Lorem ipsum

Lorem ipsum

Sign up for education resources

CASE STUDY
How to manage mass refunds and gift cards in the time of pandemic
Blog

Blowing the whistle – how to combat referral abuse and fraud?

by 
 
January 23, 2020

A ready-to-go list of technical security tools and practical steps you need to take to protect your referral program from potential fraud.

Fighting with referral fraud - title photo (woman holding a credit card)
Photo by bruce mars from Pexels

In this post you'll learn the basics of protecting your referral program from fraudsters.

You will also learn:

  • About securing your referral program by IT means.
  • What constitutes the most popular referral fraud attempts.
  • Actionable tips on safeguarding your referral incentives

If you intend to run or you're already running a referral program, these tips are for you.

Let's start.

What can you do right now to combat referral fraud?

If your job is to upkeep the acquisition and churn rates in a healthy balance, the pressure of collecting new leads and customers will give you a few sleepless nights. There are many marketing strategies aimed at generating buzz around your brand, such as paid ads, SEO, social media presence, and you’ve guessed it - satisfied customers. 

The beauty of using referral marketing to your advantage is that any company can use it, provided, of course, that it has a few dozen happy customers ready to spread the word. But, hold your horses, remember that out of 99% of customers who will play fair, there is a 1% of those who will try to game the system. 

This article aims to give you a ready to implement list of technical and practical referral anti-fraud options that will protect your referral program from going down the drain.

Practical solution to referral fraud include:

  • Offer non-monetary rewards (discounts, gift or loyalty card points) for each referred customer.
  • Rewards customer purchases or engagements, not solely invites. 
  • Constantly monitor the referral program performance.
  • Limit the number of times a customer can use his/her referral code. 

Technical solutions to referral fraud include:

  • Monitor IP addresses.
  • Track similar email addresses and email patterns.
  • Check the referral rates.
  • Block referral redemptions coming from rooted devices and emulators.

If you need more information on launching referral programs, visit these articles:

Nip it in the bud - how to design a referral program to avoid referral abuse and fraud?

The most common types of referral fraud include the creation of fake email accounts and email aliases, publishing codes on the internet via sites like Reddit, and setting up small-scale schemes for monetary gains via the use of the same referral codes over and over again. 

Here is my list of 4 things you can do while creating your referral program that will help prevent this type of referral abuse. 

1. Go for points or discounts, instead of cash rewards. 

Remember that opportunity makes the thief. If you give customers a chance to get 20$ for each referred user, you may expect that at least a few will try to get some cash out of your referral program. Monetary gains are, of course, the most attractive reward for customers, yet they pose too much of a risk. 

Instead of using cash as an incentive, try using loyalty or gift card points or discounts. Non-monetary rewards are a safer route to take, and they will bring you a small sum of profit back via bonus purchases triggered by discounts and free points, increasing the overall referral ROI. 

Creating a referral reward in Voucherify - 1st step to fighting referral fraud
Creating a referral reward in Voucherify

2. Reward engagement and purchases, not invites. 

Another trick that you can implement right at the beginning of sketching out your referral program is to set up that sending a referral code to a friend is not synonymous with receiving the referral reward straight away. A good idea is to reward customer engagements, preferably making a purchase.

But be careful. Simply establishing that making any purchase entitles the referer or the referee (or both parties in the case of double-sided referral program) is not enough. Remember to determine the minimum amount required for the purchase to be counted as successful. Otherwise, you may have many customers making 1$ purchases and receiving many referral benefits in return.

Setting up minimal order value - 2nd step to combating referral fraud
Setting up order-based validation rules in Voucherify

3. Watch out for shady user activity.

Whether you decide to build your software architecture for handling a referral program or use SaaS referral providers, you always need to make sure that you have monitoring tools in place. In case of users performing any suspicious activities, such as failing to redeem the referral code several times in a row or providing false email addresses several times, you can react in real-time and manually prevent the given user from taking part in your referral program. Having logs and a list of recorded events connected with the given customer or referral code will be a great aid to make sure that no referral abuses will take place on your watch. 

Activity logs in Voucherify
Activity logs in Voucherify

Put limits on referral codes and rewards.

The last thing (but not the least important) that I’d like you to consider doing is limiting the number of referral code redemptions. Otherwise, the redemptions will be unlimited, which may pose a significant risk to the safety of your referral program, especially if you have no other fraud prevention tools set in place. Limiting the redemption count and the timeframe of your campaign can help in creating a sense of urgency and may force users to choose wisely with whom they decide to share their referral codes giving you a bigger opportunity for high-quality leads

How can you safeguard your referral program programmatically?

Let’s assume that you’ve already done all you could with the referral program workflow to prevent and protect yourself against referral fraud. Designing a proper workflow can be substantially enhanced by setting up certain technical blocks that will allow you to flag individual user’s behaviours as suspicious. 

1. Track User’s IP Address.

Monitoring IP addresses is one of the least complicated solutions to block attempts at referral fraud. There are several ways in which you can utilize IP tracking in identifying suspicious user’s activity. For example, you can mark the user as suspicious if he or she gets more than four referred friends from the same IP address. Also, you may block users who share an IP address with a friend he or she invited to your referral program.  

2. Keep an eye on email patterns.

In most cases, referred users would need to use their email address to log into your website and perform the activities that would mark the referral process as successful. That gives you an excellent opportunity to check each email address for uniqueness and other features that you deem necessary. You can block referrals coming from similar email addresses or email aliases. 

What is an email alias? Well, an email alias is an additional name for an email account. It allows you to create alternative email addresses without having to create another email box. Make sure that your referral system automatically blocks email addresses containing "+" so that customers cannot provide email addresses such as jenna+google@email.pl or jenna+yahoo@email.pl to receive referral rewards. 

Also, you may want to flag all users who used email addresses coming from temporary email domains

3. Have referral rates under control. 

Another simple technical trick is to set up an automatic block on users whose referral activity rates are staggering. What staggering means depends solely on your business. For example, you may decide that if a referrer gets more than five friends in an hour, he or she will automatically get blocked. For other businesses, it can be ten friends and so on. 

Keeping track of referral rates should be plain sailing if you choose a referral provider that offers easy access to in-depth analytics and user activity logs.

Referral statistics in Voucherify 


4. Rooted devices and emulator devices. 

My last bit of advice concerns the use of rooted devices and emulators. Identifying such devices can help you find fake IP addresses that can be used to cover referral fraud and referrals coming from the same person but two different IP addresses. 

All the above tips should help you identify potential fraudsters, but remember that errors happen, and you should not block users immediately after noticing some suspicious activity on their accounts. What you can do instead is reach out to them, either via manual or automatic message, to find out whether they ran into any problems or maybe made a typo while typing in the email address. 


Referral programs always entail some percentage of unwanted user activity as it is an integral part of any direct business cooperation with customers. Just keep that in mind, do all you can to prevent referral fraud with the tips I gave you, and enjoy some new customers on board as positives coming from well-planned referral schemes outweigh the negatives


{{CTA}}

Can’t wait to launch your first referral program? 

Sign up here and try it for free!

{{ENDCTA}}

On this page

Get inspiration to grow

By registering, you confirm you have read and agree to the Subscription Agreement, and to the storing and processing of your personal data by Voucherify as described in the Privacy Policy.

Marketing Permissions

Before you send us your data, you must become acquainted with the Privacy Policy where you will find information on the personal data controller, your rights and our obligations, the purpose for which your data are processed and any other information which relates to the protection and security of your personal data.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.