A global leading fashion e-commerce runs marketing campaign focused on viral growth strategies to attract new users such as flash sales, lucky draws and games. Their referral program also faced challenges from fraudulent exploitation by underground market operators and malicious competitions from rivals.
October 2, 2024
10 minutes
Yuqi Chen, Catherine Yu
Leverage on several machine learning models to detect orchestrated fraud organization and analyse various aspects of anomalies. The fraud management strategy has successfully intercepted 3.5 million risks and avoided $1.4 million in 30 days.
In 2023, a global leading fashion e-commerce retailer set its sights on global expansion, leveraging its on-demand business model, efficient supply chain, competitive pricing, and precision-targeted digital marketing
To enhance market share and user engagement, the company launched an extensive series of marketing campaigns, gradually expanding them to over 30 countries across North America, Europe, Latin America, and the Middle East. The campaigns primarily focused on viral growth strategies to attract new users, with a marketing budget of nearly 2.8 billion USD.
Building on this, they launched a promotional campaign featuring three key events: price slash sales, lucky draws, and a virtual pet-keeping games, with the goal to rapidly grow their customer base through a referral program, where existing users could invite new customers and earn points in each event.
However, the campaign faced huge challenges from fraudulent exploitation by underground market operators and malicious competition from rivals.
Promotion abuse occurs when individuals or groups exploit promotions like discounts, coupons, or referral programs beyond their intended purpose, leading to financial losses. As e-commerce grows, online promotions spread quickly across digital platforms, making them vulnerable to abuse by a diverse audience, including fraudsters. This results in businesses paying for what seems like organic growth, but is actually fraudulent activity, skewing marketing data and causing financial loss.
In this case, the company encountered significant issues with promotion abuse, as users created fake accounts, by-pass IP restrictions, alter devices, and collaborated with fraud rings to exploit rewards.
Fake email registration is a common tactic fraudsters use to exploit promotions in e-commerce platforms. Fraudsters create multiple fake accounts using temporary or disposable email addresses. These accounts are often generated in bulk through bots or automation tools. In this case, TrustDecision identified email related anomalies such as clustering of random emails, temporary domain emails, and similar email addresses.
E-fencing is a digital boundary used to manage access based on geographic location, typically by checking IP addresses. It’s commonly employed to enforce regional rules, control content access, or limit promotions to specific countries. For this e-commerce brand, promotions were restricted to certain regions, like the U.S. However, a significant number of users from Asia and Africa bypassed these IP-based checks, exploiting promotions meant exclusively for American customers, resulting in unintended participation and potential financial loss.
Device spoofing is a fraudulent tactic where a bad actor disguises a device’s identity, such as altering IP addresses, user agent string, device ID, IMEI numbers, or MAC address, to bypass security protocols or impersonate legitimate users. They've encountered 3 key challenges from fraudsters in this case.
Organized fraud, or gang fraud, involves coordinated schemes that are harder to detect. In this case, influencers were found exploiting promotions by driving mass registrations and generating fake referrals through private networks. Although these appeared new users register with unique devices and emails, they are oftentimes low-quality participants completing crowdsourcing tasks and hardly return after claiming their rewards. To combat this, collusion detection models can identify large-scale, short-term registrations with similar behavioral patterns across different users.
To help a cross-border e-commerce fortify its defence against promotion abuse, TrustDecision developed a comprehensive strategy, integrating machine learning models and advanced anomaly detection and to identify and prevent fraudulent activity.
This model evaluates user interactions such as login frequency, navigation paths, and purchasing behavior. By establishing a baseline of normal activity, it can quickly flag deviations like sudden spending spikes or irregular login times, which often signal fraud. It continuously compares real-time behavior with historical data to spot emerging fraudulent patterns.
Using unsupervised learning, this model groups users based on shared behaviors, such as referral activity. It reveals hidden patterns, identifying coordinated efforts like fraud rings exploiting referral programs through mass registrations or synchronized actions.
The profiling model creates comprehensive user segments by analyzing demographics, purchase behavior, and interaction data. By categorizing users into profiles such as "high-value customers" or "potential fraudsters," it enhances targeted fraud prevention while ensuring genuine users aren’t impacted.
This model excels at identifying fraud rings by linking users through shared devices, contact details, or synchronized behavior patterns. In a recent analysis of a promotion, the model detected nearly 300 fraud rings involving thousands of devices and accounts, improving detection efficiency by 15% compared to traditional methods.
Each of these models collectively strengthens the fraud prevention system, enabling S to address various fraud scenarios in real-time.
Monitoring for identity anomalies, such as multiple accounts sharing similar personal details (e.g., name, email, phone number), helps businesses detect suspicious patterns. Early identification of these anomalies can prevent fraudulent transactions from escalating.
Fraudsters often use tactics like device spoofing or frequent resets to obscure their identity. Analyzing device data—such as frequent changes, altered configurations, or the repeated use of the same device across different accounts—enables businesses to uncover hidden risks and act swiftly to mitigate them.
Geographic data is another vital fraud indicator. Many fraudsters employ VPNs or IP spoofing to hide their true location. By tracking location anomalies—such as sudden shifts in geography or transactions from high-risk regions—businesses can flag and investigate suspicious activity more effectively.
High-frequency account activities, such as rapid purchases or bulk transactions within a short time, often signal fraud attempts, especially when automated bots are involved. By analyzing transaction and account frequency, businesses can detect and stop fraudulent behaviors before significant damage occurs.
Monitoring user behavior provides deeper insight into fraud detection. Deviations from normal patterns, such as unusual purchases, inconsistent browsing habits, or unfamiliar payment methods, can signal fraudulent activity. Behavioral analysis enables businesses to act on these early warnings.
Over a 30-day period, the platform implemented the customized risk control system and closely monitored its effectiveness. The results were remarkable:
risks intercepted
fraudulent accounts blocked
revenue loss avoided
In cross-border e-commerce, the ability to detect and prevent fraud is crucial for maintaining platform integrity, ensuring customer trust and prevent financial loss. By implementing a comprehensive monitoring system that tracks key factors such as identity, device usage, location anomalies, transaction frequency and user behavior, businesses can effectively identify suspicious activities and mitigate risks. Advanced analysis of these data points helps prevent fraudulent schemes, ensuring smoother operations across global markets. A multi-layered approach to fraud detection strengthens the overall security of cross-border e-commerce platforms in an increasingly complex digital landscape.
Let’s chat!
Let us get to know your business needs, and answer any questions you may have about us. Then, we’ll help you find a solution that suits you