Imagine that you have set up a well-planned referral campaign to gain new customers for your app. It started to pick up speed and referrals started overflowing to claim the rewards. Sounds so good, right?

But eventually, you realize that the number of referral claims is high, but the ROI from the referral campaign is low. This might be a sign that you have become a victim of referral fraud.

This type of fraud not just impacts the marketer monetarily but also leaves a deep impact on its brand reputation. Know in detail about referral fraud and how fraudsters commit it in different forms.

This post was first published on

What is referral and coupon fraud?

This type of fraud happens when fraudulent participants create illegitimate referrals or misuse coupons to commit fraud. They play the system to leverage the benefits of the rewards and discounts, while advertisers end up wasting ad spends on invalid traffic instead of attracting legitimate new users.

How does referral fraud happen?

First-time user fraud

First-time user fraud is the most frequent fraud that a user does to take benefit of the referral program. In a normal case, a referral code is valid for first-time users only. However, fraudsters use these codes multiple times by using bots, simulators, device farms, etc.  For example, in the case of a ride app like Ola or Uber, the users desperately try to hunt for free rides via the first-time promo code by creating multiple or fake email ids or by using fake/virtual phone numbers to show themselves as new users and drain an advertiser’s ad budget.


Another type of referral fraud is when the same user is the referrer and the referee i.e., the same users find fraudulent ways to get the benefits. They use different fraudulent practices to avail the benefits of the referral program. They use the same email IDs and different phone numbers. And in some cases, they even use the same phone numbers.

Fraudulent coupon codes

Referral codes are a cost-effective way for advertisers to reward loyalty, drive purchases and encourage brand value. Referral code fraud is a lucrative way to gain incentives, rewards, bonuses, etc. However, when running these campaigns, fraudsters manipulate the coupon codes through scams such as fake or expired coupons. When the user attempts to use this code, they don’t get the benefits claimed by an advertiser. This directly impacts the brand image, and the users lose their trust in the brand.

App cloning

App cloning or parallel space gives an advantage to the user to log into two different user accounts simultaneously by creating a separate parallel space on Android devices. The user can basically create and manage login for two accounts on one device and create separate profiles for business and personal accounts for the same apps as Facebook, WhatsApp, riding apps, gaming apps, etc. With the help of parallel spacing, they can refer themselves and redeem the benefits of the referral program.

An example of app cloning in a device

Source: mFilterIt

Using bots/emulators and VPN proxies   

Fraudsters use their age-old tools like bots and VPN proxies to fake users and redeem the benefits of the referral program by either reinstalling the app or by manipulating the device parameters like device ID, advertising ID, IMEI, device IPs, etc. With the help of VPN and proxies, fraudsters fake their device location which makes it hard to detect fraudulent IP addresses. On the other hand, sophisticated bots hack devices to use the genuine user’s information for redeeming the benefits of the referral program.

Impact on the brand

An advertiser runs referral campaigns to bring in new customers and retain existing customers. However, when fraudsters seep their way into the campaigns, the advertiser doesn’t just lose money but their brand image gets compromised.

Due to the fraudulent coupon codes and malicious practices happening in referral programs, both the new users and existing users are impacted. Fraudsters engage in referral campaigns which leads to the wastage of an advertiser’s ad budget on invalid traffic. As a result, when new or existing users are unable to avail the benefits of the referral program, they lose interest and trust in the brand. Furthermore, advertisers incur low ROI and a negative impact on their brand image.

How advertisers can protect their referral campaigns

Do manual checks

The advertiser can do a manual check on the referral campaigns by closely analyzing the phone numbers, emails, and even domains. This way they can do a quick analysis of the incoming traffic and take preventative actions to protect the campaign. However, it is difficult to detect sophisticated bot patterns manually.

Partner with fraud detection vendors

To ensure clean traffic and save you ad spend on referral campaigns, advertisers must partner with an ad fraud detection and prevention solution.

At mFilterIt, we provide a solution based on the device environment instead of just analyzing the IP repetitions. We integrate our SDK (in the case of an app) and DSS (in the case of a website) to attribute the data coming from referral campaigns. Further, we use key validation checks like device IDs, email (fake/disposable email ids), domain validation, digital reputation, mobile number validation (disposable phone numbers), APP cloning, and IP data to analyze and detect fraudulent sources. We provide real-time status of the fraud along with fraud score to advertisers and help block fraudulent device IDs.

Case studies

Real case of a leading hotel chain

Source: mFiltetIt

Case analysis

  • About 23% of the coupon codes were misused.
  • The same coupon code was used multiple times for a device ID.
  • Invalid email IDs were used and were coming as repeated many times. We tracked email IDs with Google (we can validate an email ID without sending an email) and identified bad email IDs.
  • A bot pattern was detected where the simulator was triggering 2 times for a device ID and the same process was repeated for all the new device IDs. We identified the phone numbers which were being used were fraudulent. The fake/virtual phone numbers were being used which did not exist.

Real case of a leading shopping app

Source: mFiltetIt

Case analysis

  • Parallel spacing was used by almost 27.6% of the users.
  • VPN was being used by 8.3% of the users.
  • About 10.5% of users didn’t have Facebook/WhatsApp installed on the device.
  • The bot pattern was identified using a similar device id multiple times with different user IDs.


Referral campaigns are an impactful marketing technique to bring in new users and retain existing users. However, due to fraudulent practices in referral programs, advertisers end up losing their money and brand reputation.

Thus, it is important to take the right step to combat the threats to coupon and referral programs. Marketers can take a smart move and do a manual check to find the loopholes in their campaigns. However, to protect your ad campaigns from sophisticated bots, it is important to have an expert solution like mFilterIt’s Ad Traffic Validation Suite to ensure your ad campaigns are attracting clean traffic.