definition

What happens? 

Bad actors produce worthless engagement (clicks, form fills with stolen information, etc.) on a single device. However, a large volume of activity from the same device and cookie is easily detectable as fraud. In order to fool advertisers, bad actors will spoof their browser and operating system (OS) and reset cookies, effectively allowing one device to impersonate many. 

A spoofing program is relatively simple to run, making it easy for perpetrators to set up an automated system that runs through thousands of unique IP addresses and devices to push through fake notifications and leads. That means that even if you’re running a basic anti-fraud program that weeds out mass IPs or identical devices, this kind of spoofing can still potentially slip past your protections.

How they do it:

  1. The malicious publisher registers for the advertiser’s lead generation campaign.
  2. The malicious publisher’s site features a fake form fill, capturing the relevant personally identifiable information (PII) to satisfy advertiser’s lead generation criteria.
  3. The malicious publisher uses an emulator to send large volumes of automated traffic, first to the publisher’s site and then to the advertiser’s site.
  4. The malicious publisher auto-populates the real user information stolen through its fake form into the advertiser’s actual form fill and submits the lead.
  5. The malicious publisher simultaneously misrepresents the emulator’s device ID to make the leads appear as if they are coming from multiple legitimate devices.
  6. Ultimately, the advertiser attributes credit to the malicious publisher for each lead generated, even though they provided automated traffic and submitted stolen information, and pays the malicious publisher per lead submitted.

Incentivized traffic

What happens? 

A number of affiliates share commissions with end-users via rebates, social gaming credits, or donations to causes. These perks incentivize users to download browser toolbars and plug-ins. But users acquired this way tend to have much lower lifetime value. Low-quality publishers will often sell this incentivized activity as normal paid traffic. In other scenarios, the bad actor will “stuff a cookie” when the user visits sites that participate in affiliate programs, taking credit for that user’s activity or purchase.

How they do it:

  1. The malicious publisher registers for the advertiser’s affiliate program.
  2. The user is incentivized to download malicious publisher’s tool bar.
  3. The user goes to the advertiser’s website to shop and starts adding things to their shopping cart.
  4. Before completing checkout, the toolbar drops a cookie in the user’s browser, claiming credit for driving the sale
  5. Then the user completes the purchase.
  6. Ultimately, the advertiser attributes credit to the malicious publisher, even though they provided no value in driving the sale, and pays them a percentage of revenue.

Recycled or stolen information

What happens? 

In this scenario, bad actors that defraud lead generation campaigns submit a form to register for the campaign using either illegitimate information (a nonexistent person) or recycled/stolen legitimate information. In the latter case, real people’s personally identifiable information (PII) is bought or captured through fake lead forms and then recycled to collect cost-per-lead (CPL) payouts from multiple advertisers. This technique bypasses data validators and defrauds advertisers of their performance spend. It also damages their brand reputation among the real audience members whose information is stolen, especially when the advertiser attempts to contact a person whose PII was stolen or recycled.

How they do it:

  1. The malicious publisher registers for the advertiser’s lead gen campaign.
  2. The malicious publisher buys stolen information from a data breach on the black market.
  3. The malicious publisher then sends bot traffic through their own webpage on to an advertiser’s website and populates the advertiser’s form fill with the stolen PII.
  4. The malicious publisher’s bot traffic submits a fraudulent lead.
  5. The advertiser attributes credit to the malicious publisher, even though they provided an illegitimate lead, and pays them a (generally high) percentage of revenue.
  6. Meanwhile, the malicious publisher uses the same user’s info to replicate this process across many CPL advertisers and amplify their earnings.

3. Preventing and handling lead generation fraud

The best way to handle fraud is to prevent it in the first place. While that might not always be realistic, it’s a smart place to start. This chapter takes a closer look at what to do if you discover fraud has occurred, how to maintain secure practices to decrease your likelihood of being targeted by fraud schemes, and the best ways to prevent fraud overall.

Different industries experience fraud at differing rates and levels of severity. For example, certain financial subverticals, like lenders, are more likely to experience higher levels of fraud than others based on the amount of information required for a “lead.” If the only qualification is first name, last name, and email address, that represents a relatively low-intent lead with a low level of conversion expectation. Because of that, higher instances of fraud are more likely to occur. 

Conversely, in certain subverticals where the information required indicates high-intent leads (for example, if a social security number or other deeply secure personal information is required), there tends to be a lower instance of fraud. But regardless of industry or subvertical, fraud still comes with the territory of running and scaling any lead generation program, which means being prepared to combat it is critical.

Fortify your lead generation partnerships program against fraud

Fraud prevention is not only a question of safety, it is also a question of growth. Without the capability to accurately assess risk and weed out bad actors, growing a partnerships program is slow-going, to say the least. Advertisers should have a clear understanding of what protections are already in place to prevent fraud and have the right tools and capabilities to identify potential fraud when it happens on their watch. Streamlining quality assurance, particularly with multiple partnerships in-play, is vital to fortifying your program and stimulating growth. 

It takes two — attacking fraud through connections and devices 

There are several different ways to detect fraud. A two-pronged approach that looks at both connection and device characteristics to determine the likelihood of fraud is a smart way to see the full picture. 

Connection characteristics include things such as: 

  • Proxy: The proxy server through which a user is seeking resources or requesting information can be a strong indicator of the reputability of an incoming lead.
  • IP reputation: IP addresses serve as a unique identifier. Understanding whether or not a specific IP address has a high likelihood of fraud can help stop the fraud before it happens. 
  • Hosting provider: A web hosting provider is a service that allows individuals and organizations to set up a broadly accessible website. Knowing what hosting provider is used and where the provider originates can be a useful source of fraud detection.

Device characteristics include things such as: 

  • Spoofing: A ‘spoof’ is an act of deception, in which information or communication from an unknown or trusted source presents itself as information from a trusted source, making it easy to cover up fraud. 
  • Device reputation: Just as IP addresses have reputations, so do devices. Knowing the likelihood that a certain device is delivering a fraudulent lead can help stop fraud in its tracks and prevent future fraudulent activities.  

Even the playing field with a fraud score

The characteristics mentioned above can be combined into a fraud score that helps take the guesswork out of the validity of a lead. Awareness that fraud can happen is good, but having a way to measure and score it is the next step. This score is a combination of the characteristics of both the connection and the device, augmented with other available data. 

While it is up to every organization to determine its risk tolerance, gaining clarity about what percentage of leads or lead sources fall within each category can give you the transparency you need to more effectively manage, grow, or eliminate partnerships depending on how they measure up. 

The level of insight provided by a two-pronged approach and fraud risk threshold not only allow for smarter partnership decisions, but smarter overall investment decisions as well. A fraud score can give you the ability to more quickly and confidently suppress and reverse payouts to high-risk sources if it seems fraud may have occurred. 

As in any case with bad actors, time is of the essence, and a score based on clear data can assist in accurate decision-making in a way that gut feelings and hunches rarely can, especially when dealing with lead generation partnerships at scale.

How to maintain secure practices and outsmart bad actors in all types of fraud

Ultimately, consolidation is key to maintaining security. Not in terms of partnerships, but rather in terms of managing workflow. Fraud can more easily exist when the left hand of a program doesn’t know what the right hand is doing. The right technology allows you to focus on building performance-focused lead generation partnerships with multiple partners at scale, from discovering and recruiting new partners to optimizing existing relationships (and everything in between). In tandem with scaling your partnerships program, you can also rest assured that there is a system in place to weed out bad actors, prevent fraud, and spot it more easily if it does sneak into your system. 

At Impact, we take it a step further in our Partnership Cloud. By compiling and centralizing the fraud-related data gathered from organizations across our fraud program ecosystem, you can benefit not just from your own fraud findings, but from an ultimate “bank” of fraud knowledge. That means your own findings can be augmented and proven out with greater detail, because there may already be existing information about the reported fraudulent activity in the Cloud. The end result is the ability to make faster, smarter decisions when potential fraud comes your way, and confidently manage multiple partnerships at scale.

The right tools allow you to prevent types of fraud

Proactively protect against fraud in real-time: With the ability to check incoming leads against a fraud database based on connection characteristics and device forensics, you’re able to stop fraud in its tracks by identifying it faster. Simultaneously, your knowledge and fraud detection information are contributing to a global knowledge bank that makes it possible to build a more robust view of the fraud landscape over time.

Expand your number of partners with confidence: Scale and growth is high priority for a majority of lead generation specialists, but fraud is oftentimes the biggest factor in stagnating those goals. With the ability to recognize fraud faster and access to information about bad actors from organizations around the world, expansion becomes more realistic and less time-consuming.

Increase campaign ROI via traffic-quality insights: When fraud can be detected faster and subsequently avoided, you are able to redirect your investments and adjust spend to focus on areas that are legitimately delivering the highest volume and quality of leads. In short, less fraud equates to more legitimate views at a lower cost.

Ensure compliance with the Telephone Consumer Protection Act (TCPA): Fraud doesn’t only waste valuable time for call centers and other outreach specialists, it also increases the likelihood of compliance violations if your teams are reaching out to individuals who did not legitimately request to be contacted. Bad actors can access names, email addresses and phone numbers en masse, but the right detection tool makes it possible for you to more quickly identify when a lead, even if seemingly legitimate, is fraudulent, and avoid unintentional violations.

Only you can prevent fraud

A fraudless world may still be just a pipe dream, but smart marketers who know what to look for can better protect their lead generation partnership programs from bad actors and take steps to prevent fraud before it even happens. 

With the right technology in place, it becomes possible to assess risk in real time and lower the likelihood of wasting budget on fraudulent activities. In the example below, one client saved approximately $400,000 over the course of one month simply by not paying out for any lead deemed as high risk: 

Furthermore, over time that same client was able to save significant investment and time based on aggregated risk scores, allowing them to deliver higher value to their own clients and become a position themselves as a proven trustworthy partner for new potential prospects. 

The benefits of proactive fraud detection are extensive, from building out differentiation when attracting new business to increasing your own ROI and scaling more successfully. 

The right fraud tools minimize risk

The most common types of fraud include:

  • Bot fraud
  • Device spoofing
  • Incentivized traffic
  • Recycled or stolen information
  • Unapproved network syndication

 However, you have also learned that there are ways to minimize risk, consolidate the flow of information and manage programs in a smart way. It is possible to outsmart those seeking to do harm by attacking fraud through connections and devices, establishing a fraud scoring system, and maintaining secure practices. Ultimately, running a partnerships program at scale does not have to come with increased risk of fraud if marketers have the right tools at their disposal.

Stay in the know. Get our monthly newsletter right in your inbox.


You have successfully signed signed up to our newsletter. Keep an eye on your inbox...

Invalid email

impact.com values your privacy.