#94 Fraud Protection : Lessons in Taking Down the Internet’s biggest fraudsters | Ben Edelman

A

Hello, hello, hello. Welcome to another episode of the Always Be Testing podcast. I'm your host, Ty degrange, and today we have a very special episode. Really thrilled to talk to Ben Edelman. Ben, how are you doing?

B

I am great. Thanks for making time.

A

We've been knowing each other for many years, collaborated, and it's great to reconnect with you. Excited to have you on the show. We got some really good things to talk about today.

B

Super.

A

For those of you who don't know, this is going to be a really amazing episode. Ben is one of the leading experts on a number of topics, but one of them is monitoring affiliate marketing fraud, a topic that isn't always widely discussed. I think people that know affiliate understand that there are issues. There's fraud in all types of businesses out there digitally, certainly. So that's going to be the topic today. I'm going to get a little bit of paraphrasing of Ben's background because there's a lot to talk about and I'll let him give his perspective. But a lot of the descriptions on his site are very helpful, so I'm going to kind of go off some of that. But Ben is at the intersection of software, law and economics. Not often a combination we get on the show. He's combining a lot of data, uncovering a lot of information. He basically can write software to uncover what's going on, analyze and explain it. He's done a lot of consulting for litigation speaking. He was chief economist at Microsoft. He's also been a faculty member at Harvard Business School. So there's a lot to kind of unpack there and talk about. I'll let him kind of speak to that and maybe paraphrase some of the things I've shared. But there's a lot there to dive into. How did we do on the description?

B

Oh, you're very kind. I'll send your check straight away.

A

True affiliate fashion, right? True affiliate fashion, exactly. Let's jump into the questions. Looking at protecting brands from affiliate fraud and issues. There's a lot. We've had some great conversation. We've worked together to catch some bad guys. When you look at affiliate program, what is the first thing you do when you're assessing for fraud and looking at protecting?

B

Well, I come to this with my own preconceptions about both what's probably going on and what I am distinctively able to to find. There are plenty of people who look for other kinds of affiliate misconduct. An affiliate who uses the old version of a credit card promotion rather than the new version which could be more generous or less generous as the case may be. That's never been quite my thing versus an affiliate that's using adware to claim credit for sales that were going to happen anyway. Or cookie stuffing or typo squatting can go down the list of the things where I cut my teeth catching these guys. I do tend to focus on what I do distinctively, figuring other people do what they do distinctively. Over the years there's been enough badness out there to keep everyone busy, I suppose.

A

I would agree probably a lot more to keep people busy with than not. Quick public service announcement for those headed to Affiliate Summit East. They thinking about going maybe checking out Creator Economy Live, one of the most well established affiliate shows in the world and the longest running. Exciting to be able to have some codes for RBL and always be testing listeners for it. So if you want to go, we want to save some money, use RBL20 at checkout. There's going to be some links in the show notes. It'll get you 20% off your tickets which will save you some money. And then if you're heading out to Creator Economy live, enter code RBL15 to save as well there. Just wanted to let you know we'll see you out there and back to the show. Enjoy and talk to you soon. What's the most common form of affiliate fraud in your perspective?

B

Most common. That's interesting. I've thought about it a little bit differently than that in terms of what's out there that's both not getting caught and is worth catching. Obviously there are mosquitoes right now flying around somewhere in my house. Do I care? Lousy little mosquito versus if there were, I don't know, if there were a rat in my house, I'd take that a lot more seriously than a little bug. And I feel the same way about affiliate programs. Someone that you're paying more is a bigger problem potentially than someone that you're paying less. Someone whose traffic is totally worthless but is disguised to look good is a bigger worry than someone whose traffic is a little bit less good, but still pretty good. So I try to prioritize that way. Driven fundamentally by business value, by the seriousness of the problem, both the size of the problem and how bad it is. Maybe in percentage terms relative to what it claims to be.

A

That makes a lot of sense. And maybe a better way to phrase it is if you're counseling a brand, what would you what would be your focus area? In other words, instead of the most common type of fraud, but what are some fraud areas that could be high risk or you've seen that have been high risk in the past?

B

Over the years I've caught a lot of big adwares. I had a lot of big cookie stuffing and the adware was especially terrible. I'm an old guy at this point. I suppose two decades ago when I started down this path, there was a ton of adware. Windows XP, IE6. I mean these are products that some of your readers only know about from history books, if they even read history books on subjects like this. There was a lot of adware and there was no one catching these things. No one even deeply understood the intersection between adware and affiliate and affiliate misconduct. So there were some big ones back then. These days a lot of people have become complacent. We've all imagined that other users keep their computers as secure as I imagine the technical professionals listening to this podcast mostly do. Alas, it's not as simple as that. Some people keep their computers secure and some people don't. And Windows helps. But then again there's even Chrome browser plugins out there and Mac adware. Amazing the stuff that perpetrators come up with. So I always like to think about adware. Also the pure web cookie stuffing done with HTML, JavaScript. Historically people were doing it with Flash. I suppose no one's cookie stuffing with Flash anymore. But the JavaScript approach to it, you can put cookies onto a user's browser claiming to have made a referral when you didn't. And the numbers there can get very, very big because that's an attack that is inherently cross platform. It will work on your iPad just as well as on your Windows PC.

A

Yeah, exactly. It's kind of fascinating what the extent of the types of fraud, the breadth of it. There's quite a few things that can get people in trouble and it can get brands in trouble. You've dealt with some pretty high profile cases we have together. You certainly in a massive way. Have you seen broad hit smaller affiliate programs as well as large enterprise brands? How do you think about. Maybe the differences is the assumption is that you've primarily worked with the larger. Going back to what you said, there's a business reason to justify it. But are smaller brands at risk just as much as larger brands? And how do you think about that if a group of smaller brands were to ask you for assistance?

B

Yeah, smaller brands can certainly be targeted. If you think about other kinds of fraud, mom and Pop Store could be the target of shoplifters every bit as much as a big box Store. Often the bigger brands are using networks that have pretty sophisticated systems to try to detect misconduct. That's not to say anyone's systems work perfectly. Smaller brands also often use network based tracking. Rolling your own is not going to be attractive to your typical small brand. Look, the fact is there are problems out there targeting everyone. From the perpetrator's perspective, there might be some sites so tiny that they're not worth targeting. But with the right strategy, it's typically possible to defraud. Even kind of a small store and so subject to the question of the roi, it's certainly attractive to try to help everyone and frankly to make sure that any service that I or the folks I'm working with are providing has to be priced to sell. If you overcharge, if you charge $10 to catch a $5 problem, you find you won't get that many customers. So the automation, the efficiency of it needs to be there in order to make this attractive to everyone.

A

That's helpful. What are some of the most effective strategies you've seen or technologies you've deployed in terms of detecting affiliate fraud in larger scale programs?

B

I'm known for a specific methodology. I call it sort of caught in the act, red handed direct observation. We are not inferring that someone must be a cheater because their click through rate is too high or too low or because their earnings per click is too high or too low. I don't know. I mean, different methods, different traffic sources, there's going to be variation across affiliates. Affiliate marketing is nothing if not extremely diverse. So I would never want to criticize an affiliate just because their metrics are too far in one direction or the other. Instead, I like to figure out what's actually happening and catch it with screen capture video, with packet logs, with proof of what's actually occurring. That's what I began doing. As I say, two decades ago. This new group that I've been working with, vpt, they do direct observation, caught in the act. There's power to this methodology. I don't want to say it's perfect, it has its limitations. For example, if there's someone who hides so skillfully, maybe they're only doing it in Cambodia. And you never thought to set up a server in Cambodia to test what happens there? On the other hand, someone who's only cheating in Cambodia probably isn't going to have that much of an economic opportunity. How many buyers are there for what you're selling in Cambodia? Well, maybe there are, but probably not other ways of hiding. There's Been day parting, geotargeting, device targeting, just randomization. I'm only going to target one in a hundred times. So if you test five times, you probably won't happen to hit one of those 100. Of course, anyone who only attacks one in 100 users that come across their transom isn't maxing out their revenue and their profit. So often as perpetrators get greedy, we will tend to find them.

A

Yeah, I like, I like that. It's a good one liner. As perpetrators tend to get greedy, we'll find them. You obviously have some legal expertise. You've obviously dealt with all types of affiliate fraud and kind of a bit of the cat and mouse game if you will. When brands think about contracts and you think about structuring agreements with affiliates in an effective way, what are some terms that you recommend for brands to consider and in ways to mitigate some of the risks out there? And are there ways that we can structure agreements with affiliates in a positive way to maybe get ahead of some of these things? Obviously it's not the only thing and it's not what you focus on. But I'm curious to know, maybe do you have some ways to counsel folks on that piece of it?

B

Absolutely. I love good contracts. A few brands over the years hired me to revise or rewrite their terms or some kind of a rider, anti fraud traffic quality rider to their terms. I like to write these in the affirmative and in the negative. In the affirmative, you list what you want. Brand X will pay its affiliates for high quality legitimate user originating traffic. This traffic must entail a click on an affiliate's creative shown on an affiliate's website. Just think how many things you've ruled out right there. If you're doing something other than putting creative on a website, then you're ruled out by that. And there might be some affiliates who want to do something other than creative on a website. Maybe you want to post on Twitter or maybe you want to use a pop up ad or an email or adware. But wait a minute, is that what the merchant wants? So then I'd usually have a sentence that says if you want to do anything other than what the prior sentence specifies, please fill out a special promotional methods request via this form or this email address and submit it and we'll get back to you promptly. So right there, base case, the standard path that normal affiliates quote unquote, if we're going to allow there to be a normal, normal affiliates can take the base path, no special approval. If you have a special path, then you probably will need to get some approval. A thoughtful merchant will want to know and may be prepared to work with you. Maybe not, but that's a conversation worth having. It's a conversation between people for a meeting of the minds consistent with what lawyers would say is necessary for a contract. So that's all in the positive side of things. Then. Typically I, for good measure, write down a negative side of things. Do not use the following methods. And then it calls for really a bulleted list. And you just list all the bad things that you've heard that shouldn't be done. It ain't rocket science to write this. The positive version is often counterintuitive. A lot of folks writing contracts like this go straight to the negative. Personally, I like the positive version. It celebrates the good. It gives the good affiliates something to pat themselves on the back for. Yep, that's me. This is a good match. I do exactly what this positive statement calls for. And furthermore, it does contemplate the possibility that any list of negatives will be incomplete. Someone will come up with some kind of badness that isn't on that list and say, well, that's great that you're not on the badness list, but you're still not in the goodness list specification. So you needed to get special approval and you didn't. It's sort of a CYA move for the merchant to have complicated terms like this that let merchants declare ex post that someone was in the wrong. But look, it's the merchant's money, so they are entitled to say how they want to spend it. And I'm sympathetic to that.

A

Yeah, well said. I love that framework of the positives and the negatives and all of that makes a ton of sense. And I think it's a good reminder for people out there to be explicit, to be very clear. Yeah, it's like the old recent topic du jour of like being clear as kind and all that. I think there's goodness in that and it just helps eliminate a lot of confusion getting into the good stuff. Right. So we've battled some big super affiliate fraud and over the years would love to share some insights and learnings from your experience with ebay. Something we shared in our careers, obviously focusing on what has been disclosed and not talking about things that have not been disclosed. But would love to get your insights and learnings from some of those incidents that you can talk about with the audience.

B

Well, ebay was my client for many years that's publicly disclosed people who are interested in the famous ebay incidents, the people who ultimately went to jail for having stolen eight digit sums. That's numbers between what, 10 and 99 million. Those were some pretty big incidents. By the time it gets to court you get litigation documents, criminal indictment, civil litigation, complaint, answer to the complaint, FBI agent making a declaration about what he figured out and how he figured it out. Those materials are all available through litigation sources. The US federal courts use an electronic records tool called pacer. Public access to computerized electronic records. You can just log into PACER and download the PDFs, although they charge you what, 8 cents a page. So I downloaded all those PDFs, put them up on my website, indexed them, cross referenced them, summarized them. I wasn't party to that litigation. I wasn't in the courthouse. I didn't really know every aspect of what was going on. But I read them carefully. I can tell you what I remember from them, from the documents. And the documents of course we can link in, show notes for people who want to go and read them themselves.

A

Yeah. And for the tldr, you know the exact summary for folks like what did the fraud consist, what did the affiliate fraud, what did they do essentially?

B

So in those two incidents what was alleged in both civil and criminal litigation was that perpetrators used web based cookie stuffing, HTML, maybe JavaScript in order to drop ebay affiliate cookies to users who were merely viewing web pages and and not even viewing the affiliates web pages so much as viewing third party web pages. The third party web pages would embed banner ads, the banner ads would drop the cookie and you could certainly have a banner ad with what one by one iframe and the one by one iframe loads the affiliate link, the affiliate link drops the cookie, then some users are going to happen to buy from ebay within the next x days or sign up and create a new account with ebay and bid or buy within the next x days and under ebay's terms and conditions under ebay's tracking system that would be commissionable traffic. If you genuinely referred a user to ebay and the user genuinely signed up, created a new account and bought something and it all happened within the return days period, you'd get paid and you get paid a significant amount. Ebay new account payments were double digits. Was it like $20 for a new account and go and check the record anyway, if you stuff enough cookies on enough users computers you will find some users who are going to sign up for ebay within the next seven days and other users who are just going to buy something from ebay within the next seven or 30 days. EBay's a great site. I buy things from ebay all the time. Buy my kids secondhand chromebooks for doing their homeschooling. Love ebay, love putting things to use that would otherwise go to the dump. I'm no fan of the dump. I like to reduce, reuse and recycle. So people were buying from ebay, commissions were getting paid and it did end up with number in the double digit millions. Ebay found out about it. According to the FBI agent who wrote a declaration, ebay found out about it because I told him and then I told ebay and ebay told the FBI agent and he says that's how he found out. That's all public. That's not me telling stories. That's the FBI agent reporting what his records indicate.

A

Amazing news for those that are not aware. And this was in the pre2010 era, what was it about 2007-2009 if I recall?

B

Or what was it Was around there pre2010? Exactly. EBay after that found religion, started running a very tight ship, got extremely talented in house professionals to run the affiliate program where previously they had been kind of hands off and had delegated it to networks, they decided they wanted to do it themselves, they wanted to do it better. I'm sure there were difficult conversations inside ebay. Do we even want an affiliate program? Some people must have thought, hey, this thing is terrible. Guy just stole double digit millions from us. Let's shut it down and never look back. And other people said, wait, wait, wait, there is good in this affiliate program. Yeah, we have to get rid of the bad. But look at the good. People might forget about ebay. They might forget about, reduce, reuse, recycle. They might just go straight to Amazon and buy a new one. And there are factories churning out tons of new stuff. So there must have been discussion within ebay about to what extent affiliates did form an important part of ebay's promotional methods going forward. I'm thrilled that they found a way to run a tight ship and to keep it going indefinitely. That's just what I had in mind. I'm a fan of affiliate marketing even as I complain about the things that aren't good. Fundamentally I complain because I want it to work. I want it to be a great strategy for smart, well run sophisticated brands. And that requires getting rid of the bad stuff so that they can focus on the good.

A

Yeah, like a private investigator who is a fan of humans.

B

Something like that. I mean, fundamentally, if you really just hated affiliate Marketing, then shut it down. It's pretty short conversation to shut it down versus if you want to achieve the benefits, but do it smart. If you want to pay big money to your good affiliates, you kind of have to make sure you don't throw money away on the bad ones.

A

Yeah, exactly. Were there other types? Cookie stuffing is obviously the primary lever discussed in terms of the kerfuffle. That was the super affiliate issue. And I had a pleasure to work with a lot of the people that were bringing in kind of the era of really highly professionalized, in house, talented, one of the best career experiences I've had. But were there other levers they used outside of cookie stuffing to kind of get around the good and focus on some of the fraud?

B

Oh, certainly. Overall, and this is less specific to ebay, but when I used to give talks on this subject, I would show adware that was outrageously targeting brands. You'd go to brand.com and you'd get an adware pop up promoting brand.com through an affiliate link. So that brand might have just paid for the traffic through say, paid search or maybe through social or maybe ad on the side of the bus, ad on the super bowl, whatever it is. And then having already incurred that first expense, which should lead to traffic that isn't further payable, they then have to pay the second expense of the affiliate commission. So that was in the realm of adware. There were others too. Typo, squatting, misspellings of brand.com. there was one where employees of an affiliate network were moonlighting as typo squatters in their nighttime hours. I guess they would register misspellings of the very brands that they managed. That was outrageous. In one incident, network's employees were auto approving. Or maybe auto approving isn't the right word. Auto approving, no action required. They were manually approving their own applications to the programs that they managed. Again, just outrageous stuff. And that was affecting a famous apparel brand that we've all heard of, and it did lead to litigation in US Courts. So it's out there somewhere for someone who wants to search the dockets and find it.

A

Wow. How has this evolved? Obviously, ebay made a big correction on their side, had one of the more professionalized programs out there. How prevalent are these types of tactics? Adware, cookie stuffing. Now are they getting, Are they the same as they were in 2007? Are they worse? Now I'm curious to get your perspective on the problem that exists for brands generally across the board. Are you getting. What are you seeing now in the market versus what you saw 15 plus.

B

Years ago when I used to go into programs that were aggressively managed for growth, meaning they'd say yes to almost any affiliate, the top 10 lists of those programs were not pretty. I vividly remember one merchant and they will go unnamed for which I proved nine of their top ten affiliates were engaged in some kind of worthless traffic, adware, cookie stuffing or typo squatting. And those aren't sort of borderline worthless. Those are worthless entirely non incremental. You would have made that sale even had the affiliate not done anything. So. And every dollar paid out to those affiliates really is worthless. Nine out of the top ten was pretty devastating. I was thrilled when the company didn't shut down the program. They said, okay, that's going to free up a lot of budget, isn't it? We all chuckle, look around at each other and say yes it is. It's going to free up a lot of budget and let's spend it smarter. Now I haven't had that many experiences where nine out of the top 10 are getting kicked out. That's extraordinary. And if every program were like that, I think affiliate marketing would be not long for this world. Kudos to the networks that eventually came to understand the importance of doing better on some of these things. It's not that every network does perfectly, but in the beginning networks didn't understand how these attacks were even possible. A lot of people thought affiliate was fraud free by definition. That seems pretty silly. I mean in 2025 people don't say such shallow things anymore. Mostly if you look around the table and you don't know who the sucker is, then you're probably a sucker. It's a funny thing about incentive systems. If you think you've found an incentive system that can't be gamed, you probably just haven't thought about it carefully. Even flat hourly fee you pay a worker in a retail establishment X per hour, you're not paying them a sales commission, you're not paying them for this, you're not paying them for that. But when you pay someone X per hour, they can do their job badly or not at all, or watch YouTube when they're supposed to be doing their job and still collect their X per hour. So it seems like every, every measurement system, every incentive system has some gap and job of a smart manager is to understand the gaps in the system and to try to design an oversight plan that addresses those gaps.

A

Yeah, love that. I couldn't agree more. There was recently some kerfuffle that's not new to affiliate marketing around kind of the influencers versus the browser extensions of the world. Honey Rakuten, to name a few. There's quite a few others out there that operate with a browser extension with varying degrees of how it's worked and how it's integrated for brands. We didn't get a chance to talk about this much yet, but I'm curious to get your perspective on that controversy that popped up and kind of resurfaced for affiliate marketing and hear your thoughts on that. Browser extensions in general, but also kind of the controversy with an influencer specifically.

B

I watched Megalag's expose on this subject and chatted with him. Megalag's a real person. You can reach him and you send him a message and if he likes what you say, he'll reply. If he doesn't, then he's too busy. Life is complicated that way. Megalag is not an expert on affiliate marketing and not a lawyer either. And he'd be the first to tell you both of those. He became something of an expert in a specific aspect of affiliate marketing. When I blogged in response to his video, the first thing I said was let's read the contracts. And lo and behold, there are contracts about every part of this. For example, brand's contract with the network, a brand's contract with its affiliates, the network contract with its affiliates, at least those three contracts. And so you can go through those contracts and try to find whether they allow what megalag shows. And maybe it's not surprising. The answer is no. They don't allow big parts of what megalag shows. For example, invoking an affiliate link automatically. No, that's not allowed. It has to be based on an affirmative user click. Could you say the user click was the click that got the user to brand.com and not the click on a button activating an affiliate link. I think that's going to be a tough argument in a sophisticated US court, ultimately with a jury that includes some 20 somethings as well as some retirees. I think most people know that an affirmative user click means that not just to click on something, not just the click that it took to wake your computer up out of standby mode. It means a click on something relevant, a click that is labeled to do the thing that actually happens. And how about clicking on a button that says no discount found. Could a button that says no discount found be authorization to invoke an affiliate link and claim cookies and claim commission? I'd give that a no also. So for me at the beginning of this process was to Read the contracts. And I thought that was slightly missing from the initial discussion. No big deal. It gave me an opportunity to add something to the conversation. As to the litigation, I've been trying to follow it. There are dozens of cases, as you say, multiple cases against each of the main browser plugin companies. They will not necessarily reach identical results. Different judges, different courthouses, different states, mix of federal and state. I believe there will be some sort of a consensus by the end that this either was or was not acceptable behavior. Some people would say, well, if Rakuten was doing it, it must be okay. Big Fish couldn't possibly be breaking the rules. That's really not my view. You could have the big company that is following the rules or a big company that is breaking the rules. And that's to be analyzed based on the facts, based on the governing contract.

A

Yeah, we've had a lot of discussion around it. We've written about it. There was on a panel on it with a number of players at PI Live Conference recently this year. It's interesting. I think in some ways it's new players coming into the space and kind of relitigating an old topic. I think it's in some ways hopefully a good awareness piece about the value of really knowing your contracts, going back to what you said, knowing your terms with your partners and your network and setting the rules, and knowing how your attribution works and knowing how you're valuing each partner type. And I think in some ways you're going to run into needing to educate those like the influencers to understand, like here's how you're getting paid, here's the value you're providing. Being able to see who's introducing the brand to a consumer and who's maybe closing that deal on the multi touch funnel. It's not necessarily rocket science. So I think some of those foundational things are good to revisit and ensure that each partner has a value or they're measured differently or they're not as valued. So I don't think it's new for us and a lot of the folks that have been in our industry for a long time, but I think you bring up a great point about let's revisit some of the principled things that you agreed to in the contract to determine what's what.

B

The other aspect of it that was really inspiring for me to see megalag jump into this with such passion. It brought me back actually to the. Should I call him a super affiliate? Anyway, a highly engaged, diligent affiliate of Zappos, there's no secret here. This was 20 some years ago. He was reading what I was writing about how adware was cheating merchants and violating affiliate conditions, but also how it was claiming commission that would have otherwise flowed to legitimate affiliates. He said, hey, I'm a legitimate Zappos affiliate and this scam is probably causing the adware to take commissions that I earned. I don't like it. So he paid me to prepare a couple of reports about how Zappos was being overcharged and how both Zappos was wasting its money and legitimate affiliates like him were getting less. He sent that to his buddy, the affiliate manager at Zappos. Again, this is a very long time ago. All different people now, but that was my very first client. Zappos sat up and said, wow, this is bad. All thanks to this affiliate who put up 1,000 bucks to pay me in. I think it was 2005, could have been 2004. Go back and check the billing records, boy, long time ago. And again came from someone who had interest, who had understanding, who had passion, and was willing to put up, in that case, even some money to do what he thought was right. Kudos to him. Kudos to Megalag. This is part of what makes the affiliate marketing business so interesting that it's open to anyone. Anyone who wants to lend a hand can chime in, do some work, share an opinion, try to build consensus around whether that's actually correct.

A

Yeah, and I don't know if it's like need to go so far as to say, oh, we're in this renaissance, if you will. But I think it's, it's recent PMA survey came out talking about how much we are seeing growth and excitement in the space. There's been an explosion of content, site options. The influencers have kind of converted on the affiliate world in a good way. There's card linked offers, there's, there's a number of ways to engage and modernize. We're seeing massive growth in B2B SaaS affiliate, I think. So in some ways there's a renewed interest. I think with that comes some of these controversies, perhaps. So I think I share in your encouragement of like people that care and give a shit about this space. They're invested heavily to engage with people like yourself, do it the right way, educate people on this topic. That's why we're on this podcast, to try to educate and improve the community and the industry. So I couldn't agree more. This came up a little bit when we spoke, but incentives, the Great phrase. What was it, Charlie Munger? Show me the incentive and I'll show you the outcome. You kind of touched on a little bit. What are some of the incentive structures you would maybe caution folks on or maybe encourage people to consider? I think you touched on a little bit in terms of the contract piece, but are there incentive structures that you'd suggest? Incentive structures maybe you'd recommend people avoid? Not rocket science per se, for this for affiliate audiences, but I think it might be interesting for people in performance marketing. Any thoughts on that?

B

Right. Well, as you say, the incentives are so central. One that I've been thinking about, I guess, for more than a decade now is how much a advertiser, merchant, brand should be expecting to spend on management, on decision making. Plenty of folks have the view that management is an overhead and it should be driven down as close to zero as you can. Let's see if we can manage this $10 million of spend with just 2% paid to our agency. Say, well, gee, how smart are they going to be? How talented can they staff this bench if they only have a 2% slice? It often to me feels like a false economy even as it's done in the name of efficiency and economization and spending wisely. It could be the very opposite of wisely. To cut corners on the foundation before you build your house on top of it. I'm going to build a house on top of this thing. I want the foundation to be strong, want smart people making those decisions. Historically, networks have charged as a percentage of what affiliates get paid. The old commission junction model, where if you were paying out $100 to affiliates, you needed to pay an additional 30 to the network. So that would be 30 on 130. That created a different incentive, an incentive for the network always to say, yep, it's great. What Ebates is doing is great. This affiliate who's cookie stuffing, we don't know anything about that because we get $30 for every hundred dollars that he stuffs. It's great. And that's not to say every network always followed that incentive. Sometimes the networks would say, this is not okay. Even though we're getting paid from it, it's still not okay and you need to cut it out. And kudos to the networks that did that. But overall, their incentive was to look the other way, to approve, to smile and nod. Often an affiliate manager in house at a brand has a similar incentive to smile and nod. Who wants to be the affiliate manager that oversaw a 35% shrinkage year over Year. Everyone wants to be in charge of growth. Tell your boss that you delivered 35% growth year over year. And if your boss isn't looking too hard, it may be awfully tempting. The way to get a bonus and a raise and a promotion and is to say that your program is huge and it's getting bigger every day versus to dig in, do the hard work and admit that some of the stuff that you did last year actually wasn't as incremental as you hoped it would be. That requires a much more complicated relationship with your management chain. It requires trust, it requires genuinely doing what's in the company's interest versus in your short term professional interest. I don't presume that everyone has that kind of relationship or that everyone's boss is able to take the time to understand or has the firepower to understand. But you can see how the incentives can be messed up just at every level.

A

Absolutely. And if companies are looking overly short term, if they're putting pressure on individuals, not to say that there's excuses for fraud or for covering up fraud, but we can certainly see multitude of examples where it's happened before where maybe you're just not incentivized to kind of speak up. I think that from our perspective like there's so much focus we've put on in terms of trust and authenticity, just in terms of how we've operated as a business on our side, but also highlighting that's what affiliate when affiliates done right, when it's reported the right way, when it's tracked the right way, when fraud is mitigated or removed is really, I think one of the better authenticity and trust builders in an era when that's kind of hard to find businesses, areas outside of business, we can name quite a few of those that people just don't have the trust they used to.

B

I agree with that for sure.

A

Let's say you took 10 programs, let's say they're consumer e commerce, they do 10 million a year each. Let's say minimum views, just generally speaking, minimum, like fraud protection mechanisms in place. What do you have an estimate of what you would find today? And then we kind of talked about a little bit of how this industry is evolving and it's a little bit of a guesstimate. You'd have to look and see and catch the bad guys in the act. But what's your estimate of like how much it impacts a program in that context?

B

I've really seen wide variation. You also need to consider a range of different kinds of concerns. I Focused on the things that I used to catch that the company I'm now working with, vpt, has built automation to catch in their way. There's a set of other practices. How about brand bidding, where a brand ends up paying its affiliates to bid against it in sponsored search? Who is that really helping? It's helping the search engine, it's helping the affiliates. If they can keep margin. It's not helping the brand, it's not helping consumers either. That can be a pretty expensive blunder. It's not a 100% loss the way that some of the others are because you're taking the serp, you're stopping your competitor from doing something. But it's. It's weird and it's probably not what was intended and doesn't have the incrementality that a dashboard might assume. So it wouldn't be unexpected for me to help a brand reduce its affiliate spend by 10%, which is to say free up 10% of the budget to give a 10% bonus to all the other affiliates, which would be a great way to do it or design some other kind of incentive. If you refer a new customer, we'll pay you double on every new customer you refer for the next year. And we fund that with 10% savings from getting rid of some bad stuff, moving the money around so that it's being focused on genuine affiliates driving genuine value with high incrementality and less being kind of wasted on stuff that would have happened anyway. That's a great joy for me to get the money to the affiliates who truly earned it.

A

Amen to that. Where do you think the future is going with affiliate marketing? And as it relates to fraud protection and detection?

B

I think the reality is that cheaters are going to cheat. Needed police in this country for, I guess forever. Most countries do. And so too in affiliate. Affiliate marketing is fundamentally a procurement function. An affiliate manager is paying for advertising services. Anytime you're giving out money, even more so for a purely digital function, you got to worry that the people who come and want the money are people who just want the money and don't want to do the work. It's kind of human nature. So I think a lot of this is evergreen. The specific tactics used to separate brands from their money. Those tactics change. New methods, new vulnerabilities. Vulnerabilities both in the software and in the business architecture. But I wouldn't think this problem is going away.

A

No, absolutely. I actually was just listening to some interesting intel on the cybersecurity space. Tangential, similar, not the same talking about AI and how the attacks have just grown exponentially. The effectiveness of the attacks have grown exponentially. It's increased the need and the market cap. A lot of these virus protection and digital protection companies like Crowdstrike to name a few. Curious to hear if you have an opinion there or not in particular around AI as AI is obviously. And then we have agentic world where agents can do a lot. You saw Perplexity just rolled out Cursor. I think their, their browser which they're touting. Agents are going to become quite, quite large factor here. I would imagine it just compounds the volume of opportunity here to have bad actors and catch bad actors. But I'm curious to get your perspective if that hypothesis is accurate or not.

B

The change creates opportunity. Opportunity for fraudsters to claim to have done work that either didn't need to be done or wasn't done at all.

A

Yeah.

B

What people call AI is an interesting beast in its own right. Twenty years ago, a software system that recommended how you drive from point A to point B in light of traffic and tolls and maybe which would be most fuel efficient, the hills, I guess factors like that. We definitely would have called that AI 20 years ago. I can remember 35 years ago when my father had to go to the AAA office and some big mainframe would print out on a dot matrix printer the recommended route to drive from point A to point B. And it certainly didn't consider anything about time of day or traffic. Just try to tell you where to turn. So that might pass for AI as of a while ago. I don't think anyone is calling map program AI today. That's just maps. It's interesting how things go from cutting edge or beyond cutting edge to routine within a pretty modest number of years. And so some of what we call AI today will just happen and there will be marketing integrated within it. There will be marketing fraud in the marketing and I hope we'll build systems to catch that and get to the bottom of it so that brands can spend wisely.

A

Love it. I couldn't agree more on that piece. That target's moving and I think it's going to be embedded in a lot of the things we do. So it'll be interesting to see and follow. We're certainly utilizing it quite a bit, learning about it quite a bit, having a lot of clients dive head in and implement quite a lot of it into their software and systems as well. Ben, it's been amazing to chat with you. You've been beyond gracious just coming down the home stretch here with some rapid fire fun questions. When you're not catching bad guys or writing up amazing research papers or speaking at Harvard or teaching, what do you do for fun?

B

Well, I've got kids who are 6, 8 and 10, so those ages certainly keep us busy. Whether it's music lessons or science fair or trying to build a robot. They definitely are all up to something.

A

Love that. That's so cool. Mine are not far behind. We're not quite there yet, but we're in the joys of Potty training. Our youngest right now, which is super exciting. So I'll let you know how that goes. Do you have any favorite book recommendations for the audience?

B

I read the Wright Brothers by David McCullough A few years ago and I'm just reading it again with my 10 year old. The Wright brothers were bicycle mechanics and in my version of the story, I think in McCullough's version of the story it was just too easy to be a bicycle mechanic. Even back then they had mastered the art of repairing bicycles. They wanted a challenge. So yeah, build an airplane, there's a challenge. What an amazing natural progression, right? In some sense it's. It feels oddly similar to affiliate marketing. There's some people who have some tools, they have a vision of where they want to get. They have fundamentally within their command everything they need to get there, subject to know how and some puzzles along the way. Anyway, I love the innovation, I love the creativity, I love the drive and rejecting a job that's too easy in favor of one that seems a little bit more interesting. Kudos to them. David McCullough, obviously you can count on him to write a good biography.

A

Absolutely. Not to say I'm anywhere near the Wright brothers, but I have to identify with that. Doing things that are more challenging as opposed to easy or more interesting from a learning perspective. I just talked about this earlier today, so it resonates with me. In addition, I absolutely love the John Adams bio, which I believe was by the same author, McCullough, is that right?

B

Yeah, he does have an Adams biography, I think. That's right.

A

Yeah, I just read that for the first time a few months ago and loved it. So very good one. Any trips, have any suggestions for people of vacations or fun trips that you've done recently that you want to share?

B

My family enjoys the fact that I caught the frequent flyer points bug. I guess it was a couple of decades ago that I figured out I was spending enough on business travel that I should be earning a ton of points for a while. I was just earning and saving for a rainy day. Maybe now's the time. So my family's off to Spain next month.

A

Beautiful.

B

Spain's a great place. Love the food, love the culture. Huge country, range of climates, range of activities. You want to go to an art museum, they've got art museums. You want to go hiking in the desert, they've got that too.

A

Amazing. A recent friend moved to Barcelona to check in on how they're doing. It was one of my favorite cities I'd ever, ever been to. Spain's an amazing country and I've got a lot more to explore there, so. Good suggestion. What's something folks might not know about you?

B

I love to work with my hands. I love to make things, fix things. I just last night got a report from my 8 year old. She says the front loading washing machine isn't draining properly. Why is there soap in the gasket? I looked at it, sure enough it was all clogged. Not just clogged in the filter. The hose going to the filter was clogged, which you can get it off. There's a clamp and water's gonna go everywhere. Have your shop vac ready. Anyway, I love to do this stuff myself. Don't need to call a technician to fix my washing machine. And if it needed a new motor, I probably could do that too. Every so often, find the right part. It's made of interchangeable parts in Henry Ford's image. So I've gotten a lot of joy out of fixing things that are broken, trying to put less in the dump and learn something as I go.

A

Amazing. I wish my brain worked that way sometimes. That's very impressive and very cool.

B

Well, YouTube, you can learn anything on YouTube. I wasn't always the biggest fan of YouTube but with respect to DIY, learning new skills, working with your hands, there's just an amazing community there and I love it.

A

It's our channel of the year as we predicted. And I've been talking about a lot with people. I just had a conversation on the pod about YouTube being the favorite performance marketers and it's cool to hear that have heard that use case of like DIY learning. It's, it's unparalleled. So Ben, it's been amazing, it's been awesome to reconnect, chat with you, go through these great learnings and raise up the importance of fraud protection and raise up the hopefully help people out, run better programs and make the industry better, which is what this is all about. Where can people find you that want to reach out and learn more.

B

Bennettman.org is all the stuff I've written about affiliate marketing and more going back quite a while.

A

Amazing. Thank you so much for coming on and have a great rest of your day. Thanks everyone.

B

Thanks.