Sites upgrade arsenals to battle cyberwolves in sheep`s

Transcription

Page
Vol. 16 No. 6
Classified Intelligence Report
Consulting Services for Interactive Media and Classified Advertising
Vol. 16 No. 6 Mar. 26, 2015
Fraud and abuse in classifieds — Special report
Sites upgrade arsenals to battle
cyberwolves in sheep’s clothing
AIM Group illustration: Shiniko Floyd
©
© 2015
2015 Advanced
Advanced Interactive
Interactive Media
Media Group
Group LLC
LLC
[email protected]
[email protected] +1-407-788-2780
+1-407-788-2780
Page 2
Vol. 16 No. 6
Executive Summary
Fraud cost Internet companies almost 1 percent of revenue in 2014, a LexisNexis study
showed, and it might become worse as crooks learn new ways to rip off companies and consumers.
It’s not just the impact on revenue that matters. A bad reputation on safety and security issues can damage a site --- perhaps permanently. Certainly, Craigslist has been hurt by the 84 killings
that have been linked to Craigslist transactions and the thousands of rapes, robberies and rip-offs
that have injured its users.
In this issue, Classified Intelligence Report takes a look at fraud and abuse, how it is accomplished and --- most important --- how classified companies can fight it.
Like the old fable about “wolves in sheep’s clothing,” cyberwolves disguise themselves as
ordinary customers and as legitimate companies to trick users out of profits and cash. They set up
fake Web pages and steal identities. They advertise jobs that don’t exist. They copy listings from
other sites or information from other listings, and present them as their own.
But classified sites are fighting back.
They use GPS technology to locate frauds. Set up computer programs
that detect suspicious patterns of use. Track IP addresses to determine which
could belong to fraud artists. They check identities against data on social media. And much more.
In this issue, we have reports from auto dealers in the U.S. identifying
fake ads; digital display advertisers fighting cyber “bots” in the UK; fake jobs
ads in Australia, counterfeit products in China, and multi-pronged attacks in
Russia from malevolent viruses, data attacks, fake profiles and other scams.
Two quick quotes: “Those who fail to adequately protect their sites and
their customers [will] be picked off, either by scammers themselves or by customers losing faith.”
And, “When we get a fraudulent ad we just kick it off the system. We don’t say anything to the advertiser because if you give them information about why ... they will do it better the next time.”
The McAfee security company estimates cybercrime cost the world at least $400 billion last
year. The figure this year will depend on who works the hardest to outsmart the other --- the crooks
or the businesses.
This issue provides a snapshot of security efforts to block fraud and abuse worldwide. It
should give you insight into how you can protect your business, your users, your website and yourself. You need software, hardware and people to do the job right.
By the way, the “SafeTrade” initiative we launched earlier this month to help classified sites
protect their users has received significant attention. We encourage all classified sites --- clients or
not --- to offer SafeTrade. Call us or email us for more details. It’s free, and it could save a life.
© 2015 Advanced Interactive Media Group LLC
Page 3
Vol. 16 No. 6
classifiedintelligence report
Peter M. Zollman, Founder, Executive Editor
[email protected]
Katja Riefler, Principal, Managing Director
[email protected]
Jim Townsend, Principal, Editorial Director
[email protected]
Patrick Peterson, Editor
[email protected]
Christoffel Volschenk, Editor EMEA
[email protected]
Senior Consultants
Senior Analysts
Konstantin Kalabin
Gareth Lloyd
Mark Whittaker
Sharon Hill (U.S.)
Lars Herlin (Scandinavia)
Kenny Kinako (Africa)
Brian Blum (Canada,
Israel)
Western Europe
Alessandra Ritondo
Cila Warncke
Cristina de Barros
Gérard Esteve
Anastasia Gnezditskaia
Latin America
Léo Siqueira
U.K., Ireland
Sean Hargrave
Eastern Europe
Andrzej Sowula
Pavel Marceux
Turkey
Emre Dalkilic
Middle East
Talal Abu Issa
China
Don Gasper
India
Sourish Bhattacharyya
Africa
Sam Wakoba
Mamello Masote
Southeast Asia
Emmy Abdul Alim
Australia
Kate Lyons
Mary Biddle, sales—U.S., Australia, Asia
[email protected]
Luke J. Smith, marketing
[email protected]
Diana Neatu, sales / marketing EMEA
[email protected]
Carla Reyes, director of client services
[email protected]
Neil Skene, associate publisher
Published twice monthly, except once in December, by Advanced Interactive Media Group LLC. This publication may not be reproduced in any form,
in whole or in part, except by licensed clients.
Classified Intelligence Report occasionally covers companies that are
clients of the AIM Group. We make every effort to ensure that our editorial
content is objective and is not compromised by any client relationship.
402 Spring Valley Road
Altamonte Springs, Florida, USA 32714
Contents:
Lead Story: Online classified businesses in the United
States seek new ways to tackle fraud, abuse. Page 4
Page 11. Backpage, well-known for carrying “adult advertising,” reaches out to law enforcement with homegrown, police-friendly search technology to fight fraud.
Page 14. Digital display advertising grows in popularity, but viewability, fraud remain problems.
Page 16. Buying or selling scams on classified and auction websites robbed Australian consumers of nearly
$11 million last year.
Page 19. Government criticism of top online shipping
sites in China ignites an unprecedented public spat.
Page 21. Longtime veterans of cyberattacks, Russian
firms such as Yandex and Avito lead the way in prevention techniques.
Page 24. Spain's leading auto, real estate, employment
and generalist classified companies reveal specific
challenges posed by scammers and common solutions.
Page 27. OLX.pl, Poland's largest general classified site
uses several methods to combats fraud.
Page 29. Allegro.pl, the largest auction site in Poland
and Central Europe, reveals methods of protecting
users against “perfect crimes.”
Page 31. Portugal’s Net-Empregos is a case study in doit-yourself fraud detection.
Page 38. Vendors who offer fraud prevention technology and services.
Page 44. Naspers quickly acquires five more classified
sites from Schibsted.
Page 48-52. More news, analysis from AIMGroup.com.
+1 407-788-2780 Fax +1 866-611-6551
Page 4
Vol. 16 No. 6
New weapons against online fraud
Businesses use GPS, check IDs with social media
BY SHARON HILL
Online merchants have developed new tools to prevent fraud, such as checking GPS, tracking usage patterns and monitoring IP addresses, but cybercriminals still take an average of .68 percent of the world’s GDP, a figure that grew by a third in 2014, according to a report by LexisNexis.
Businesses are willing to accept losses of about 2 percent to cybercrime before they
take action, said a study by McAfee security company. Nearing that threshold, many online
classifieds businesses are looking for new ways to stop
fraud and abuse.
Most classified scammers rely on an old script:
“I’m sending you a check or money order that’s far in
excess of your asking price, so cash it, keep what I owe
you and send me back the balance,” goes the story.
Then, of course, the worthless check is returned
by the bank and the customer must cover the debt.
Sometimes the merchant is stuck with the bill.
Fraudsters still try to sell cars and other items long distance that they do not have, and
they’re still renting out zombie houses that they don’t own or manage. The long-running
overpayment scam has a new variation that involves job seekers, and, according to ScamBusters.org, is perpetrated primarily on Monster.com and CareerBuilder. The job seekers are
asked to cash a large check, buy an airplane ticket and send the balance to the fake office.
They get stuck when the check bounces.
Fighting the fraudsters
To protect its customers, EBay Motors offers car shoppers the EBay Motors Vehicle Purchase Protection program, which returns up to $50,000 in losses associated with some types
of fraud. Buyers are automatically enrolled in the program at no charge when they purchase
an eligible vehicle. The “some types of fraud” condition protects EBay from the scammers
that advertise on Craigslist and fraudulently offer the EBay Motors Vehicle Protection to prospective buyers. EBay has made it clear that it only reimburses for transactions conducted on
Motors.Ebay.com.
Page 5
Vol. 16 No. 6
The onslaught of rental scams will probably continue until most of the nearly 143,000
RealtyTrac-reported zombie properties are sold. The most prominent scam involves a fraudster copying a real estate listing from a prominent real estate site, and placing it as a rental
ad on a free classified site. The alleged “landlord” claims to be outside the area but willing
to accept a deposit long-distance. Unwitting renters move in, pay rent, and stay until the legitimate real estate agent comes by to show or check on the property, and finds the illegal
tenant.
In some cases the fraudster accepts deposits from several folks, who aren’t aware
they’re not the only new tenants until they all show up to take possession of the same property at the same time.
Eye on the IP address
One major clue to this and other types of classified fraud is the use of IP addresses
outside the U.S. Trulia is just one of the many industry sites that keeps an eye on the IP address of every poster. According to Pierre Calzadilla, who recently left Trulia to become director of strategic partnerships at RealScout, 99 percent
of listings posted to U.S. classified sites from outside the
U.S. are fraudulent. (What a tip-off!)
Linda Criddle, president of online safety service LookBothWays Inc., said sellers must be mindful of this too.
“Understand that virtually every out-of-area buyer is a
fraud,” the Microsoft online-safety veteran told the AIM Group.
The most common recruitment-advertising scheme involves business-opportunity ads
requesting upfront payments of desperate job seekers. A Phoenix-based television investigation team was alerted to a scam ad running on CareerBuilder, one that a savvy job applicant
recognized. The alleged employer was seeking a mystery shopper. An Arizona woman applied. She then received a package in the mail that included a $3,000 check, $300 of which
was hers to keep. The rest got sent overseas once the check was cashed. She knew something
was awry and contacted NBC affiliate Channel 12’s On Your Side consumer service team. CareerBuilder took down the ad.
How to stop it
CareerBuilder monitors accounts to make sure the activity associated with them is normal.
"We have a team dedicated to monitoring job postings and resume database purchases
to verify information on each account,” a CareerBuilder spokesperson told Channel 12. “We
Page 6
Vol. 16 No. 6
apply both proprietary software and manual monitoring to immediately identify heightened
activity or excessive usage on an account. If abnormal activity is found, the situation is
promptly investigated. To protect privacy and mitigate risk, we scrub our resume database,
masking sensitive information job seekers may include in their resumes such as social security
numbers. This means only telephone-book type data would be available to viewers. For every
e-commerce purchase, the job or resume
database application is held in a queue. Our Tips for fighting cybercrooks
Trust and Site Security team reviews them
In the ad, stick to the facts about the item beand then takes them active if they meet our ing sold. Avoid giving information that identifies you, except what is strictly necessary.
requirements.”
LinkedIn fights back
Photos should only include the item being sold
— not house numbers, license plate numbers,
or pictures of family members.
LinkedIn has had an ongoing problem
with fake profiles and personal abusers. The
latter was significantly reduced in February
To accept phone calls, use a free disposable
2014, when the network succumbed to user
mobile phone. Your own number can lead to
pressure and gave members the ability to block later harassment. A landline can give away
your address by way of a reverse directoother individual members.
Fake profiles are still numerous, however, and have resulted in a recruitment
scam. Mike Harrison, Mid-Missouri regional
director for the Better Business Bureau in
Columbia, Mo., recently took to the airwaves to warn job seekers. His office had
received several complaints of fraudsters
setting up bogus LinkedIn profiles to present
themselves as recruiters.
ry. (Some sites, like AutoTrader.com, offer
their advertizers anonymized numbers.)
Create a free anonymous email address for
your ad, so you don’t give away personal information or set yourself up to be harassed later.
(Some sites, such as Craigslist, offer their own
anonymizing email address to advertisers.)
If you’re selling a bigger-ticket item, meet at
a police station or a bank where you can deposit the money before leaving and where security cameras will record your transaction.
“They’ll reach out to you, tell you
‘Hey, you’ve got the skills for a couple of
different positions that I’m looking for. All
you’ve got to do is fill out a form for us by
clicking this link,’” Harrison told the WBCZ radio audience. “You really want to be careful
with that.”
According to the BBB website, these fake recruiters send messages that include a link
to a legitimate-looking website. This site solicits financial and personal identifying infor-
Page 7
Vol. 16 No. 6
mation, such as Social Security numbers or dates of birth. The scammers use the information
to install malware on the applicant’s computer, steal his identity, or access her bank account.
The BBB, among other tips, tells LinkedIn members to be careful about who they add to
their network. “Search for the recruiter’s picture,” the site advised. “Scammers often use a
fake, generic photo and you can most likely find the photo elsewhere.”
A BBB spokesperson told the AIM Group by email that it has no information on anyone
actually being victimized. The folks reporting to them are those who have recognized the
scam and not participated.
LinkedIn finally filed a lawsuit against fake profilers who used bots to scrape identifying
information from its members. The case in U.S. District Court in Northern California, LinkedIn
v. Robocog, outlined LinkedIn’s three fraud-prevention tools: Fuse, which limits the activity
one user can conduct on LinkedIn; Sentinel, which monitors suspicious IP-specific activity; and
UCV, which sets parameters to prevent data scrapers from creating multiple profiles. On July
11, 2014, the case was settled, with Robocog admitting its data-bot scraping, agreeing to
stop, and destroying all fraudulently-gathered information. Robocog was ordered to pay
LinkedIn $40,000 in damages.
Cars.com fights back
Classified business advertisers are sometimes the victims of fraud as well. On an online
automotive community, an auto dealer recently posted: “Attention Cars.com customers: If
you received an email asking you to update your account credentials it has all the marks of a
phishing scam. I would avoid logging into any Cars.com dealer portal sites without checking
with support first. It will ultimately be less of a headache than having your dealer account
temporarily compromised.”
Cars.com VP of Operations Josh Chapman told the AIM Group that the threat had been
eliminated.
“Cars.com proactively works to address fraud prevention,” he said. “MyDealerCenter is
a secure website. Suspected phishing issues, though infrequent, are monitored and resolved in
near real-time by our dedicated Fraud Prevention team. This specific phishing email was limited to a small group of dealerships and has been flagged. We’ve notified our team of dealer
consultants and have resolved all related issues.”
Despite what the sites do to prevent fraudulent schemes from ever appearing on their
pages, or implementing to get them quickly removed after posting, consumers need to take
steps to ensure their safety.
Page 8
Vol. 16 No. 6
Surprisingly, Criddle of LookBothWays, was more critical of newspaper classified sites’
fraud and abuse prevention than she was of that offered by Craigslist and Backpage.
“There’s a tremendous amount of sex trafficking on the huge legitimate newspaper
sites,” Criddle told the AIM Group. “I recently reviewed five major metro newspaper’s websites, including their classified pages. They wrote news articles about the horror of online sex
trafficking but their own classifieds weren’t doing any better [than the sites they reported
on.] In fact under the scrutiny of the attorneys general and the public press and lawsuits,
Backpage and others had to put some control mechanisms in place that weren’t in place on
these newspaper sites.”
Mobile access increases dangers
Mobile access and mobile transactions have risen steadily for classified and marketplace sites and show no signs of slowing. This has enabled more fraud prevention than was
possible via desktop access. Some front-runner vertical-specific sites such as Zillow, TrueCar,
Realtor.com, Homes.com and Indeed report more than half of their visits and transactions are
conducted by smartphone or tablet. EBay mobile commerce in 2014 totaled $27.9 billion, representing 34 percent of total volume, and PayPal conducted 1 billion mobile transactions in
2014. Auto marketplace TrueCar concentrates nearly all its product development on mobile.
Additionally, there is a growing trend towards mobile-app classified and marketplace
startups, especially for stuff transactions —– neighbor buying, selling or trading with neighbor
– and hiring. Notable new apps include Switch for text engagement between job seekers and
hiring firms, and social service / gig site Thumbtack, the recipient of $130 million in venturecapital funding. TradeYa is a stuff app that offers safe, currency-free swaps. TradeYa claims
improved safety because its user profiles are verified by way of prominent social networks,
such as Facebook, Twitter and LinkedIn.
ComScore co-founder Gian Fulgoni recently presented The State of the Mobile Industry
at the Mobilize Your Mind summit. He made these points:
On leading media properties, at least 30 percent of monthly visitors access via mobile.
App usage represents 52 percent of digital engagement. More than one in seven digital commerce dollars are spent on mobile devices, and that number is growing. In the last two years,
U.S. mobile commerce spend grew from $4.5 billion to $6.8 billion, according to ComScore.
Clearly, mobile is a front-and-center classified and marketplace tool, and as such needs
a front-and-center mobile fraud-deterrent approach.
Page 9
Vol. 16 No. 6
Stopping fraud on mobile with GPS
Fraud-service vendor Iovation, whose classified and marketplace clients include AutoTrader.com, Trader Media, Cars.com, Etsy, DoneDeal, Finn.no and Poshmark, has just such
an approach.
One of its most prominent mobile tools involves the use of the phone’s GPS, which indicates where a user is really located.
The vendor’s 2014 Mobile Report – Trends and Impact concluded that mobile would become a second-step safety tool, with verification by text and QR codes. Online businesses
would soon start to ask customers to register their mobile devices to help stop fraud and protect their identity, researchers predicted.
“Those will be general site safety features,” Iovation business development representative Jay Johns told the AIM Group.
Johns said the proprietary help Iovation offers is device pairing and authentication.
“If one user is continually going online by way of the same devices it makes no sense
to have them authenticate over and over again,” he said. “We recognize all the devices the
one visitor uses regularly. But the real difference in the way we approach mobile is the way
we identify the device and run our technology to create a digital fingerprint. Telling publishers that this is Android or IOS and that it’s using a spoofed device sitting in Ghana is really
powerful. Thousands of times a day we find devices like this.”
Johns described classified sites’ efforts to prevent fraud as “not so much a science as
an art.” He described publisher decisions to block advertisers as a little ambiguous.
“They look at a certain five ads and say, ‘None of these are good,’ and turn them off,”
he said. “If the device comes back and tries again they will put up some error message to the
advertiser and an 800 number to call for help, which routes to a fraud specialist.”
That 800 number isn’t always the fraud deterrent the publishers hope for, however.
“In classifieds, scammers are pretty brazen,” Johns said. “If they can get $20,000 for a
Corvette that doesn’t exist, why not try? On the other hand, the classified operators are used
to them and pretty savvy.”
Page 10
Vol. 16 No. 6
Buyers, sellers must get pro-active
The evolution from classified rich-media luddites such as Craigslist to social-profilefocused marketplaces such as ByOwner.com, NeighborGoods and the thousands of marketplace-focused Facebook Groups theoretically creates a safer online buying experience because
people get to know each other. Criddle doubts those profiles offer much safety, however. Instead, consumer ratings top her buyer safety list. “There are people who create entirely fictitious profiles,” Criddle said. “That’s very easy to get away with unless someone does deep research. Besides, if I’m buying or selling something legitimate I don’t care who you are. I only
care if you have a good reputation.”
Criddle praised both EBay and Amazon for their fraud prevention tools. “If an EBay seller has a 99 percent rating and has sold more than three items to folks other than his brother,
has offered the service for a long time, and has great reviews, I can be fairly confident,” she
said. “And on Amazon next to some reviews you’ll see verified purchaser. That’s very helpful.
The seller sees that Amazon knows who these folks are and that they really bought the products they say they did.”
The latter is an important deterrent to what ECommerce Bytes described as EBayprominent liar buyer fraud. The fraud is perpetrated by online buyers, who receive the item
they order and then persuade EBay that it never arrived, soliciting a refund. According to PayPal, 25 percent of its fraud claims come from liar buyers. A new report by former PayPal executives, titled Liar Buyer Fraud and How to Curb it, determined that showing a user in the
process of filing a dispute that her computer is recognized, and his location is known was an
effective deterrent. In the 855-subject experiment the fraud was dramatically reduced by this
tactic. ECommerceBytes was critical of EBay for not allowing sellers to share the identities of
these liar-buyers with each other. EBay failed to respond to our request for comment.
Classified and marketplace sites have numerous automated and manual fraud deterrents in place, and the growing use of mobile for classified transactions should enhance these
efforts. However, what sites and their vendors implement to prevent fraud isn’t enough. “No
site comes even close to doing the best it could because they look at it as a cost / benefit
tradeoff,” Criddle said. “Only 1 percent of their visitors have a bad experience. They have to
determine where their financial pain point is, and where the media focus is, to determine
how much to spent on fraud prevention.”
So, while classified and marketplace sites make significant efforts to prevent fraud,
buyers and sellers still must take responsibility for their own safety. They must implement
online safety measures of their own. The sites simply will not do it all.
Page 11
Vol. 16 No. 6
Backpage, cops unite in fraud fight
Site shares homegrown tech with law enforcement
BY BRIAN BLUM
With many listings prone to potentially illegal activities, how does Backpage keep its
users safe and its activities aboveboard? Simple. The company is quick to go to law enforcement and has developed its own fraud-prevention techniques, which they share with the police.
Backpage general counsel Liz McDougal granted
the AIM Group a comprehensive interview. She has been
with Backpage three years and formerly counted
Craigslist as a client in her own legal practice.
Despite calls to shut down the site due to its
“adult content,” McDougal said Backpage provides an
“invaluable service to law enforcement” through the
specialized fraud-busting technology it has developed
along with a strict manual review methodology. Indeed,
other classified sites grappling with fraud and abuse issues should pay attention.
Backpage is perhaps best known for
being the leading U.S.-based online
business to carry “adult advertising”
– escorts, massages, models and the
like – along with cars, jobs and furniture. According to the AIM Group’s
research, in 2013 Backpage accounted for over 80 percent of adult advertising among the five U.S. websites we track, earning just over $31
million for the year from such ads.
The bottom line for everything Backpage does in
this area, McDougal told the AIM Group, is that the company constantly has law enforcement in mind. First and
foremost, that means being fast. If law enforcement
sends a search warrant or court order to Backpage for a certain record, Backpage usually gets
it to them in less than 24 hours. “Other sites can take weeks, which is a great frustration to
law enforcement, because if they have an active investigation going on, that information will
often be too stale by the time it gets there,” McDougal said.
Backpage’s homegrown technology can zip through its records rapidly by employing the
search terms that are most commonly used by law enforcement. “Except in some really rare
instances, everything is automated and can be done with a few clicks of a button,” McDougal
said.
When Backpage generates a report for law enforcement, its system lays out everything
in a format that makes sense. “We don’t just place all the ads in one pile and the invoicing in
Page 12
Vol. 16 No. 6
another pile and ask them to sort through it,” McDougal explains. Advertisements, administrative information and invoicing are all grouped together logically.
If that isn’t clear enough, Backpage has also created a guide specifically for law enforcement professionals to explain what’s in Backpage’s reports. “We know that records that
might be meaningful to us could be hard for someone else to decipher,” McDougal said. “So
we provide a guide that explains what
Backpage
this box or that field means, rather than
forcing law enforcement to call us for an URL: www.backpage.com
Owner: Backpage.com LLC
explanation.”
Headquarters: Dallas
Backpage developed these police- Launched: 2004
Traffic: 37 million users across all sites, 7 million
friendly systems to counter some of the
criticism. It happened in the early days of ads
the company, and McDougal said it’s now Revenue: $31 million (2013)
No. of employees: 160
part of company’s DNA. “We’ve been doBusiness model: Mix of free and paid classified
ing it so long and so well now, that the
listings. Privately held company recently purchased
value we provide to law enforcement has by unidentified company in the Netherlands.
become its own motivating factor. When Bottom line: Top free and general merchandise
we talk with law enforcement, it’s clear classified site most distinguished by inclusion of
adult listings. Became leader in this area when
how we’re helping them to find missing
persons, track down victims and actually Craiglist dropped the category in 2010.
make convictions. We know we can’t stop
all the fraud ourselves. So, we report illegal activity, we do what we can on the prevention
side, and we devote significant resources to help law enforcement.”
While Backpage operates within the confines of U.S. privacy laws, which require that
law enforcement agencies need a court order, search warrant or subpoena before Backpage
turns over most user data, if Backpage detects a posting that it deems blatantly illegal, exploitive, or in particular, one that involves children, the company proactively contacts law enforcement ... often within minutes. “We do ask that they file the proper search warrant documentation after the fact,” McDougal said.
Automated filter
Backpage’s approach to abuse, fraud and safety on the site is not just reactive. The
company has in place a multi-step process for catching questionable content before it ever
gets sent to law enforcement. First in that process is an automated filter that has over 95,000
words, phrases, code words, email addresses and some IP addresses that will automatically
reject an ad if a flagged term is detected.
Page 13
Vol. 16 No. 6
In “gray” cases, where it’s not immediately clear if a post is illegal or inappropriate,
the ad is sent to a violation queue where it is manually reviewed by a moderator. Every posting in the adult and dating categories gets the manual treatment before being allowed to go
live on the site. “We are looking first and foremost for any indication an ad may involve a
child or any kind of human exploitation, labor or sex trafficking,” McDougal said.
If a moderator sees something that triggers concern for a child’s safety, it is “escalated
to a supervisor who reviews it and, if appropriate, makes a report to law enforcement or to
the National Center for Missing and Exploited Children.” Backpage sends about 600 reports a
month to NCMEC. About 100 out of Backpage’s 160 Dallas-based staff are moderators. BackPage’s parent company was bought in December by an unnamed Dutch firm, but no changes in
Backpage operations (such as offshoring moderation staff) are expected. Backpage CEO Carl
Ferrer will continue leading the company.
Second review and moderators
Once an ad clears that first level of manual review and goes live, it is subject to a second manual review by a different group of moderators, McDougal said. “There isn’t a mathematical or scientific formula for identifying an ad for prostitution or labor trafficking, so it’s
the old adage that two heads are better than one.”
Backpage’s final check relies on users. Every listing on the site has a “Report this ad”
button with three options: “Wrong category,” “Over posted / spam” and “Inappropriate or
illegal content.” If the last option is chosen, the system grabs the URL of the page and sends
it straight into the violation queue for a moderator to review.
On the user side Backpage invests in education on “how to avoid scams and fraud, what
to watch for, and how to be safe in one’s transactions,” McDougal said. There’s a page on
“Safety” which is linked to from throughout the site. There’s even a warning against Nigerian
prince scams, which occasionally migrate from email to Backpage.
There’s been no collaboration between Backpage and other classified sites to share and
improve safety, McDougal said, because it’s hard to collaborate with a classified site that is
being targeted by an NGO or elected official. It happened when Craigslist was under attack
for trafficking issues. “People didn’t want to be associated with Craigslist then,” she said.
“Backpage is in a similar boat.”
That’s a shame, because there is always more fraud to combat. “We have people do
spot checks on every category on the site,” not just the adult posts, McDougal said. But with 7
million ads across all of Backpage’s hundreds of local websites in 88 countries and with 37
million users visiting each month, “it’s like a game of whack-a-mole. It’s very difficult to discourage the scammers.”
Page 14
Vol. 16 No. 6
Display ads face double dilemma
Viewability, fraud issues may affect up to 80% of ads
BY SEAN HARGRAVE
Though digital display advertising grows more popular and lucrative, it has two big
problems: viewability and fraud.
In the former, an ad may be placed too low on a page for it to be seen. In the latter
case, an ad may be displayed on a fake site set up by criminals to con advertisers. Either way,
the advertiser does not get a message in front of a potential customer.
As Steve Chester, director of industry programs at the Interactive Advertising Bureau
UK, concedes that nobody knows how big the problem is, but all agree it is huge.
“It depends whose figures you look at, but I’ve seen estimates that vary between 3 percent and 80 percent of digital display won’t be seen because of viewability issues or fraud,”
he said. “It can sometimes seem like people are just using a random number generator but it’s
safe to say it can vary greatly on how and where people buy their display. Some respected
sources, such as comScore, typically come in at around a third or a half of display not being
seen because of fraud or viewability.”
Viewability is a relatively simple issue, now that the IAB in the UK and U.S. have agreed
to a standard that a brand should only be charged for an advert if at least half of an ad’s pixels are on the computer screen for a second. Anything less and everyday technology will measure it as not having been delivered and the advertiser will not be charged.
Training ‘bots to steal
Fraud is far more complicated because cyber criminals are smart. They use malware to
infect a computer and force it to visit many sites so it can pick up lots of cookies on its way
around the web, making it an attractive proposition to an advertiser or rather an advertiser’s
technology.
The next step is for the criminal gang to launch a series of sites which are typically
filled with content automatically cut and pasted from other legitimate sites. Spaces for adverts are left and these will often have many adverts crammed into each window either by
shrinking each piece of creative to a single pixel or running adverts full size but with many
piled up, one behind the other.
This means the fake site can offer each advertising slot to multiple advertisers through
a variety of advertising exchanges. It then sends its thousands upon thousands of bots to visit
Page 15
Vol. 16 No. 6
its fake sites and brands can then be duped into bidding for the opportunity to present an
advert to what appears to be real people visiting a real site.
Unlike viewability, there is no standard metric yet agreed by the IAB in the UK nor
the U.S., although both bodies are working on definitions which he believes will lead to certification programs by the end of the year or, more likely, the start of next year.
Then, as now, the responsibility will be on each brand to ensure they get the exposure they have paid for on sites where it can be viewed by a customer in a brand-safe environment. That is the advice of Niall Hogan, managing director of Integral Ad Science, a
company which can detect viewability and fraud issues.
“It’s vitally important that any brand advertising asks the agency buying their media
what technology they have in place to ensure they measure viewability, detect fraud and
ensure ads are seen in a brand-safe environment,” he said. “If not, you could be wasting so
much budget without realizing it. You’ll find some companies are specialists in viewability,
some go for anti-fraud and some do both. It’s down to you to ensure the technology is applied to your campaign or you could be throwing away thousands of dollars per month on ads
nobody will ever see.”
A growing problem
It is an important factor for the big portals to look out for on their own site but also
when they run display campaigns to raise awareness of their brand names on third party
sites, said Phil Kissane, Managing Director of digital marketing agency, Stickyeyes.
“A lot of classifieds companies, just like any other, are increasingly using display to
get their name familiar with the public,” he said. “That’s why you see so much creative
prompting people to search for a specific term. The aim is to ensure you search for their
brand name or a product name and then if you see them crop up in the search results you’ll
select them. This not only gets the brand the traffic but Google gets to see they’re a popular brand that they should rank towards the top of their natural listings.”
Given that only around one in a thousand Web users will ever click on an advertisement, display is all about awareness rather than direct response. It makes it necessary,
then, that advertisers ensure they get the media they are paying for and that, as publishers,
classified sites do everything they can to block fraud and measure viewability.
In the absence of firm guidance from the IAB in the UK and U.S. that will lead to accreditation schemes for vendors before next year, the responsibility truly is on advertisers to
check how they are being protected and for publishers to be able to offer an assurance
brands are protected.
Page 16
Vol. 16 No. 6
Australia a fertile ground for scams
Losses on classified, auction websites hit $11 million
BY KATE LYONS
Scams accounted for more $90 million in losses in Australia in 2013-2014, with $64.5
million lost in Internet scams alone between January and October last year, according to research by the Australian Competition and Consumer Commission (ACCC) and the University of
Canberra's Centre for Internet Studies. Buying or selling scams on classified and auction websites robbed Australian consumers of nearly $11 million last year.
Professor Nigel Phair, former Australian Federal Police cyber-fraud expert and director
of the centre, said “buyer-side” fraud was at present growing faster than seller-side fraud.
Common classified frauds included scammers asking for upfront payment while pretending to
live overseas or attempts to gain a seller or buyer's trust with false documents, false identification and elaborate background stories.
Recruitment and automotive classifieds are particularly ripe picking for scammers, with
the Australian Government's online safety and security website, Stay Smart Online, issuing a
warning last year about fake recruitment advertising which actively targeted job seekers for
both identity theft and use as “money mules,” a form of money laundering.
The Queensland Office of Fair Trading also highlighted classifieds ads late last year
when it warned consumers about a sophisticated scam involving fraudulent shipping business
websites. Queensland Fair Trading Executive Director Brian Bauer said scammers were listing
fake advertisements for second-hand vehicles, caravans and boats on trading websites and in
local newspapers. When buyers made contact, they were told the seller had moved overseas
but that the goods were being held by an Australian shipping company. Scammers used a website and company name which mimicked a legitimate shipping company and consumers then
paid for goods which did not exist.
Security shortfall
Phair told the AIM Group that the classified advertising sector in Australia had been
fairly slow in attempting to safeguard its sites against these types of fraud and that not
enough site owners were willing to invest properly in anti-fraud measures and software security.
“Not having a safe and trustworthy online experience diminishes consumers' desire to
fully embrace the Internet for commercial activity,” Phair explained. “E-commerce providers
Page 17
Vol. 16 No. 6
and networking sites need to do much more to reduce the likelihood of users falling prey to
scammers.”
This failure could have serious long-term effects on brand trust and customer loyalty,
he pointed out. “What sites don't understand or properly value is the 'stickiness' of customers
around issues of trust and loyalty. Keeping customers loyal is particularly crucial now that
there is so much competition in the online buying, selling and auction space.”
Asked what classified advertising sites and marketers were doing to combat this risk,
Phair said that while a few had instituted fraud protection software and most put up general
warnings, the great majority of sites weren't willing to invest much at all.
With sites lax on security and scammers becoming both more numerous and more devious, Phair described online fraud as a “wildebeest scenario:” Those who failed to adequately
protect their sites and customers would be picked off, either by scammers themselves or by
customers losing faith. “A bit of basic software and a few standard warnings just isn't
enough,” Phair said. “Education is important but it is hard to measure how effective this is
long-term. Meanwhile scammers are becoming more sophisticated and are adapting rapidly to
the safeguards in place.”
Fraud software was no silver bullet either, Phair said, because criminals and scammers
were usually at least one step ahead of the game. One of the growing risks he identified was
the ability of scammers to “integrate” abuse. Some examples he’s seen: 1. Fraudulent ads
linked to phishing campaigns and transaction or financial provider fraud. 2. “Long-game”
email fraud based on information garnered from reputable sites or advertising. 3. Scams on
sites that were also linked to identity theft and / or credit card fraud.
“What is required is thorough rules-based software which is adaptive and which can be
tweaked to the nature and level of risk,” he said. “That requires investment in human expertise and ongoing vigilance. Otherwise customers will lose their trust in your site and simply
head elsewhere.”
Who is doing it well?
Phair pointed to Carsales as a site which had made sustained efforts to safeguard buyers and sellers. Stephen Fairlam, trust and safety officer for Carsales, told the AIM Group his
site had invested in sophisticated rules-based fraud control software aimed at detecting suspicious activity.
Every Carsales account, advertisement and inquiry is run through a fraud control tool
which looks for suspicious elements or patterns in location, identification details or selling /
buying behavior. The tool gives constant feedback, adapts and updates to new information or
Page 18
Vol. 16 No. 6
trends, and the technology is backed up by manual checks by security experts. Carsales was
also first in the industry to implement an SMS validation service for transactions.
Fairlam said that fraud occurred on both the buyer and seller side of the automotive
classifieds business. On the buyer side a favorite scam was contact made with a seller by SMS
requesting a private email address. This took the transaction outside the site domain, evading
the security software which would usually protect private emails and block any fraudulent activity.
“The buyer tells the seller they reside overseas, work in the military or live interstate,"
he explained. "They want to purchase through a third party, that they can't pay through the
regular channels but they will pay if you can transfer a certain amount to get the ball rolling.
The scammer sends emails purporting to be from PayPal or Western Union, luring sellers to
transfer money which is then sent through to three or four other fraudulent accounts.”
Last year NSW Fair Trading warned consumers of just such a buyer-side fraud where a
seller was cheated out of forward transport costs she had paid. Fair Trading is currently working with Western Union, Australia Post and law enforcement to combat this style of fraud.
Fairlam said the best defense against such scams is a rigorous combination of education, technology and adaptive security systems, accompanied by relevant human resources expertise. He agreed with Phair that while education and warnings were important, after a
while standard messages about fraud became so much “white noise.”
However, he said Australia compared well to global markets in terms of fraud protection, partly because by the time scammers tried their luck in Australia, the scams were already well-known overseas.
Nikki Hennessy, spokesperson for Gumtree Australia, told the AIM Group Gumtree Australia had a zero tolerance for threats to its online community. “Any listing that could pose a
threat to a community member is a breach of the Gumtree terms of use and will be removed
from our site,” Hennessy said.
As a locally-focused, community-based site (albeit one owned by EBay), Gumtree tends
toward an advice-based defense against scams. “We always encourage members to buy and
sell locally. A transaction should always be made face-to-face, with an in-person payment
made once the goods have been seen. We advise buyers to never pay for an item before it has
been viewed,” Hennessy said.
"We also encourage our community to use the ‘Report Ad’ function should they identify
a suspicious or offensive listing to ensure the ad is removed. The most important thing to remember is that if a listing sounds too good to be true, it probably is.”
Page 19
Vol. 16 No. 6
Chinese government, online sites
spar over bogus-product claims
BY DON GASPER
The extent of fraud and the prevalence of counterfeit products on China’s e-commerce websites has been a hot topic in the country in recent weeks. A government regulator openly criticized
some of the leading online shopping sites in this regard, stinging the largest of them into hitting
back in an unprecedented public spat.
The row started in late January when the State Administration for Industry and Commerce
published a report on its website claiming that, according to a survey the watchdog had conducted
between August and October last year, only 58.7 percent of the goods sold online that it had tested
were certified.
The country’s biggest consumer-to-consumer platform, Taobao.com, which is run by privately owned Alibaba Group Holding Ltd., came out in a particularly unfavorable light, emerging as having the worst performance out of six major online markets surveyed. The survey claimed that less than 40 percent of products from Taobao were genuine, the result
of allowing vendors without business licenses to run unauthorized online stores. This contrasted with 85.7 percent of goods on TMall, a business-to-consumer site also
operated by Alibaba, and 90 percent on rival site
JD.com.
In an open letter made public Jan. 28, Taobao hit back, accusing Liu Hongliang, the SAIC official in charge of regulating online trade, of abusing his power and damaging the reputation of
Taobao’s site as well as that of the online merchants. It charged Liu of “using a wrong method and
reaching a conclusion that is not objective.”
Taobao said that at least 51 of the 92 samples that were inspected by SAIC were taken from
its platform, with just 10 items sampled from one of its competitors. It said that the survey was
therefore unfair and its results had been made public without giving online merchants the opportunity to appeal.
In a response the same day, the regulator published a “white paper” saying that Taobao had
failed to clean up its act in five areas. Among these were having a defective rating system for merchants, having a low threshold for allowing businesses to open on its site, permitting vendors to operate without business licenses, failing to crack down on the sale of fake products and allowing
bribery and other illegal activities on its site. It transpired later that the white paper was based on
Page 20
Vol. 16 No. 6
discussions between Alibaba and the regulator in July. Reportedly, its publication had been withheld until this year to avoid it having a negative impact on the company’s debut on the U.S. stock
market in September.
On Jan. 29, Alibaba Group vice-chairman Joseph Tsai Chung-hsin, speaking during an earnings conference call, dismissed the report: “We believe the flawed approach taken in the report
and the tactic of releasing a so-called white paper specifically targeting us was so unfair that we
felt compelled to take the extraordinary step of preparing a formal complaint to the SAIC.”
Both sides subsequently sought to cool down the war of words. SAIC deleted the report from
its website, which Alibaba took as a sign that it had been vindicated. (For the text of the removed
report click here.)
In a statement on its website on Jan. 30, SAIC said that its top official, Zhang Mao, had that
day met with Alibaba’s executive chairman, Jack Ma Yun. It said the two sides had agreed to tackle fakes and boost consumer protection online.
The day before, the official China Daily newspaper quoted Neil Flynn, chief equity analyst
at ChineseInvestors.com, on the affair. Flynn noted that consumer-to-consumer sites like Taobao
were more vulnerable to having fake products on them, just because of the nature of the business.
With e-commerce in China developing at breakneck speed, it is difficult for regulations and
laws to keep up in the fight against online fraud, Zhang Mao has admitted.
Speaking at a news conference on March 9 during China’s annual parliamentary session
Zhang said that China must establish a system to record and restrict e-commerce companies that
broke rules on the sale of counterfeit goods online. The penalties for breaking existing rules were
too low, in his opinion, but if punishments were made severe, then the market would improve and
fake goods would disappear. “Market order can only be regulated if we increase the penalties for
selling fake goods, making traders who sell such goods unable to continue operations, or go bankrupt,” Zhang said, responding to a question on the sale of fakes on websites of the Alibaba Group.
Ironically, following the SAIC criticism of the Alibaba marketplace, the United States rallied
to its defense. The U.S. Trade Representative said March 5 that for a third year in a row it was
keeping Taobao off its list of what it calls notorious markets for pirated goods. It had removed
Taobao from the list in 2012, citing Alibaba’s efforts to address complaints from copyright holders.
The USTR said that Alibaba had told it that the company continued to act on complaints by
“reportedly removing millions of listings for counterfeit and pirated products manufactured in China and offered for sale and export.”
Alibaba said that it spent over 1 billion renminbi ($160 million U.S.) between January 2013
and November 2014 on dealing with fake goods and guaranteeing consumer rights.
The Wall Street Journal reported on March 9 that an Alibaba executive had told it the company used technological tools to detect and remove questionable orders from its platforms .
Page 21
Vol. 16 No. 6
Russian firms are fraud-fighting vets
Avito, Yandex lead way in prevention techniques
BY PAVEL MARCEUX
Russia has historically been an epicenter of online fraud, with domestic Internet firms
understanding the challenges of combating malevolent viruses, data attacks, fake profiles and
various scams.
The upside of facing decades of online fraud is the wealth of expertise companies have
developed in regulating their environments and protecting consumers. It is no accident Russian companies such as Kaspersky Lab and IB-Group have become global leaders in Internet
security.
Classifieds majors Avito and Yandex are also honing their anti-fraud techniques to retain the value of their business, especially as the volume of listings continues to grow.
Algorithms and codes combat auto and realty fraud
The Internet search giant Yandex has developed sophisticated algorithms to combat
fake listings and malicious bots on its real estate classifieds platform Yandex.Realty. According to Ivan Chernyshov, project manager at Yandex, the company has “combined our technologies, from collected experiYandex
ence in running classifieds projects
and in terms of our Big Data experURL: Yandex.com
tise, to prevent erroneous listings
Owner: The largest investors in Yandex are Baring
such as duplicates and frauds.”
Vostok Capital Partners and
With its specialized Big Data deTiger Global Management.
partment, the Yandex Data FactoLaunched: 2000
Bottom line: Yandex is a Russian company that offers
ry, the company is likely the best
an internet search engine and search solutions to a
placed company in Russia to impleworldwide customer base.
ment data-based algorithms to
combat unwanted listings. However, Yandex has also installed additional human-based measures.
All Yandex.Realty listings go through moderation by a dedicated team and the site also
has an online submission form to report any fraudulent activity by users.
For its car classifieds business, Auto.ru, Yandex has also made a major step in anticipating and removing fraud.
Page 22
Vol. 16 No. 6
Russia’s leading auto classifieds platform has started to automatically check used-car
listings in the Moscow region to determine whether the vehicle is stolen or if the specifications listed by the seller are correct. This is being done by checking the VIN code. If any issues
arise after the check, the car’s listing is removed or amended.
Kirill Smolin, project manager at Yandex.Auto, an auto classifieds platform run together with the Auto.ru brand, said, “Currently, there is no law that forces car owners to provide
the VIN code when selling their vehicle, but we are offering to provide this check voluntarily.
It allows us to fully audit the history of the car and enhance the trust that our users have towards our listings.”
Avito also turns to Big Data to cut costs in moderation
Being Russia’s largest online general classifieds platform, with over 28.1 million listings
this month, brings its own problem when
Avito
fighting fraud. Avito’s rapid growth has, to a
URL: Avito.ru
degree, outmatched its capability to provide
Owner: Vostok Nafta Investment Ltd and Inwell-moderated listings to its huge national au- vestment AB
Kinnevik
dience.
Launched:
Its popularity (top-10 site by Web traffic 2007
in Russia) has meant that the platform has be- Traffic: Monthcome a favorite among fraudsters, with consum- ly of around 25m
Business model: Holding company
ers and rival companies publicly critical of the
Bottom line: Avito operates the leading genaccuracy of Avito’s posts.
eral classifieds site in Russia
In 2013, Avito committed to an automated fraud detection process by investing in a Big Data warehouse solution provided by HP Vertica. According to Nikolay Golov, Avito’s chief data warehousing architect, the technology was
chosen because it was able to process data quickly and it could be upgraded with additional
commodity hardware easily.
The Big Data move was also a basic business decision. In 2013, Avito had around 250
staff working on the moderation of listings. By the end of 2014, the moderation group had
stayed at the same number, but the volume of listings nearly doubled. Increasing human resources in this space to deal with the growth of the site was simply too capital-intensive and
automation had become the only realistic solution.
The diversity and sophistication of scams, as well as the sheer volume of listings, mean
that Avito has also placed the responsibility on the users to recognize fraudulent activity before engaging in transactions. The site does this via its “safety” blog, where it lists and describes the latest classifieds scams.
Page 23
Vol. 16 No. 6
Online payment fraud still low but growing rapidly
Classifieds platforms have few levers to combat online payment fraud, as this issue can
only be dealt with by the actual payment operators. So far, online payment fraud levels in
Russia have been significantly lower than in Western Europe.
The level of fraud-related losses in Western Europe is roughly comparable to that in the
USA, making up 0.04 percent of total payment volume, according to the Russian branch of international payment operator PayU. In Russia, this level is four times lower.
Adyen, a global provider of online,
mobile and point-of-sale payment solutions, confirms that Russia is not ranked
among high-risk countries.
“We have a very limited level of
fraud in Russia thanks to our risk management system and also because bank card
issuers don’t allow fraud,” explained Elodie Trichet, senior strategic partnerships
manager at Adyen.
Risks are limited for the merchant
as 3DS is the accepted norm of security
and expectation for online shoppers in
Russia.
Adyen, a global provider of online, mobile and
point-of-sale payment solutions, confirms that
Russia is not ranked among high-risk countries.
“For a long time, managing fraud risk in Russia meant blocking the IP address of fraudsters. Now, our main task is to improve the conversion rate for our clients. A lot of clients
come to us precisely because our mission is no more preventing fraud but driving sales, which
means accepting a real customer that another payment operator would have refused,” Trichet
added.
However, as revealed by international research company Euromonitor, payment fraud
levels grew faster in Russia than anywhere else in Europe in 2014.
In other words, the rapid growth in bank card use in Russia could well be masking a serious deterioration of the fraud situation in the country, which will be fully revealed only
when card payment growth stabilizes.
Page 24
Vol. 16 No. 6
In Spain, vigilance and victories
Top companies reveal challenges, common solutions
BY CILA
WARNCKE
Fraud varies by vertical. A generalist classified site like Milanuncios.com, which offers
millions of products in hundreds of categories, offers plenty of scope for would-be scammers.
Historically it was a prime target for fraud, according to Frode Nordseth, CEO of Schibsted Classified Media Spain. Thanks to rigorous fraud detection work the number of number of
fraud cases is decreasing month by month.
“We're almost at the bottom limit,” he said. “We stop
about five to 10 percent of the
ads before they get to the user.”
One of its most vulnerable categories is holiday rentals, where
criminals can take deposits then
disappear with the money.
Auto classified Coches.com
reported a similar attempted
fraud figure of about 10 percent,
mostly offers of non-existent cars
for sale. Chief technology and
marketing officer Nuño LópezCoronado told the AIM Group that
a dedicated quality team checks
every ad for potential fraud,
meaning that less than point-one
Auto classified Coches.com reported a similar attempted
percent make it onto the site.
fraud figure of about 10 percent, mostly offers of nonexistent cars for sale.
Information, rather than
currency, is the main target of
fraudsters on employment sites, according to Jorge Guelbenzu Lapresta, general manager of
InfoEmpleo.com.
The most common scams are ads requesting personal data, as well as pyramid job offers. Overall, InfoEmpleo keeps fraud down to less than 1 percent of its total ads.
Page 25
Vol. 16 No. 6
Data Tools and Technology
Big Data is key to maintaining integrity in classifieds, allowing companies to rapidly sort
and assess information. “Years ago it was all done manually,” said Nordseth. “Now up to 95
percent is done using advanced data analytics, such as tools that analyze word patterns.”
Sophia Casas, email product manager for Trovit, said automated data analysis is vital to
keeping fraud out of the huge volume of ads it processes. The multi-channel aggregator has
multiple systems to scan ads and
reject ones that do not match
the pattern of a legitimate ad.
“Our tools constantly learn and
evolve to become better adapted
to catching fraud,” she said. Humans are still an important element of the feedback loop, however. Trovit recently implemented the tool for reporting suspicious ads. The data they acquire
will go to further refine their
prevention methods.
Property portal Fotocasa.es is a leader in mobile and
recently launched Spain's first
smartwatch property app to accompany its market-leading
Property portal Fotocasa.es is a leader in mobile and recently launched Spain's first smartwatch property app to smartphone app. One of its recent anti-fraud innovations is auaccompany its market-leading smartphone app.
tomatic phone number validation. When a seller uploads an ad he or she is sent a unique code by phone. They enter the
code to confirm the phone number in the ad is authentic. Without the code, the ad can’t be
uploaded and automatically disappears from the user's account after three days.
In the auto sector, fraud prevention is based on pattern analysis and checking standard
markers.
“The first thing our tools analyze is the price. In fraudulent ad is usually 20 to 30 percent below the market value,” López-Coronado said. “Then we check the description. Scammers will repeat the same ad, only changing the car's make and model. We also check the
seller's IP address. If the IP is in Asia or South America the ad can't be true.”
Page 26
Vol. 16 No. 6
Coches.com's quality team also screens for low-quality photos, ads that request payment by transfer services such as MoneyGram, and ads where the seller claims to be “about to
leave the country” and selling at a low price in a hurry.
Fraud Prevention Best Practice
Data tools are first-line protection against fraud. But a robust fraud defense system also involves understanding the product and market, and engaging users. Though user feedback
may seem a blunt tool in the era of rapid big data analysis, it is key for two reasons:
1. Data tools have to be taught to find fraud. Humans are more likely to spot new
scams.
2. Engaging users builds trust, which is the whole point of fraud prevention.
Sources from Spain's top employment site InfoJobs.net told the AIM Group it checks
every ad published on its site. In addition, a dedicated team randomly reviews offers and responds to user feedback.
“Our users are very collaborative,” said Casas, of Trovit. “They alert us to any irregularity they detect, which helps improve our functionality. We work hard to educate our users
and advise them to be careful of 'miraculous' offers.”
In verticals where users are purchasing items, whether its cars, home electronics or
holiday rentals, Casas emphasized the importance of being price savvy, both for portals and
users. “An ad with a price that is significantly lower than the average for similar ads is probably going to be a fraud.”
Conclusion
Despite the specific traits of fraud in different markets, the main point all these professionals make is that fraud is a protean problem. The constant evolution of digital technology
and user behavior means there is not one single fix for fraud. “It's like an arms race,” Nordseth said. “We do something so they do something, then we have to update our systems. They
are always trying to get around our systems.”
Classifieds need a comprehensive strategy, dedicated staff and adaptable tools to keep
ahead of criminal creativity. And they need to remember that information is their best weapon.
“When we get a fraudulent ad we just kick it off the system,” said López-Coronado.
“We don't say anything to the advertiser because if you give them information about why it
wasn't valid they will do it better the next time.”
Page 27
Vol. 16 No. 6
How OLX.pl fights fraudulent ads
Site verifies listings, has separate anti-scam unit
BY ANDRZEJ SOWULA
Automatic listing verification against fraud, a special fraud protection unit, user education and close cooperation with the police are foundations of the user safety policy at
Naspers’ OLX.pl, Poland's largest general classified site.
The site is visited by 7.5 million users per month, and even though most of them are
honest and come to OLX in search for used stuff they need, it happens that there are also
fraudsters.
This causes a lot of distress
among users who have been deceived,
judging from the comments dedicated
to safety on the OLX blog. For that
reason, OLX.pl has its own policy of
supporting the safety of users, although it only governs placing listings
on its site and does not mediate in the
transaction between the seller and
the buyer.
OLX.pl
URL: http://www.olx.pl
Owner: Allegro Group
Address: Poland
Launched: April 2014
Traffic: 7.5 million unique users per month (source: Megapanel
Gemius/ PBI, 10/2014)
Business model: Fees for adding a listing in an automotive category; fees for highlighting listings.
Bottom line: Olx.pl is Poland's largest general classified site in
terms of users, number of visits and number of listings.
“Most of our listings are premoderated prior to activation in the
site, and this is the first line of resistance against fraud. We also have a
separate unit to fight against dishonest users," said Marcin Urbańczyk,
general manager at OLX.pl.
According to Urbańczyk, the company has introduced several other security measures,
but he didn’t want to reveal them to make fraudster’s lives easier on Olx.pl.
“There will always be some black sheep with dishonest intentions. However, it is a marginal problem if you look at the scale of our site,” said Urbańczyk. “We do not have accurate
statistics on the number of fraudulent listings compared to all listings, but we can certainly
say that it is only a fraction of a percent of all listings on OLX.pl.”
Page 28
Vol. 16 No. 6
We can learn a bit more from Piotr Chochłow, head of the User Safety Unit at OLX.pl.
He emphasizes the role of user education.
“"We carry out educational activities using many tools, such as warnings on the page, on
our blog and on Facebook. We also run a special section on the site dedicated to user safety
topics (here) and we always emphasize in correspondence with our users the principles of OLX
and encourage our users to pick purchased items personally," Chochłow said.
As part of these educational activities OLX.pl has recently warned its users on its blog
against the increasing number of fraudulent job listings that are aimed at stealing personal data. Such data are required to open a bank account in the name of another person. Therefore,
the fraudsters first ask for scans of identity cards and then to transfer a very tiny amount of
money to the bank account indicated by a fraudster later on. As OLX explains it on its blog, by
transferring the money we confirm the data, and thus a fraudster may take a loan from the
bank in our name.
Paying via bank transfer is the most frequently named ingredient of the fraud process
that can be found in the voices of people defrauded on OLX.pl, who share their experiences in a
variety of forums dedicated to the security of transactions on OLX.pl.
“Collecting purchased items and paying (for) them in person is the safest way to complete the transaction. We emphasise that fact also in our advertising campaigns," Chochłow
said.
Another way to communicate this information to the user are provocative actions carried
out by the security team of OLX.pl. Basically It puts a fake listing on the site, which bears the
hallmarks of a scam. “Anyone who is interested in this offer receives the information from us
that this listing is a provocation made for educational purposes and the exact instructions how
to avoid this type of situation in the future," said Chochłow.
OLX also actively participates in the prosecution of the fraudster after notifying by the
user.
“We do all we can to help the victims and law enforcement authorities. We provide the
user with information (about) what he or she should do (go to the police and report the case),
and then we strictly cooperate with the police. Of course, the fraudster’s account is deactivated in our service right away,” Chochłow said.
He said his team has also a few other tools to effectively fight with fraudsters, but he
doesn’t want to reveal them.
“We try to speak as little as possible about the security-related issues, so as not to facilitate the operation of fraudsters,” he added.
Page 29
Vol. 16 No. 6
Allegro’s aim: Halt ‘perfect crimes’
Identity thieves target Poland’s largest auction site
BY ANDRZEJ SOWULA
The most difficult to detect fraud on Allegro.pl —- the largest auction site in Poland
and Central Europe —- are the ones with the use of the personal data of others. Assuming
someone else's identity, the fraudster can keep total impunity if he works in a carefully
thought-out manner. However, Allegro has its ways to protect users against perfect crimes
and secure their interests in the event of fraud.
A perfect crime on the auction site Allegro was described in the Polish press. A swindler, using a fake account, sold electronics on the site. After receiving payment he never sent the purchased goods. One of the
deceived users bought the pendrive SanDisk Extreme 64GB for 129
PLN ($35 U.S.) from him. Nothing aroused his suspicions because
the seller had 500 positive comments and only two negative.
After completing the transaction on Allegro, the pendrive
did not arrive. Attempts to contact the seller failed. There was no
response to emails and the seller’s phone was silent. The case was reported to the police
where there had been already 55 similar cases. The scammer earned 13,000 PLN ($3,529 U.S)
and remained unpunished. Police could not establish his identity, and prosecutors dropped the
charges.
It turned out that the account was established in the name of a Mr. Andrzej from the
City of Wroclaw, who some time ago lost his ID card. The search for the perpetrator using the
IP address brought no results either, as the scammer had connected to the Internet using his
phone as a router, which could not be identified because it worked on a pre-paid card, not
assigned to a specific person.
It was also discovered that the bank account to which the money flowed from the auction was set up with a stolen identity. The only clue the police had, the recordings from the
camera at an ATM in the City of Legnica, in which the scammer cashed out, proved to be also
of little avail. The recording was of poor quality and the fraudster was disguised to prevent
being identified.
Anna Tokarek, PR Brand Manager at Allegro Group, did not want to tell us the exact
statistics of similar scams on Allegro. She assured us, however, that in general fraudulent listings on Allegro are a very small percentage.
Page 30
Vol. 16 No. 6
“Buying on Allegro is safe, and the percentage of failed transactions is small as evidenced by the fragmentation of comments --- positive represent 99.5 percent of all issued,
then neutral, and then negative, which are not even 0.5 percent,” said Tokarek.
Allegro’s representative pointed out that potential risk associated with buying on Allegro.pl is in most cases reduced to zero thanks to Allegro’s Buyers Protection Program. It provides a refund if the ordered stuff does not arrive or if a customer received an item not as described in the auction. In such cases the customer can claim compensation and get their money back.
The maximum amount of money Allegro can refund is up to 10,000 PLN (about $2,716
U.S.). The most important condition for receiving compensation is reporting the case to the
police. Applying for compensation is possible upon receipt of confirmation of reporting from
law enforcement.
According to Tokarek, the best way to protect users against fraud on Allegro is constant
education on how the scammers operate. One of their favorite methods includes announcing
bargains.
“If the product price is drastically different from its actual value, users should find out
as much as possible about the seller,” Tokarek said. “They should check the history of his previous transactions and comments from buyers. If there are still doubts after such verification,
it is better to buy from a seller who has the Standard Allegro badge. Then you can be sure
that the transaction will be 100 percent successful.”
She also emphasizes that the site warns users not to buy outside Allegro, because shopping that way is not protected by the Buyer Protection Program. In the case of fraud, users
will not be able to apply for compensation.
Allegro often warns its users against phishing, which is another very common method of
collecting data used by scammers on Allegro.
“If you receive a suspicious message in which the sender insists (you) log into Allegro
via a link indicated in this message, watch out, it can be a phishing message. The link included in that message is not directed to the real Allegro, but to the fake website whose mission
is to capture the data you use to log into your Allegro account. Such messages also may include attachments such as viruses,” said Tokarek.
Allegro’s representative assured that their arsenal of methods of dealing with scammers is not limited to user education, but they declined to reveal details to avoid helping
scammers. However, as they emphasized, it is primarily education that can ensure the safety
of users and allow them to avoid even the best planned fraud.
Page 31
Vol. 16 No. 6
Job portal learned from attacks
Labor crisis makes Portugal’s Net-Empregos a target
BY CRISTINA COSTA
Portuguese job portal Net-Empregos has learned many lessons in how to stop fraud the
hard way --- by being attacked.
“In my opinion there is not a type of fraud or abuse we have not experienced. From illicit listings scraping with later falsification, to bogus job offers, phishing attempts or money
laundering scams,” explained Rui Encarnação, founder and CEO of Net-Empregos.
In his experience fraud registers and bogus job offers have been increasing with Portugal´s labor market crisis: “Very popular on
job portals is currently
the money mule scam
to launder cash from
criminal sources in
Eastern Europe. People are hired for example as ‘Commercial
Representative’ for a
caviar export firm to
deposit payments
from so-called
‘customers’ on their
bank accounts and later transfer this money to an bank oversea for a small commission,” said
Encarnação.
The independent job portal is the clear market leader in online recruitment in Portugal. An average of 25,000 job openings are published each month on Net-Empregos, making it
among job seekers the top site for job search with a SimiliarWeb estimated traffic of 2.8 million visits in February.
Safeguards against fraud
At 13.3 percent, Portugal has the fifth-highest unemployment rate of the European Union (Eurostat January 2015). Net-Empregos increased registered employers to 120,000 companies. More than 3 million candidates have placed their resumes in Net-Empregos’ database.
Page 32
Vol. 16 No. 6
Portugal´s online recruitment market is a no-cost-per-ad market for recruiters. Major
job verticals follow the Net-Empregos business model to offer free listings, only monetizing
from upsells of premium or display ads and additional services.
CEO Encarnação, who has refused offers from local major classifieds competitors to sell
his small company for several million, points as core growth factor for Net-Empregos, its freemium personal client services that as a positive side-effect helps avoid usual fraud schemes.
“We double-check everything. Not only validating data with our Anti-Fraud system, but calling
back employers, if we suspect there is a mistake or even a possible fraud involved,” said Encarnação.
Before posting a job opening employers have to pass through a mainly self-developed
anti-fraud registration process on Net-Empregos. “Based on our past experience with fraudsters we built a multi-data-authentication process, mainly based on the validation by phone,
if, for example, a mandatory information in the registration form is suspicious or misses,” explained Encarnação.
(The registration form for companies on Net-Empregos has several mandatory fields like
address, postal code, location and company email. To begin an authentication as employer,
companies have to provide at least a Portuguese landline number and the unique companies
register identification number “NIF” (Número de Identificação Fiscal). During this validation
process that lasts up to 24 hours, job listings are not placed live on the platform.
For the phone validation Net-Empregos takes advantage of the fact that Portugal has
fixed landline area codes based on geographic prefixes: “Our platform automatically matches
the address and phone data filled into the registration. If, for example, an employer registers
an address in Porto and provides a Lisbon area phone number, there will be an alert for a
manual check by our team.”
The staff of three employees of Net-Empregos starts a verification and validation process, crosschecking for example filled-in company identification numbers with the official database of the company register.
“If we do not find a correct entry of the NIF in the company register, the job offer is
not validated until we receive additional information per mail like for example a copy of the
company´s permanent commerce register certificate,” explained Encarnação.
In his opinion, only this manual crosschecking of data and direct, local contact approach, which sometimes is not pursued at general classifieds portals because of the amount
of listings, makes it possible to minimize fraud effectively.
“Some weeks ago we received a bogus listing, faking a job opening at a large multinational optician company, where everything seemed correct at first glance with the fraudster
Page 33
Vol. 16 No. 6
mirroring even the correct NIF number. But since the contact e-mail was not in our database,
we called the company and found out that their website had been scraped for fraudulent purposes,” Encarnação said.
Fighting mobile danger
The highest fraud menace for job boards comes according to him currently from mobile phones, so Net-Empregos decided to block mobile phone registrations. “If a client provides a mobile number, we validate this number by using a two-step voice code verification,”
said Encarnação. For this mobile data validation Net-Empregos applies the paid software solution “Verify Voice” provided by U.S. software company TeleSign. Through an installed API interface Telesign calls the user´s mobile number back, speaking a verification code generated
that the user has later to fill on the platform.
Net-Empregos’ job-seekers Fraud and Abuse prevention goes even further: The job vertical has introduced an “Employer blacklist” based on the feedback coming from candidates
containing names of companies that do not pay or fake higher salaries.
“We have now over 500 companies on our list that which are not allowed to post job
openings anymore, since we want only to mediate reasonable jobs with acceptable working
conditions,” Encarnação explained,
Net-Empregos even limited postings in some categories to avoid the usual job offer
spamming on freemium job portals and to meet job seekers’ need for reliable openings.
“Some Realtors from franchise companies placed hundred of vacancies, selling job-seekers
later paid-for training on a commission basis, but only employing a scarce number of them
afterwards,” said Encarnação. His team controls now narrowly how many listings are placed
by some realtor franchises, allowing them to place vacancies only from time to time.
This user-centered strategy has made Net-Empregos popular among users of social media channels like Facebook. Net-Empregos has over 900,000 followers on Facebook, which
corresponds to a value of five percent of Portugal’s working force of slightly over 4 million
people.
If Net-Empregos gets a reliable user feedback from applicants of a fraud or discovers
one itself, an alert is posted on Facebook. “This interaction with our community of jobseekers is one of our strengths in fighting fraud and also an asset for employers, since we offer reliable employers a cost-free posting of their vacancies on Facebook,” explained Encarnação.
Page 34
Vol. 16 No. 6
New feature puts scams on hold
Italy’s Immobiliare.it verifies phone numbers for ads
BY ALESSANDRA RITONDO
The Italian market leader Immobiliare.it in February launched a feature similar to Google two
-step verification, an in-house software, conceptually simple to use even for users. And since that
time, according to Silvio Pagliani, co-founder
and member of the
board of Immobiliare.it,
the scams have disappeared.
“For the ads
coming from individuals, we verify that phone numbers are real. The user must ring the portal's dedicated phone number
from his or her phone,” explained Pagliani.
Here's how it works: A user posts the ad, and Immobiliare.it requests verification by sending
to the user an email asking to click a link (pretty standard mode), when the user enters the phone
number, a pop up-window appears saying, "Call the number XX-XXX-XXXX by the
phone number you entered.” The user calls and the system makes the match.
"Because scammers know that a phone number is traceable and is associated by law in Italy to a person, this feature has much increased the security on the
site in the free ads for individuals area. Every day the system receives hundreds
of phone verifications, related to the fact that we have hundreds of new ads by
individuals daily,” said Pagliani
The telephone control occurs even if the user wants to change any sensitive data to their account on Immobiliare.it .
Pagliani
Launched in 2007, Immobiliare.it is owned by Gruppo Immobiliare. Part of
the same group are also the portals Immobiliare.it and Eurekasa.it, launched in October 2005.The
launch of NuoveCostruzioni.it dates back to November 2008.The portal operates in the area
of new buildings, while Affitti.it was launched in September 2009 for rentals.
Immobiliare.it bases its strength on technology, research and development and advertising
and its success on hard work, investment and expertise. Each month, more than 7 million people access Immobiliare.it by Web, tablet and smartphone.
Page 35
Vol. 16 No. 6
Stuffle.it adds unique protections
Buyers can pay on site; goods, money guaranteed
BY CHRISTOFFEL VOLSCHENK
Stuffle.it, the app-only flea market acquired by ImmobilienScout24.de late last year,
launched a desktop version this week with a new way to provide security.
Now, Stuffle.it is a general classifieds platform with an Android and IPhone app, just like all
the general classified players we know in Germany --- Kleinanzeigen.ebay.de, Quoka.de,
Kalaydo.de, Markt.de, Local24.de and Dhd24.de. You can search in different categories, and limit
your search geographically.
That's the first impression. But, look a bit
deeper, and it's clear that Germany has gained a
unique general classifieds platform. One on which
used goods are paid for on the site, and which offers buyers / sellers delivery options. One which
guarantees buyers and sellers they'll get their
goods and money.
These are also the major income sources of
Stuffle.it. The site takes a transaction fee on sales
if paid with PayPal --- otherwise not. The transaction fee is paid by the seller and delivery fee by
the buyer. Other income sources are upsells, such
as the "Schaufenster" (shop window), which places listings in prominent positions.
Advertising as an income source was expressly banned from the site, because, it says,
"advertising sucks on apps and sites."
This is quite a revolutionary business model, at least for Germany. So, here is the explanation
given by the site of its payment method (translated and shortened in some cases by us):
Pay on Stuffle...it’s safe and simple
As you may have noticed, you can pay in the app and on the site. We’ll explain:
What are your benefits as a buyer?
For buyers it is free to pay on Stuffle. It is also simple: Instead of bringing cash, you can pay
for your purchase directly with PayPal. If you haven’t got a PayPal account, you can also pay directly by credit card. But, with a PayPal account you get PayPal Buyer Protection.
Page 36
Vol. 16 No. 6
Buyer Protection is a guarantee that you really get your purchase item. If not, you may
claim your money back.
Want to pay with PayPal? Simply ask the seller once you’ve agreed on a selling price. You can
recognize sellers who offer payment with PayPal by the small PayPal flag in their profiles.
If you want your purchase delivered by Stuffle and the seller says it’s OK, you can pay for
your product and have it delivered all inside Stuffle.
How do you benefit as a seller?
Never send bank data to strangers! If you use the payment function, you are guaranteed to
get your money without waiting. [This] guarantees you the highest level of security. Should something go wrong, you’ll still get your money if you can prove that you dispatched the product.
To use the secure payment option, connect your PayPal account with your Stuffle account.
This added security we cannot offer free, unfortunately. We charge a fee of 5 percent of the sale
value. We reckon this is fair.
Should you and the buyer [use] delivery by Stuffle, you will initially receive both the purchase price and the delivery cost paid by the buyer. Later we’ll deduct the delivery cost, and reimburse you the portion of the PayPal fees linked to the delivery cost. ...
You don’t want to use PayPal?
You are free to decide on a payment method with the buyer. Cash on delivery, by direct
bank transfer, or credit card. But, remember: We cannot help you when problems occur in these
cases. The buyer and seller protection is only available if you used PayPal.
Which payment methods are available?
With PayPal you can use all major credit cards and direct debit cards. This varies from country to country.
You want to pay across borders?
This is possible. Even worldwide. The buyer will always be charged the invoice amount in his
own currency at the current exchange rate. Exchange rates are constantly changing and are beyond
our control.
How does Stuffle benefit?
We developed Stuffle so you can sell your stuff more easily and quickly. The payment function now makes Stuffle even better for all. It gives you more security, and we earn money.
Why are we earning our money in this way, and not with advertising? We think advertising in
apps and on sites sucks. That’s why our site and app are ad-free.
Page 37
Vol. 16 No. 6
Geebo offers SafeTrade program
SafeTrade is the new initiative from the AIM Group to make life safer for buyers and sellers
who use classified advertising sites.
It’s being offered by police and sheriff’s departments in
the United States, and now it’s being offered by a generalclassified site, Geebo.com.
Geebo is a mid-tier site that describes itself as “safe community classifieds.” It’s owned and operated by Greg Collier, who
made the SafeTrade program incredibly easy. We called and asked him to join; he did, and two days
later it was live on his site. “You have our full support,” he said.
Thanks, Greg!
If you want to participate in SafeTrade, email us: [email protected] . It’s free and easy,
and it will help your site and your users trade safely.
A listing on Geebo.com with the SafeTrade logo
Page 38
Vol. 16 No. 6
Vendors who help stop fraud, abuse
Fireblade
URL: fireblade.com
Headquarters: Israel
Founded: 2008 by Shay Rapaport, CEO, and Erez Azaria, CTO.
About: Cloud-based website security solution, including DDoS protection, website acceleration and
real-time monitoring, load balancer and failover. Fireblade relies on a behavioral approach to website security that follows on users’ behaviors and reputations, rather than signatures.
Clients: AutoTrader.com, LayerShift, SimilarGroup and EBay, where Fireblade stopped scraping,
spamming and fraud at EBay Classifieds.
Formerly knows as: SiteBlackBox
Besedo
URL: www.besedo.com
Headquarters: Sweden
Founded: 2002 in Stockholm by Jesper Lilliesköld
About: A content-management provider for digital classifieds, Besedo uses a combination of technology and manual checks to ensure the authenticity of ad content content. Provides online content
moderation, fraud and abuse management, and customer service to online businesses. Specifically
classifieds, i-gaming, e-commerce and user-generated content sites, and Web-based financial services. The company has six offices and serves 15 countries.
Clients: Schibsted Classified Media Spain (Fotocasa.es, Coches.net, InfoJobs.net, etc); Leboncoin.fr;
Ebay Kleinanzeigen, Germany; Gumtree UK; Subito.it; Tocmai.ro; Bomnegocio.com; OLX Poland and
Brazil
Page 39
Vol. 16 No. 6
Imperva
URL: www.imperva.com
Headquarters: Redwood City, Calif. (U.S.)
Founded: 2002 by Mickey Boodaei and Shlomo Kramer
About: Data-security specialist focusing on physical, virtual and cloud-based data and database security, regulatory compliance, application and file security. Approximately 3,500 clients in 90 countries worldwide. Impreva delivers wide-ranging data protection services to
classifieds and other businesses. It provides tools for classifieds such as web app protection;
fraud prevention against phishing, malware, identity theft, etc; site scraping
Elca Informatique SA
URL: www.elca.ch
Headquarters: Switzerland
Founded: 1968 by Daniel Gorostidi
About: Privately held company, just sold to a group of private investors by CEO and President
Daniel Gorostidi. Specializes in the fields of software development, systems integration and
business consulting. Elca Group has additional offices in Zurich, Geneva, Bern, Paris, Madrid
and Ho Chi Minh City (offshore development). Elca offers several anti-fraud management, data protection (ELCrypt), multi-factor authentication solutions (ELC), online electronic signature services, and identity and Access Management Solutions.
Clients: FNAC, Manor, Migros, Manor, Nestlé
Page 40
Vol. 16 No. 6
ISpin AG
URL: www.ispin.ch
Founded in: 1999 by Marco Marchesi
About: Swiss public limited company, privately held specialized in data and information security. Offers companies assessments and audits, business security consulting, security solutions
engineering, security culture and education and managed security services. ISpin AG offers
several anti-fraud and security solutions, as for example its own solution “I AM Pocket” an Access management solution and is provider of worldwide renown Anti-Fraud Solutions providers
like RSA, Palo Alto, Cisco and Vordel.
Clients: Charles Vögele Trading AG, Coop, Denner, Spar Management AG, Swisscom IT Services, Sunrise
Company: Iovation
URL: Iovation.com
Headquarters: Portland, Ore. (U.S.)
Founded: 2004
About: This global online-fraud prevention and detection company works with finance firms,
retailers, online communities, classified publishers and dating sites. Its TrustScore tool assigns
a fraud-likely rating to all visitors to client sites. Scoring depends on the data platform of the
visitor’s device, transaction frequencies, and any fraud history. The network stops 200,000
fraud incidents daily, and has 3,000 active fraud analysts, the company said.
Clients: The company shares information such as fraud-identified IP addresses with more than
300 clients that include AutoTrader.com, Cars.com, Trader Media, Etsy, Poshmark and
Finn.no.
Page 41
Vol. 16 No. 6
Company: Distil Networks
URL: distilnetworks.com
Headquarters: Arlington, Va. (U.S.)
Founded: 2011 by Rami Essaid, Engin Akyol and Andrew Stein
About: A leading public and private cloud security provider that blocks malicious bots, or automated computer programs, attacking your website. The setup to stop bots is lightning–fast,
secure, and completely transparent.
Clients: The company has helped OnTheHouse.au, Australia’s only free property research portal, the Honoluly Board of Realtors, Tool King and StockTwits.
Kaspersky Lab
URL: usa.kaspersky.com
Headquarters: Moscow
Founded: 1997 by Eugene Kaspersky
About: Fourth-ranked Kaspersky Lab offers commercial and consumer security products, such
as anti-virus, anti-malware and firewall applications, in addition to security systems designed
for small business, corporations and large enterprises. Larger solutions include protection for
workstations, file servers, mail servers, payment gateways, banking servers, mobile devices,
and internet gateways.
Clients: With more than 270,000 companies protected by Kaspersky products, clients include
big names such as Ferrari, Strabag and Telefonica.
Page 42
Vol. 16 No. 6
Da Vinci Forensics
URL: www.davinciforensics.co.za
Headquarters: Cape Town, South Africa. It has staff throughout Africa.
Founded: October 2014
About: Da Vinci partnered with a number of companies to be able to handle a broader spectrum of problems. The main partners are Telexing, McAfee and Magix Security. Da Vinci has a
close relationship with the SA Police Service (the electronic intelligence division), which
works with Da Vinci when the company detects organized crime posts, or when it suspects a
crime syndicate may be at work.
Clients: Naspers and a number of others.
Ergon Informatik AG
URL: www.ergon.ch
Founded: 1984
About: Ergon provides security solutions and application development for finance, industry,
retail, telecom and the public sector. It’s Airlock Suite provides a Web application firewall
and other security measures.
Clients: Coop, Credit Suisse
AdNovum AG
URL: www.adnovum.ch
Founded: 1988 by Stefan Arn
About: AdNovum specializes in implementation of demanding IT projects, design, implementation and maintenance of software and security solutions. Nevis Security Suite (reverse
proxy, authentication, identity management and signature service). The EBPP Validator
(electronic bill presentment and payment) checks content provided by billing companies for
potentially dangerous content.
Clients: UBS, Sunrise, Post, Swisscom.
Page 43
Vol. 16 No. 6
Open Systems AG
URL: www.open.ch/
Founded: 1990 by Florian Gutzwiller
About: Open Systems AG is specialized in all kind of mission control security services, focusing on network security, application delivery, identity management and global connectivity.
Provides several Identity management solutions. Firewalls, Load Balancers, Web Single SignOn, DND and Global Connectivity Solutions.
Clients: Spiegel Verlag, International Red Cross, UBS and others.
InfoGuard AG
URL: https://infoguard.ch
Founded: 1988
About: Infoguard is manufacturer of Swiss Made Layer 2 and fax encryption. The company
provides consulting in security areas and has developed an Encryption and Authentication
software for mobile and web access. It has strategic partnerships with leading network and
security product manufacturers. Member of the Crypto Group
Clients: COLT Telecom Switzerland GmbH, Sunrise, Bluewin (Swisscom).
Page 44
Vol. 16 No. 6
Consulting Services for Interactive Media and Classified Advertising
Vol. 16 No. 6 Mar. 26, 2015
Naspers gains more Schibsted sites
Classifieds rivals now competing in only 5 countries
BY CHRISTOFFEL VOLSCHENK
And then there were five.
Last week, we reported that Naspers had acquired Asani.com.pk, Schibsted’s general classifieds platform in Pakistan (here), and said with Pakistan out the way, the number of countries in
which Naspers and Schibsted still compete had dropped to 10.
In our report we forecast that more countries would follow. But, we didn’t expect it to happen so soon. And we didn’t expect the next four countries to drop in one go. But that’s what happened.
Schibsted handed another three
of its general classifieds sites to
Naspers, namely BuenAcuerdo.com.ar
in Argentina, Tradestable in Nigeria and
Vende in Peru. Terms of the deal were
not disclosed; in fact, the arrangements
were not announced.
Then, Schibsted withdrew from
a fourth country, namely Egypt, where
the site 2Olli.com was closed. The short
explanation why the site closed says it
all: Because Schibsted thought there were enough sites in the market to serve the needs of Egyptians (freely translated).
Now there are five countries left: Tayara in Tunisia, where Naspers is active with Dubizzle;
Kufar in Belarus (OLX); LeBonCoin in France (OLX); Subito in Italy (OLX), and Segundamano in Spain
(OLX).
Until sometime last year, Schibsted operated two general-classified sites, LiaoMaiMai and LiuMaiMai, in China, where it was a nominal competitor to 58.com, Baixing.com and Ganji.com
Page 45
Vol. 16 No. 6
(among others, of course). But those sites are now dead. Naspers holds a 34 percent stake in the
Chinese portal Tencent, which in turn owns 19.9 percent of 58.com (NYSE: WUBA), which is a general-classified site.
We expect
two more countries to fall soon -- Tunisia and Belarus. In the rest
of the status quo
will probably not
change.
With Nigeria, Africa’s most
populous country,
now also in the hands of Naspers, one can’t help but wonder how long the Swiss media house Ringier
is going to hold out before it decides that Africa is Naspers territory for classifieds. (Meantime,
Rocket Internet is also trying to build a variety of classified businesses in Africa.)
With the merger of OLX with TradeStable, OLX.com.ng reported it had 148,000 listings. And
one can assume the Tradestable listings are still to be added. Against this merged giant, Ringier
steps up to the plate in Nigeria with its site Ady.ng with 14,000 listings. That’s a mismatch, if ever
there was one.
In Uzbekistan, meanwhile, the Naspers site is being rebranded next week --- from Torg.com
to OLX.uz. The site said the name change was the only thing that would change about the site. Its
app, design and functionalities will all be unchanged.
When the truce between Naspers and Schibsted was announced on Nov. 13 last year, the
players left the impression that that was the full extent of the
deal. Since then, the two companies have agreed to cooperate
in about 15 additional countries.
In the first week after the truce was announced, it wasn’t
possible to say with any certainty which company got the better
deal, if either one did. Today, with about 20 countries in the
truce deal, it seems pretty clear that Naspers has pulled the
better cards in the truce negotiations.
Could this be why Schibsted’s share price has been on a
downward trajectory lately?
Page 46
Vol. 16 No. 6
Job sites sprouting Down Under
Seek hangs on to top spot in Australia amid launchBY KATE LYONS
The Australian jobs listing market has seen a flurry of new competitors during the past
18 months, with start-ups all scrambling for a point of difference against market leader
Seek.com.au, whether through category specialization, stripped-down business models or reduced rates for advertisers via direct deals and pay-per-click models.
Seek still reigns supreme, however, accounting for one in four jobs listings in Australia,
22 percent of placements and as of 2013, 24 percent of the total market.
Among the start ups which have surfaced in
the past 12 months are SpotJobs, OneShift, Expert360 and Nvoi, all claiming to cater for specific
categories of job seekers. SpotJobs specializes in
entry level jobs for young workers in the retail
and service industries, Expert360 and Nvoi in professional sector contract positions, while OneShift
spruiks (means promote in Australian) its use of
detailed job-matching technology including criteria such as hair color, tattoos and smoking
status.
If that sounds a bit like an online dating site, dating site EHarmony has already spotted
the synergy, branching into employment advertising with a site called Elevated Careers. OneShift has also added a new specialization with its recent acquisition of mature-age job board
Adage, consolidating growth which has included $5 million in new investment and plans to
launch in New Zealand next year.
The highest-profile launches in the last 12 months have been the entry of U.S. site Indeed to the Australian market with a multi-million-dollar brand campaign vowing to shake up
the market and a move for Fairfax away from its dedicated job site, MyCareer, to Britishbased site Adzuna, launched in Australia in 2014. All Fairfax job search and online listings
shifted to Adzuna under a joint venture agreement reached late last year.
This segmentation of the job listing market into specialist sites reflects a fracturing of
the employment market itself, with permanent or long-term positions giving way to contract
work, flexible positions and project-based employment. In terms of new business models,
sites like Nvoi and Adzuna are stripping back business models to reduce costs, Nvoi through a
Page 47
Vol. 16 No. 6
cloud-based platform specializing in temporary and contract white collar recruitment using
direct engagement with hiring managers, thus eliminating agency fees, and aggregator Adzuna through a direct to employer pay per click model. Adzuna listings have gone from 80,000
at launch in January 2014 to 135,000 to date.
Raife Waite, co-founder and joint CEO of Adzuna, told AIM Group the deal with Fairfax
had been vital in gaining traction and visibility in what was virtually a monopoly market for
Seek. However with the rash of new start-ups, that could be about to change.
“Our big point of difference is that we are a free-to-list model. Our service is not limited to self-selection on site,” Waite said. “Every job-seeker gets sent directly to the employer and we can therefore offer a better cost-per-click rate.”
Recruiters push to Adzuna across a wide range of categories, and can make determinations on spend depending on volume. Individual cost-per-click prices are set for each category, there are no lock in contracts and advertisers have flexibility to vary their budgets based
on performance.
Waite says Adzuna is also building in features and widgets aimed at engaging job seekers with their employers' environments through social media like Facebook, as well as importing some features from its U.K. parent such as Value My CV.
In terms of market trends, Waite says more big corporate recruiters are choosing to go
direct to market rather than through recruitment agencies. He added that mobile marketing
and enhanced content were the areas to watch in the next 12 months.
Sarah Macartney, public relations manager for Seek.com.au, was unfazed by the rush
of new competition, telling the AIM Group that while Seek had seen many new businesses
come and go it had always maintained market leadership. She cited the fact that Seek delivers 22 percent of placements in Australia and boasts more than 28 million visits per month.
This compares to its nearest competitor's placement rate of 2 percent.
Half-year results for Seek Ltd. in FY15 showed 14 percent revenue growth and 7.3 percent growth in job ad volume in February this year against February 2014. This was despite a
rising unemployment rate and subdued macro-economic conditions, Macartney said.
She agreed that the uptake of mobile devices, portable apps and enhanced content had
dramatically changed the way both candidates and employers interacted with Seek, with over
59 percent of visits to the site now via mobile, up 34 percent year-on-year to January 2015,
and 20 percent of applications now coming through a mobile app.
“In response we have developed a seamless experience across devices, with candidates
able to search, create profiles and prepare applications on any device, and hirers able to access and manage ads and applications via mobile,” Macartney said.
Page 48
Vol. 16 No. 6
More news and analysis on AIMGroup.com
Reminder: We post news and analysis between editions of Classified Intelligence Report
on our website, AIMGroup.com. Here are some of the articles you may have missed:
When, how, will NextDoor make money?
It’s become quite common for social-media startups to spend years giving everything
away for free before introducing revenue drivers. Hyper-local online community NextDoor,
which has one-third of all U.S. neighborhoods on board, is no different. While we at the AIM
Group and others have been told that advertising is not in the offing for quite some time,
that’s the most obvious way for NextDoor to start filling its own coffers.
StreetFight looks closely at how this might play out, and is a bit critical … (Read more …)
Recommerce: Main competitor of classifieds?
Warning: This article by Christoffel Volschenk is full of observations, assumptions and
opinions, posted to stimulate debate on the changing competitive environment classified companies find themselves in today.
Please throw in your dime by sending an e-mail to [email protected].
First observation: The business model “self-sell” on classified platforms and the business
model “recommerce” compete head-to-head. It’s an either-or game. Every used product sold
to a recommerce player … (Read more … )
SpotAHome Closes Investment Round
Spanish property portal SpotAHome, founded last year, has closed its first external funding round. Novabrief named the investors as Gabriel Leupin (California), Charlotte Street Capital (London), and Howzat Partners (investors in Trivago, London). The amount of the round
was not disclosed, but according to the Novabrief report it is a six-digit figure.
Founded by Alejandro Artacho, Bruno Bianchi, Bryan Mc Eire, and Hugo Monteiro,
SpotAHome is a platform designed for direct booking of accommodation for a month or more,
and is aimed at people planning … (Read more … )
Page 49
Vol. 16 No. 6
Auto Trader U.K. shares soar on floatation
Auto Trader U.K.’s shares soared on their first day of conditional trading on the London
Stock Exchange last week. From an initial public offering price of £2.35 per share ($3.46 U.S.),
which valued the company at £2.35 billion, the share took just a quarter of an hour to hit
£2.65, before closing at £2.56, an increase of nearly 9 percent on the IPO price.
Floating 59 percent of the company raised £437 million for Apax Partners, which owned
the company outright after buying 49.9 percent from Guardian Media Group in 2007 and then
paying £619 million to secure the remaining 50.1 percent … (Read more … )
Apploi debuts job-posting fees
Video-focused recruitment mobile app Apploi, which just landed $7 million in venture
capital, has introduced its first revenue driver – posting fees.
While some early adopters are being offered a 50 percent discount, the initial fee for
any employer to post jobs is very small – $15 a month for unlimited job posts. Apploi now has
4,000 employer advertisers, with several thousand job seekers applying to their jobs every
week.
By email Apploi, shared these thoughts: We feel that now is the time where we have
proven (Read more … )
New Belgian real estate site will compete with Immoweb
Yet another attempt is being made to chip away at Immoweb’s market share in Belgium’s
competitive online real estate market. Shelterr.com was launched with a goal of providing superior user experience focused on “esthetics and ergonomics.” The site, with a freemium
model, caters mostly to professionals, and has user navigation and layout that are similar to
AirBnB – location and street view first, then prices and other features, such as seeing one’s
eligibility … (Read more … )
Page 50
Vol. 16 No. 6
Former EBay VP Payne new Tinder CEO
Chris Payne, who was an EBay executive for more than six years, has been named CEO for
dating site Tinder.
Pinder left his position as EBay Marketplaces VP in December.
He announced his new role with a tweet: “It’s a match! I swiped right on Tinder! So fired
up to work with @seanrad and the entire Tinder team.” (Read more … )
Chinese online above 10 % of 2014 retail revenue
Official data from China’s National Bureau of Statistics indicate that online shopping value accounted for 10.7 percent of the country’s total retail value in 2014. The total transactional value of the country’s online shopping market exceeded $253 billion U.S. (2.8 trillion
yuan) last year.
According to the latest data from IResearch, a market researcher focusing on the China
Internet industry, this represents a staggering year-on-year increase of 48.7 percent. It is expected that, with regards to current shopping trends … (Read more … )
Snapdeal in India to double its workforce
India ecommerce marketplace Snapdeal has announced plans to double its workforce by
the end of the 2015-16 fiscal year. The proposed increase to a 10,000-strong workforce across
verticals is necessary to support the company’s ambitious expansion plans.
Aimed at increasing delivery operations and capability, the plans are reportedly worth
$150 to $200 million. Regional centers are being established across the country to provide
proximity to customers, which will add to the more than 30 offices currently in operation. At
least 15 percent of the planned hiring will feed the supply chain and operations manpower
needs.
As part of Snapdeal’s growth strategy it has been acquiring Indian companies that will allow it to become a luxury goods site, moving from general consumer to a niche marketplace.
In February it acquired … (Read more … )
Page 51
Vol. 16 No. 6
MercadoLibre to grow 60 percent in 2015
Latin American ecommerce and technology company MercadoLibre, which also has a
growing classifieds business, expects to grow by 60 percent in 2015, Argentinian news agency Telam reported.
“We had a good year for ecommerce and we expect to grow between 58 and 60 percent
in 2015,” Sean Summers, marketplace VP at MercadoLibre, said recently. He said MercadoLibre (Nasdaq: MELI) grew 100 percent in Argentina in 2014 and forecast ecommerce to advance even more in the years to come, adding that ecommerce “is still … (Read more … )
Fatfish investment backs Seek challenger
Sydney and Singapore-based internet ventures firm, Fatfish Internet Group, has invested
$40,000 in Singapore dollars seed funding (A$50,000 / $36,500 U.S.) in online recruitment
start up Nvoi, launched in November as a disruptor to market giant Seek.com.
Fatfish is one of a number of investors contributing to a A$400,000 seed round in Nvoi
ahead of a planned public listing for the company this year. Nvoi is a cloud-based platform
specializing in temporary and contract whit- collar recruitment, targeting hiring managers in
… (Read more … )
Homely in Australia makes its bid
Melbourne-based property portal Homely.com.au, launched in late 2013 as a banner-ad
free alternative to traditional real estate portals, has launched its first consumer campaign,
luring buyers with promises of unrestricted search capabilities and comparative freedom
from unwanted marketing. The consumer campaign includes billboards on Melbourne’s West
Gate freeway, as well as ad shells, direct marketing and online social marketing.
At launch Homely had 1,700 real estate office sign ups and 100,000 listings, with real
estate principals paying for “whole office” sign ups rather than for individual listings. Lower
costs for property portal advertising are promoted … (Read more … )
Monster, Kalaydo partner with Kleinanzeige.focus
Earlier this week we reported (here) Kleinanzeige.focus.de, the classifieds search engine for Germany operated by news site Focus Online, was on a path of explosive growth.
Feedback on our article now enables us to explain in more detail what has happened at the
site since its launch about five months ago. According to a source, at launch the traffic goal
for the site was 2 million Google Analytics sessions per month by the end of 2015. … Four
months after the launch traffic approached … (Read more … )
Page 52
Vol. 16 No. 6
LinkedIn ads stink, says SEM expert
According to search engine marketing expert and WordStream founder Larry Kim,
LinkedIn ads “stink” because LinkedIn’s marketing of them and marketing delivered by them
are also odoriferous.
In a Small Business Trends article, Kim points out that LinkedIn’s 93 million “active” users
only generated $153 million in advertising revenue for LinkedIn in the … (Read more … )
Social media huge classified competitors
You’d have to have your head deep in the sand not to have noticed that major social networks are getting ready for (or have already started on) an evolution to marketplace, launching or acquiring various revenue inducers and / or marketplace tools. A classified or marketplace publication or group that ignores this trend does so at its own peril.
Here is a sampling of the important moves Facebook, Instagram, Twitter and Pinterest
are making: (Read more … you’ll have to be signed in with your AIM Group client ID.)
Zillow launches Agent Finder review product
Zillow has introduced a new agent ratings product that takes aim at the Achilles heel of
Realtor.com – its lack of reviews because members and the National Association of Realtors
don’t want them there. While Realtor.com has a poor-cousin recommendations feature, it has
yet to debut anything that is a truly-reliable view of agents by those who’ve been their clients. (Read more … )
Avito --- the insiders' story
The two founders of Avito.ru, the Russian classified powerhouse, “tell all” in a 45-minute podcast with BreakIt.se, a
new Swedish site. They talk about their difficulties, their mentors, and their plans to go public. Unfortunately, the podcast is
in Swedish --- so it may be tough for you to understand, unless
you know the language. We’ve got you covered: Lars Herlin,
our terrific writer / analyst for the Nordic companies, has listened to it and written it up. We’re editing his report as we
wrap up this issue. It’ll be on our website, AIMGroup.com, latAvito founders:
er today. It’s worth reading.
Jonas Nordlander
Filip Engelbert (rt.)

Sites upgrade arsenals to battle cyberwolves in sheep`s

Transcription

Similar documents

go.bbb.org/hi-isthisforreal - Hawaii Credit Union League

Untitled - cuentasclarasdigital.org

, ” President`s Message

Coders` Role in Anti-Fraud Investigations

BOTW-PowerPoint Template-Corporate Standard-Bear

Presentation () - Association of International Education

As cars get smarter, so do buyers and sellers

Firehouse hosts Great Big Home Show

Fraud in Today`s Fraud in Today s Economic Environment