Sites upgrade arsenals to battle cyberwolves in sheep`s
Transcription
Sites upgrade arsenals to battle cyberwolves in sheep`s
Page Vol. 16 No. 6 Classified Intelligence Report Consulting Services for Interactive Media and Classified Advertising Vol. 16 No. 6 Mar. 26, 2015 Fraud and abuse in classifieds — Special report Sites upgrade arsenals to battle cyberwolves in sheep’s clothing AIM Group illustration: Shiniko Floyd © © 2015 2015 Advanced Advanced Interactive Interactive Media Media Group Group LLC LLC [email protected] [email protected] +1-407-788-2780 +1-407-788-2780 Page 2 Vol. 16 No. 6 Classified Intelligence Report Executive Summary Fraud cost Internet companies almost 1 percent of revenue in 2014, a LexisNexis study showed, and it might become worse as crooks learn new ways to rip off companies and consumers. It’s not just the impact on revenue that matters. A bad reputation on safety and security issues can damage a site --- perhaps permanently. Certainly, Craigslist has been hurt by the 84 killings that have been linked to Craigslist transactions and the thousands of rapes, robberies and rip-offs that have injured its users. In this issue, Classified Intelligence Report takes a look at fraud and abuse, how it is accomplished and --- most important --- how classified companies can fight it. Like the old fable about “wolves in sheep’s clothing,” cyberwolves disguise themselves as ordinary customers and as legitimate companies to trick users out of profits and cash. They set up fake Web pages and steal identities. They advertise jobs that don’t exist. They copy listings from other sites or information from other listings, and present them as their own. But classified sites are fighting back. They use GPS technology to locate frauds. Set up computer programs that detect suspicious patterns of use. Track IP addresses to determine which could belong to fraud artists. They check identities against data on social media. And much more. In this issue, we have reports from auto dealers in the U.S. identifying fake ads; digital display advertisers fighting cyber “bots” in the UK; fake jobs ads in Australia, counterfeit products in China, and multi-pronged attacks in Russia from malevolent viruses, data attacks, fake profiles and other scams. Two quick quotes: “Those who fail to adequately protect their sites and their customers [will] be picked off, either by scammers themselves or by customers losing faith.” And, “When we get a fraudulent ad we just kick it off the system. We don’t say anything to the advertiser because if you give them information about why ... they will do it better the next time.” The McAfee security company estimates cybercrime cost the world at least $400 billion last year. The figure this year will depend on who works the hardest to outsmart the other --- the crooks or the businesses. This issue provides a snapshot of security efforts to block fraud and abuse worldwide. It should give you insight into how you can protect your business, your users, your website and yourself. You need software, hardware and people to do the job right. By the way, the “SafeTrade” initiative we launched earlier this month to help classified sites protect their users has received significant attention. We encourage all classified sites --- clients or not --- to offer SafeTrade. Call us or email us for more details. It’s free, and it could save a life. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 3 Vol. 16 No. 6 classifiedintelligence report Peter M. Zollman, Founder, Executive Editor [email protected] Katja Riefler, Principal, Managing Director [email protected] Jim Townsend, Principal, Editorial Director [email protected] Patrick Peterson, Editor [email protected] Christoffel Volschenk, Editor EMEA [email protected] Senior Consultants Senior Analysts Konstantin Kalabin Gareth Lloyd Mark Whittaker Sharon Hill (U.S.) Lars Herlin (Scandinavia) Kenny Kinako (Africa) Brian Blum (Canada, Israel) Western Europe Alessandra Ritondo Cila Warncke Cristina de Barros Gérard Esteve Anastasia Gnezditskaia Latin America Léo Siqueira U.K., Ireland Sean Hargrave Eastern Europe Andrzej Sowula Pavel Marceux Turkey Emre Dalkilic Middle East Talal Abu Issa China Don Gasper India Sourish Bhattacharyya Africa Sam Wakoba Mamello Masote Southeast Asia Emmy Abdul Alim Australia Kate Lyons Mary Biddle, sales—U.S., Australia, Asia [email protected] Luke J. Smith, marketing [email protected] Diana Neatu, sales / marketing EMEA [email protected] Carla Reyes, director of client services [email protected] Neil Skene, associate publisher Published twice monthly, except once in December, by Advanced Interactive Media Group LLC. This publication may not be reproduced in any form, in whole or in part, except by licensed clients. Classified Intelligence Report occasionally covers companies that are clients of the AIM Group. We make every effort to ensure that our editorial content is objective and is not compromised by any client relationship. 402 Spring Valley Road Altamonte Springs, Florida, USA 32714 Classified Intelligence Report Contents: Lead Story: Online classified businesses in the United States seek new ways to tackle fraud, abuse. Page 4 Page 11. Backpage, well-known for carrying “adult advertising,” reaches out to law enforcement with homegrown, police-friendly search technology to fight fraud. Page 14. Digital display advertising grows in popularity, but viewability, fraud remain problems. Page 16. Buying or selling scams on classified and auction websites robbed Australian consumers of nearly $11 million last year. Page 19. Government criticism of top online shipping sites in China ignites an unprecedented public spat. Page 21. Longtime veterans of cyberattacks, Russian firms such as Yandex and Avito lead the way in prevention techniques. Page 24. Spain's leading auto, real estate, employment and generalist classified companies reveal specific challenges posed by scammers and common solutions. Page 27. OLX.pl, Poland's largest general classified site uses several methods to combats fraud. Page 29. Allegro.pl, the largest auction site in Poland and Central Europe, reveals methods of protecting users against “perfect crimes.” Page 31. Portugal’s Net-Empregos is a case study in doit-yourself fraud detection. Page 38. Vendors who offer fraud prevention technology and services. Page 44. Naspers quickly acquires five more classified sites from Schibsted. Page 48-52. More news, analysis from AIMGroup.com. +1 407-788-2780 Fax +1 866-611-6551 © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 4 Vol. 16 No. 6 Classified Intelligence Report New weapons against online fraud Businesses use GPS, check IDs with social media BY SHARON HILL Online merchants have developed new tools to prevent fraud, such as checking GPS, tracking usage patterns and monitoring IP addresses, but cybercriminals still take an average of .68 percent of the world’s GDP, a figure that grew by a third in 2014, according to a report by LexisNexis. Businesses are willing to accept losses of about 2 percent to cybercrime before they take action, said a study by McAfee security company. Nearing that threshold, many online classifieds businesses are looking for new ways to stop fraud and abuse. Most classified scammers rely on an old script: “I’m sending you a check or money order that’s far in excess of your asking price, so cash it, keep what I owe you and send me back the balance,” goes the story. Then, of course, the worthless check is returned by the bank and the customer must cover the debt. Sometimes the merchant is stuck with the bill. Fraudsters still try to sell cars and other items long distance that they do not have, and they’re still renting out zombie houses that they don’t own or manage. The long-running overpayment scam has a new variation that involves job seekers, and, according to ScamBusters.org, is perpetrated primarily on Monster.com and CareerBuilder. The job seekers are asked to cash a large check, buy an airplane ticket and send the balance to the fake office. They get stuck when the check bounces. Fighting the fraudsters To protect its customers, EBay Motors offers car shoppers the EBay Motors Vehicle Purchase Protection program, which returns up to $50,000 in losses associated with some types of fraud. Buyers are automatically enrolled in the program at no charge when they purchase an eligible vehicle. The “some types of fraud” condition protects EBay from the scammers that advertise on Craigslist and fraudulently offer the EBay Motors Vehicle Protection to prospective buyers. EBay has made it clear that it only reimburses for transactions conducted on Motors.Ebay.com. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 5 Vol. 16 No. 6 Classified Intelligence Report The onslaught of rental scams will probably continue until most of the nearly 143,000 RealtyTrac-reported zombie properties are sold. The most prominent scam involves a fraudster copying a real estate listing from a prominent real estate site, and placing it as a rental ad on a free classified site. The alleged “landlord” claims to be outside the area but willing to accept a deposit long-distance. Unwitting renters move in, pay rent, and stay until the legitimate real estate agent comes by to show or check on the property, and finds the illegal tenant. In some cases the fraudster accepts deposits from several folks, who aren’t aware they’re not the only new tenants until they all show up to take possession of the same property at the same time. Eye on the IP address One major clue to this and other types of classified fraud is the use of IP addresses outside the U.S. Trulia is just one of the many industry sites that keeps an eye on the IP address of every poster. According to Pierre Calzadilla, who recently left Trulia to become director of strategic partnerships at RealScout, 99 percent of listings posted to U.S. classified sites from outside the U.S. are fraudulent. (What a tip-off!) Linda Criddle, president of online safety service LookBothWays Inc., said sellers must be mindful of this too. “Understand that virtually every out-of-area buyer is a fraud,” the Microsoft online-safety veteran told the AIM Group. The most common recruitment-advertising scheme involves business-opportunity ads requesting upfront payments of desperate job seekers. A Phoenix-based television investigation team was alerted to a scam ad running on CareerBuilder, one that a savvy job applicant recognized. The alleged employer was seeking a mystery shopper. An Arizona woman applied. She then received a package in the mail that included a $3,000 check, $300 of which was hers to keep. The rest got sent overseas once the check was cashed. She knew something was awry and contacted NBC affiliate Channel 12’s On Your Side consumer service team. CareerBuilder took down the ad. How to stop it CareerBuilder monitors accounts to make sure the activity associated with them is normal. "We have a team dedicated to monitoring job postings and resume database purchases to verify information on each account,” a CareerBuilder spokesperson told Channel 12. “We © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 6 Vol. 16 No. 6 Classified Intelligence Report apply both proprietary software and manual monitoring to immediately identify heightened activity or excessive usage on an account. If abnormal activity is found, the situation is promptly investigated. To protect privacy and mitigate risk, we scrub our resume database, masking sensitive information job seekers may include in their resumes such as social security numbers. This means only telephone-book type data would be available to viewers. For every e-commerce purchase, the job or resume database application is held in a queue. Our Tips for fighting cybercrooks Trust and Site Security team reviews them In the ad, stick to the facts about the item beand then takes them active if they meet our ing sold. Avoid giving information that identifies you, except what is strictly necessary. requirements.” LinkedIn fights back Photos should only include the item being sold — not house numbers, license plate numbers, or pictures of family members. LinkedIn has had an ongoing problem with fake profiles and personal abusers. The latter was significantly reduced in February To accept phone calls, use a free disposable 2014, when the network succumbed to user mobile phone. Your own number can lead to pressure and gave members the ability to block later harassment. A landline can give away your address by way of a reverse directoother individual members. Fake profiles are still numerous, however, and have resulted in a recruitment scam. Mike Harrison, Mid-Missouri regional director for the Better Business Bureau in Columbia, Mo., recently took to the airwaves to warn job seekers. His office had received several complaints of fraudsters setting up bogus LinkedIn profiles to present themselves as recruiters. ry. (Some sites, like AutoTrader.com, offer their advertizers anonymized numbers.) Create a free anonymous email address for your ad, so you don’t give away personal information or set yourself up to be harassed later. (Some sites, such as Craigslist, offer their own anonymizing email address to advertisers.) If you’re selling a bigger-ticket item, meet at a police station or a bank where you can deposit the money before leaving and where security cameras will record your transaction. “They’ll reach out to you, tell you ‘Hey, you’ve got the skills for a couple of different positions that I’m looking for. All you’ve got to do is fill out a form for us by clicking this link,’” Harrison told the WBCZ radio audience. “You really want to be careful with that.” According to the BBB website, these fake recruiters send messages that include a link to a legitimate-looking website. This site solicits financial and personal identifying infor- © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 7 Vol. 16 No. 6 Classified Intelligence Report mation, such as Social Security numbers or dates of birth. The scammers use the information to install malware on the applicant’s computer, steal his identity, or access her bank account. The BBB, among other tips, tells LinkedIn members to be careful about who they add to their network. “Search for the recruiter’s picture,” the site advised. “Scammers often use a fake, generic photo and you can most likely find the photo elsewhere.” A BBB spokesperson told the AIM Group by email that it has no information on anyone actually being victimized. The folks reporting to them are those who have recognized the scam and not participated. LinkedIn finally filed a lawsuit against fake profilers who used bots to scrape identifying information from its members. The case in U.S. District Court in Northern California, LinkedIn v. Robocog, outlined LinkedIn’s three fraud-prevention tools: Fuse, which limits the activity one user can conduct on LinkedIn; Sentinel, which monitors suspicious IP-specific activity; and UCV, which sets parameters to prevent data scrapers from creating multiple profiles. On July 11, 2014, the case was settled, with Robocog admitting its data-bot scraping, agreeing to stop, and destroying all fraudulently-gathered information. Robocog was ordered to pay LinkedIn $40,000 in damages. Cars.com fights back Classified business advertisers are sometimes the victims of fraud as well. On an online automotive community, an auto dealer recently posted: “Attention Cars.com customers: If you received an email asking you to update your account credentials it has all the marks of a phishing scam. I would avoid logging into any Cars.com dealer portal sites without checking with support first. It will ultimately be less of a headache than having your dealer account temporarily compromised.” Cars.com VP of Operations Josh Chapman told the AIM Group that the threat had been eliminated. “Cars.com proactively works to address fraud prevention,” he said. “MyDealerCenter is a secure website. Suspected phishing issues, though infrequent, are monitored and resolved in near real-time by our dedicated Fraud Prevention team. This specific phishing email was limited to a small group of dealerships and has been flagged. We’ve notified our team of dealer consultants and have resolved all related issues.” Despite what the sites do to prevent fraudulent schemes from ever appearing on their pages, or implementing to get them quickly removed after posting, consumers need to take steps to ensure their safety. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 8 Vol. 16 No. 6 Classified Intelligence Report Surprisingly, Criddle of LookBothWays, was more critical of newspaper classified sites’ fraud and abuse prevention than she was of that offered by Craigslist and Backpage. “There’s a tremendous amount of sex trafficking on the huge legitimate newspaper sites,” Criddle told the AIM Group. “I recently reviewed five major metro newspaper’s websites, including their classified pages. They wrote news articles about the horror of online sex trafficking but their own classifieds weren’t doing any better [than the sites they reported on.] In fact under the scrutiny of the attorneys general and the public press and lawsuits, Backpage and others had to put some control mechanisms in place that weren’t in place on these newspaper sites.” Mobile access increases dangers Mobile access and mobile transactions have risen steadily for classified and marketplace sites and show no signs of slowing. This has enabled more fraud prevention than was possible via desktop access. Some front-runner vertical-specific sites such as Zillow, TrueCar, Realtor.com, Homes.com and Indeed report more than half of their visits and transactions are conducted by smartphone or tablet. EBay mobile commerce in 2014 totaled $27.9 billion, representing 34 percent of total volume, and PayPal conducted 1 billion mobile transactions in 2014. Auto marketplace TrueCar concentrates nearly all its product development on mobile. Additionally, there is a growing trend towards mobile-app classified and marketplace startups, especially for stuff transactions —– neighbor buying, selling or trading with neighbor – and hiring. Notable new apps include Switch for text engagement between job seekers and hiring firms, and social service / gig site Thumbtack, the recipient of $130 million in venturecapital funding. TradeYa is a stuff app that offers safe, currency-free swaps. TradeYa claims improved safety because its user profiles are verified by way of prominent social networks, such as Facebook, Twitter and LinkedIn. ComScore co-founder Gian Fulgoni recently presented The State of the Mobile Industry at the Mobilize Your Mind summit. He made these points: On leading media properties, at least 30 percent of monthly visitors access via mobile. App usage represents 52 percent of digital engagement. More than one in seven digital commerce dollars are spent on mobile devices, and that number is growing. In the last two years, U.S. mobile commerce spend grew from $4.5 billion to $6.8 billion, according to ComScore. Clearly, mobile is a front-and-center classified and marketplace tool, and as such needs a front-and-center mobile fraud-deterrent approach. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 9 Vol. 16 No. 6 Classified Intelligence Report Stopping fraud on mobile with GPS Fraud-service vendor Iovation, whose classified and marketplace clients include AutoTrader.com, Trader Media, Cars.com, Etsy, DoneDeal, Finn.no and Poshmark, has just such an approach. One of its most prominent mobile tools involves the use of the phone’s GPS, which indicates where a user is really located. The vendor’s 2014 Mobile Report – Trends and Impact concluded that mobile would become a second-step safety tool, with verification by text and QR codes. Online businesses would soon start to ask customers to register their mobile devices to help stop fraud and protect their identity, researchers predicted. “Those will be general site safety features,” Iovation business development representative Jay Johns told the AIM Group. Johns said the proprietary help Iovation offers is device pairing and authentication. “If one user is continually going online by way of the same devices it makes no sense to have them authenticate over and over again,” he said. “We recognize all the devices the one visitor uses regularly. But the real difference in the way we approach mobile is the way we identify the device and run our technology to create a digital fingerprint. Telling publishers that this is Android or IOS and that it’s using a spoofed device sitting in Ghana is really powerful. Thousands of times a day we find devices like this.” Johns described classified sites’ efforts to prevent fraud as “not so much a science as an art.” He described publisher decisions to block advertisers as a little ambiguous. “They look at a certain five ads and say, ‘None of these are good,’ and turn them off,” he said. “If the device comes back and tries again they will put up some error message to the advertiser and an 800 number to call for help, which routes to a fraud specialist.” That 800 number isn’t always the fraud deterrent the publishers hope for, however. “In classifieds, scammers are pretty brazen,” Johns said. “If they can get $20,000 for a Corvette that doesn’t exist, why not try? On the other hand, the classified operators are used to them and pretty savvy.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 10 Vol. 16 No. 6 Classified Intelligence Report Buyers, sellers must get pro-active The evolution from classified rich-media luddites such as Craigslist to social-profilefocused marketplaces such as ByOwner.com, NeighborGoods and the thousands of marketplace-focused Facebook Groups theoretically creates a safer online buying experience because people get to know each other. Criddle doubts those profiles offer much safety, however. Instead, consumer ratings top her buyer safety list. “There are people who create entirely fictitious profiles,” Criddle said. “That’s very easy to get away with unless someone does deep research. Besides, if I’m buying or selling something legitimate I don’t care who you are. I only care if you have a good reputation.” Criddle praised both EBay and Amazon for their fraud prevention tools. “If an EBay seller has a 99 percent rating and has sold more than three items to folks other than his brother, has offered the service for a long time, and has great reviews, I can be fairly confident,” she said. “And on Amazon next to some reviews you’ll see verified purchaser. That’s very helpful. The seller sees that Amazon knows who these folks are and that they really bought the products they say they did.” The latter is an important deterrent to what ECommerce Bytes described as EBayprominent liar buyer fraud. The fraud is perpetrated by online buyers, who receive the item they order and then persuade EBay that it never arrived, soliciting a refund. According to PayPal, 25 percent of its fraud claims come from liar buyers. A new report by former PayPal executives, titled Liar Buyer Fraud and How to Curb it, determined that showing a user in the process of filing a dispute that her computer is recognized, and his location is known was an effective deterrent. In the 855-subject experiment the fraud was dramatically reduced by this tactic. ECommerceBytes was critical of EBay for not allowing sellers to share the identities of these liar-buyers with each other. EBay failed to respond to our request for comment. Classified and marketplace sites have numerous automated and manual fraud deterrents in place, and the growing use of mobile for classified transactions should enhance these efforts. However, what sites and their vendors implement to prevent fraud isn’t enough. “No site comes even close to doing the best it could because they look at it as a cost / benefit tradeoff,” Criddle said. “Only 1 percent of their visitors have a bad experience. They have to determine where their financial pain point is, and where the media focus is, to determine how much to spent on fraud prevention.” So, while classified and marketplace sites make significant efforts to prevent fraud, buyers and sellers still must take responsibility for their own safety. They must implement online safety measures of their own. The sites simply will not do it all. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 11 Vol. 16 No. 6 Classified Intelligence Report Backpage, cops unite in fraud fight Site shares homegrown tech with law enforcement BY BRIAN BLUM With many listings prone to potentially illegal activities, how does Backpage keep its users safe and its activities aboveboard? Simple. The company is quick to go to law enforcement and has developed its own fraud-prevention techniques, which they share with the police. Backpage general counsel Liz McDougal granted the AIM Group a comprehensive interview. She has been with Backpage three years and formerly counted Craigslist as a client in her own legal practice. Despite calls to shut down the site due to its “adult content,” McDougal said Backpage provides an “invaluable service to law enforcement” through the specialized fraud-busting technology it has developed along with a strict manual review methodology. Indeed, other classified sites grappling with fraud and abuse issues should pay attention. Backpage is perhaps best known for being the leading U.S.-based online business to carry “adult advertising” – escorts, massages, models and the like – along with cars, jobs and furniture. According to the AIM Group’s research, in 2013 Backpage accounted for over 80 percent of adult advertising among the five U.S. websites we track, earning just over $31 million for the year from such ads. The bottom line for everything Backpage does in this area, McDougal told the AIM Group, is that the company constantly has law enforcement in mind. First and foremost, that means being fast. If law enforcement sends a search warrant or court order to Backpage for a certain record, Backpage usually gets it to them in less than 24 hours. “Other sites can take weeks, which is a great frustration to law enforcement, because if they have an active investigation going on, that information will often be too stale by the time it gets there,” McDougal said. Backpage’s homegrown technology can zip through its records rapidly by employing the search terms that are most commonly used by law enforcement. “Except in some really rare instances, everything is automated and can be done with a few clicks of a button,” McDougal said. When Backpage generates a report for law enforcement, its system lays out everything in a format that makes sense. “We don’t just place all the ads in one pile and the invoicing in © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 12 Vol. 16 No. 6 Classified Intelligence Report another pile and ask them to sort through it,” McDougal explains. Advertisements, administrative information and invoicing are all grouped together logically. If that isn’t clear enough, Backpage has also created a guide specifically for law enforcement professionals to explain what’s in Backpage’s reports. “We know that records that might be meaningful to us could be hard for someone else to decipher,” McDougal said. “So we provide a guide that explains what Backpage this box or that field means, rather than forcing law enforcement to call us for an URL: www.backpage.com Owner: Backpage.com LLC explanation.” Headquarters: Dallas Backpage developed these police- Launched: 2004 Traffic: 37 million users across all sites, 7 million friendly systems to counter some of the criticism. It happened in the early days of ads the company, and McDougal said it’s now Revenue: $31 million (2013) No. of employees: 160 part of company’s DNA. “We’ve been doBusiness model: Mix of free and paid classified ing it so long and so well now, that the listings. Privately held company recently purchased value we provide to law enforcement has by unidentified company in the Netherlands. become its own motivating factor. When Bottom line: Top free and general merchandise we talk with law enforcement, it’s clear classified site most distinguished by inclusion of adult listings. Became leader in this area when how we’re helping them to find missing persons, track down victims and actually Craiglist dropped the category in 2010. make convictions. We know we can’t stop all the fraud ourselves. So, we report illegal activity, we do what we can on the prevention side, and we devote significant resources to help law enforcement.” While Backpage operates within the confines of U.S. privacy laws, which require that law enforcement agencies need a court order, search warrant or subpoena before Backpage turns over most user data, if Backpage detects a posting that it deems blatantly illegal, exploitive, or in particular, one that involves children, the company proactively contacts law enforcement ... often within minutes. “We do ask that they file the proper search warrant documentation after the fact,” McDougal said. Automated filter Backpage’s approach to abuse, fraud and safety on the site is not just reactive. The company has in place a multi-step process for catching questionable content before it ever gets sent to law enforcement. First in that process is an automated filter that has over 95,000 words, phrases, code words, email addresses and some IP addresses that will automatically reject an ad if a flagged term is detected. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 13 Vol. 16 No. 6 Classified Intelligence Report In “gray” cases, where it’s not immediately clear if a post is illegal or inappropriate, the ad is sent to a violation queue where it is manually reviewed by a moderator. Every posting in the adult and dating categories gets the manual treatment before being allowed to go live on the site. “We are looking first and foremost for any indication an ad may involve a child or any kind of human exploitation, labor or sex trafficking,” McDougal said. If a moderator sees something that triggers concern for a child’s safety, it is “escalated to a supervisor who reviews it and, if appropriate, makes a report to law enforcement or to the National Center for Missing and Exploited Children.” Backpage sends about 600 reports a month to NCMEC. About 100 out of Backpage’s 160 Dallas-based staff are moderators. BackPage’s parent company was bought in December by an unnamed Dutch firm, but no changes in Backpage operations (such as offshoring moderation staff) are expected. Backpage CEO Carl Ferrer will continue leading the company. Second review and moderators Once an ad clears that first level of manual review and goes live, it is subject to a second manual review by a different group of moderators, McDougal said. “There isn’t a mathematical or scientific formula for identifying an ad for prostitution or labor trafficking, so it’s the old adage that two heads are better than one.” Backpage’s final check relies on users. Every listing on the site has a “Report this ad” button with three options: “Wrong category,” “Over posted / spam” and “Inappropriate or illegal content.” If the last option is chosen, the system grabs the URL of the page and sends it straight into the violation queue for a moderator to review. On the user side Backpage invests in education on “how to avoid scams and fraud, what to watch for, and how to be safe in one’s transactions,” McDougal said. There’s a page on “Safety” which is linked to from throughout the site. There’s even a warning against Nigerian prince scams, which occasionally migrate from email to Backpage. There’s been no collaboration between Backpage and other classified sites to share and improve safety, McDougal said, because it’s hard to collaborate with a classified site that is being targeted by an NGO or elected official. It happened when Craigslist was under attack for trafficking issues. “People didn’t want to be associated with Craigslist then,” she said. “Backpage is in a similar boat.” That’s a shame, because there is always more fraud to combat. “We have people do spot checks on every category on the site,” not just the adult posts, McDougal said. But with 7 million ads across all of Backpage’s hundreds of local websites in 88 countries and with 37 million users visiting each month, “it’s like a game of whack-a-mole. It’s very difficult to discourage the scammers.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 14 Vol. 16 No. 6 Classified Intelligence Report Display ads face double dilemma Viewability, fraud issues may affect up to 80% of ads BY SEAN HARGRAVE Though digital display advertising grows more popular and lucrative, it has two big problems: viewability and fraud. In the former, an ad may be placed too low on a page for it to be seen. In the latter case, an ad may be displayed on a fake site set up by criminals to con advertisers. Either way, the advertiser does not get a message in front of a potential customer. As Steve Chester, director of industry programs at the Interactive Advertising Bureau UK, concedes that nobody knows how big the problem is, but all agree it is huge. “It depends whose figures you look at, but I’ve seen estimates that vary between 3 percent and 80 percent of digital display won’t be seen because of viewability issues or fraud,” he said. “It can sometimes seem like people are just using a random number generator but it’s safe to say it can vary greatly on how and where people buy their display. Some respected sources, such as comScore, typically come in at around a third or a half of display not being seen because of fraud or viewability.” Viewability is a relatively simple issue, now that the IAB in the UK and U.S. have agreed to a standard that a brand should only be charged for an advert if at least half of an ad’s pixels are on the computer screen for a second. Anything less and everyday technology will measure it as not having been delivered and the advertiser will not be charged. Training ‘bots to steal Fraud is far more complicated because cyber criminals are smart. They use malware to infect a computer and force it to visit many sites so it can pick up lots of cookies on its way around the web, making it an attractive proposition to an advertiser or rather an advertiser’s technology. The next step is for the criminal gang to launch a series of sites which are typically filled with content automatically cut and pasted from other legitimate sites. Spaces for adverts are left and these will often have many adverts crammed into each window either by shrinking each piece of creative to a single pixel or running adverts full size but with many piled up, one behind the other. This means the fake site can offer each advertising slot to multiple advertisers through a variety of advertising exchanges. It then sends its thousands upon thousands of bots to visit © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 15 Vol. 16 No. 6 Classified Intelligence Report its fake sites and brands can then be duped into bidding for the opportunity to present an advert to what appears to be real people visiting a real site. Unlike viewability, there is no standard metric yet agreed by the IAB in the UK nor the U.S., although both bodies are working on definitions which he believes will lead to certification programs by the end of the year or, more likely, the start of next year. Then, as now, the responsibility will be on each brand to ensure they get the exposure they have paid for on sites where it can be viewed by a customer in a brand-safe environment. That is the advice of Niall Hogan, managing director of Integral Ad Science, a company which can detect viewability and fraud issues. “It’s vitally important that any brand advertising asks the agency buying their media what technology they have in place to ensure they measure viewability, detect fraud and ensure ads are seen in a brand-safe environment,” he said. “If not, you could be wasting so much budget without realizing it. You’ll find some companies are specialists in viewability, some go for anti-fraud and some do both. It’s down to you to ensure the technology is applied to your campaign or you could be throwing away thousands of dollars per month on ads nobody will ever see.” A growing problem It is an important factor for the big portals to look out for on their own site but also when they run display campaigns to raise awareness of their brand names on third party sites, said Phil Kissane, Managing Director of digital marketing agency, Stickyeyes. “A lot of classifieds companies, just like any other, are increasingly using display to get their name familiar with the public,” he said. “That’s why you see so much creative prompting people to search for a specific term. The aim is to ensure you search for their brand name or a product name and then if you see them crop up in the search results you’ll select them. This not only gets the brand the traffic but Google gets to see they’re a popular brand that they should rank towards the top of their natural listings.” Given that only around one in a thousand Web users will ever click on an advertisement, display is all about awareness rather than direct response. It makes it necessary, then, that advertisers ensure they get the media they are paying for and that, as publishers, classified sites do everything they can to block fraud and measure viewability. In the absence of firm guidance from the IAB in the UK and U.S. that will lead to accreditation schemes for vendors before next year, the responsibility truly is on advertisers to check how they are being protected and for publishers to be able to offer an assurance brands are protected. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 16 Vol. 16 No. 6 Classified Intelligence Report Australia a fertile ground for scams Losses on classified, auction websites hit $11 million BY KATE LYONS Scams accounted for more $90 million in losses in Australia in 2013-2014, with $64.5 million lost in Internet scams alone between January and October last year, according to research by the Australian Competition and Consumer Commission (ACCC) and the University of Canberra's Centre for Internet Studies. Buying or selling scams on classified and auction websites robbed Australian consumers of nearly $11 million last year. Professor Nigel Phair, former Australian Federal Police cyber-fraud expert and director of the centre, said “buyer-side” fraud was at present growing faster than seller-side fraud. Common classified frauds included scammers asking for upfront payment while pretending to live overseas or attempts to gain a seller or buyer's trust with false documents, false identification and elaborate background stories. Recruitment and automotive classifieds are particularly ripe picking for scammers, with the Australian Government's online safety and security website, Stay Smart Online, issuing a warning last year about fake recruitment advertising which actively targeted job seekers for both identity theft and use as “money mules,” a form of money laundering. The Queensland Office of Fair Trading also highlighted classifieds ads late last year when it warned consumers about a sophisticated scam involving fraudulent shipping business websites. Queensland Fair Trading Executive Director Brian Bauer said scammers were listing fake advertisements for second-hand vehicles, caravans and boats on trading websites and in local newspapers. When buyers made contact, they were told the seller had moved overseas but that the goods were being held by an Australian shipping company. Scammers used a website and company name which mimicked a legitimate shipping company and consumers then paid for goods which did not exist. Security shortfall Phair told the AIM Group that the classified advertising sector in Australia had been fairly slow in attempting to safeguard its sites against these types of fraud and that not enough site owners were willing to invest properly in anti-fraud measures and software security. “Not having a safe and trustworthy online experience diminishes consumers' desire to fully embrace the Internet for commercial activity,” Phair explained. “E-commerce providers © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 17 Vol. 16 No. 6 Classified Intelligence Report and networking sites need to do much more to reduce the likelihood of users falling prey to scammers.” This failure could have serious long-term effects on brand trust and customer loyalty, he pointed out. “What sites don't understand or properly value is the 'stickiness' of customers around issues of trust and loyalty. Keeping customers loyal is particularly crucial now that there is so much competition in the online buying, selling and auction space.” Asked what classified advertising sites and marketers were doing to combat this risk, Phair said that while a few had instituted fraud protection software and most put up general warnings, the great majority of sites weren't willing to invest much at all. With sites lax on security and scammers becoming both more numerous and more devious, Phair described online fraud as a “wildebeest scenario:” Those who failed to adequately protect their sites and customers would be picked off, either by scammers themselves or by customers losing faith. “A bit of basic software and a few standard warnings just isn't enough,” Phair said. “Education is important but it is hard to measure how effective this is long-term. Meanwhile scammers are becoming more sophisticated and are adapting rapidly to the safeguards in place.” Fraud software was no silver bullet either, Phair said, because criminals and scammers were usually at least one step ahead of the game. One of the growing risks he identified was the ability of scammers to “integrate” abuse. Some examples he’s seen: 1. Fraudulent ads linked to phishing campaigns and transaction or financial provider fraud. 2. “Long-game” email fraud based on information garnered from reputable sites or advertising. 3. Scams on sites that were also linked to identity theft and / or credit card fraud. “What is required is thorough rules-based software which is adaptive and which can be tweaked to the nature and level of risk,” he said. “That requires investment in human expertise and ongoing vigilance. Otherwise customers will lose their trust in your site and simply head elsewhere.” Who is doing it well? Phair pointed to Carsales as a site which had made sustained efforts to safeguard buyers and sellers. Stephen Fairlam, trust and safety officer for Carsales, told the AIM Group his site had invested in sophisticated rules-based fraud control software aimed at detecting suspicious activity. Every Carsales account, advertisement and inquiry is run through a fraud control tool which looks for suspicious elements or patterns in location, identification details or selling / buying behavior. The tool gives constant feedback, adapts and updates to new information or © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 18 Vol. 16 No. 6 Classified Intelligence Report trends, and the technology is backed up by manual checks by security experts. Carsales was also first in the industry to implement an SMS validation service for transactions. Fairlam said that fraud occurred on both the buyer and seller side of the automotive classifieds business. On the buyer side a favorite scam was contact made with a seller by SMS requesting a private email address. This took the transaction outside the site domain, evading the security software which would usually protect private emails and block any fraudulent activity. “The buyer tells the seller they reside overseas, work in the military or live interstate," he explained. "They want to purchase through a third party, that they can't pay through the regular channels but they will pay if you can transfer a certain amount to get the ball rolling. The scammer sends emails purporting to be from PayPal or Western Union, luring sellers to transfer money which is then sent through to three or four other fraudulent accounts.” Last year NSW Fair Trading warned consumers of just such a buyer-side fraud where a seller was cheated out of forward transport costs she had paid. Fair Trading is currently working with Western Union, Australia Post and law enforcement to combat this style of fraud. Fairlam said the best defense against such scams is a rigorous combination of education, technology and adaptive security systems, accompanied by relevant human resources expertise. He agreed with Phair that while education and warnings were important, after a while standard messages about fraud became so much “white noise.” However, he said Australia compared well to global markets in terms of fraud protection, partly because by the time scammers tried their luck in Australia, the scams were already well-known overseas. Nikki Hennessy, spokesperson for Gumtree Australia, told the AIM Group Gumtree Australia had a zero tolerance for threats to its online community. “Any listing that could pose a threat to a community member is a breach of the Gumtree terms of use and will be removed from our site,” Hennessy said. As a locally-focused, community-based site (albeit one owned by EBay), Gumtree tends toward an advice-based defense against scams. “We always encourage members to buy and sell locally. A transaction should always be made face-to-face, with an in-person payment made once the goods have been seen. We advise buyers to never pay for an item before it has been viewed,” Hennessy said. "We also encourage our community to use the ‘Report Ad’ function should they identify a suspicious or offensive listing to ensure the ad is removed. The most important thing to remember is that if a listing sounds too good to be true, it probably is.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 19 Vol. 16 No. 6 Classified Intelligence Report Chinese government, online sites spar over bogus-product claims BY DON GASPER The extent of fraud and the prevalence of counterfeit products on China’s e-commerce websites has been a hot topic in the country in recent weeks. A government regulator openly criticized some of the leading online shopping sites in this regard, stinging the largest of them into hitting back in an unprecedented public spat. The row started in late January when the State Administration for Industry and Commerce published a report on its website claiming that, according to a survey the watchdog had conducted between August and October last year, only 58.7 percent of the goods sold online that it had tested were certified. The country’s biggest consumer-to-consumer platform, Taobao.com, which is run by privately owned Alibaba Group Holding Ltd., came out in a particularly unfavorable light, emerging as having the worst performance out of six major online markets surveyed. The survey claimed that less than 40 percent of products from Taobao were genuine, the result of allowing vendors without business licenses to run unauthorized online stores. This contrasted with 85.7 percent of goods on TMall, a business-to-consumer site also operated by Alibaba, and 90 percent on rival site JD.com. In an open letter made public Jan. 28, Taobao hit back, accusing Liu Hongliang, the SAIC official in charge of regulating online trade, of abusing his power and damaging the reputation of Taobao’s site as well as that of the online merchants. It charged Liu of “using a wrong method and reaching a conclusion that is not objective.” Taobao said that at least 51 of the 92 samples that were inspected by SAIC were taken from its platform, with just 10 items sampled from one of its competitors. It said that the survey was therefore unfair and its results had been made public without giving online merchants the opportunity to appeal. In a response the same day, the regulator published a “white paper” saying that Taobao had failed to clean up its act in five areas. Among these were having a defective rating system for merchants, having a low threshold for allowing businesses to open on its site, permitting vendors to operate without business licenses, failing to crack down on the sale of fake products and allowing bribery and other illegal activities on its site. It transpired later that the white paper was based on © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 20 Vol. 16 No. 6 Classified Intelligence Report discussions between Alibaba and the regulator in July. Reportedly, its publication had been withheld until this year to avoid it having a negative impact on the company’s debut on the U.S. stock market in September. On Jan. 29, Alibaba Group vice-chairman Joseph Tsai Chung-hsin, speaking during an earnings conference call, dismissed the report: “We believe the flawed approach taken in the report and the tactic of releasing a so-called white paper specifically targeting us was so unfair that we felt compelled to take the extraordinary step of preparing a formal complaint to the SAIC.” Both sides subsequently sought to cool down the war of words. SAIC deleted the report from its website, which Alibaba took as a sign that it had been vindicated. (For the text of the removed report click here.) In a statement on its website on Jan. 30, SAIC said that its top official, Zhang Mao, had that day met with Alibaba’s executive chairman, Jack Ma Yun. It said the two sides had agreed to tackle fakes and boost consumer protection online. The day before, the official China Daily newspaper quoted Neil Flynn, chief equity analyst at ChineseInvestors.com, on the affair. Flynn noted that consumer-to-consumer sites like Taobao were more vulnerable to having fake products on them, just because of the nature of the business. With e-commerce in China developing at breakneck speed, it is difficult for regulations and laws to keep up in the fight against online fraud, Zhang Mao has admitted. Speaking at a news conference on March 9 during China’s annual parliamentary session Zhang said that China must establish a system to record and restrict e-commerce companies that broke rules on the sale of counterfeit goods online. The penalties for breaking existing rules were too low, in his opinion, but if punishments were made severe, then the market would improve and fake goods would disappear. “Market order can only be regulated if we increase the penalties for selling fake goods, making traders who sell such goods unable to continue operations, or go bankrupt,” Zhang said, responding to a question on the sale of fakes on websites of the Alibaba Group. Ironically, following the SAIC criticism of the Alibaba marketplace, the United States rallied to its defense. The U.S. Trade Representative said March 5 that for a third year in a row it was keeping Taobao off its list of what it calls notorious markets for pirated goods. It had removed Taobao from the list in 2012, citing Alibaba’s efforts to address complaints from copyright holders. The USTR said that Alibaba had told it that the company continued to act on complaints by “reportedly removing millions of listings for counterfeit and pirated products manufactured in China and offered for sale and export.” Alibaba said that it spent over 1 billion renminbi ($160 million U.S.) between January 2013 and November 2014 on dealing with fake goods and guaranteeing consumer rights. The Wall Street Journal reported on March 9 that an Alibaba executive had told it the company used technological tools to detect and remove questionable orders from its platforms . © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 21 Vol. 16 No. 6 Classified Intelligence Report Russian firms are fraud-fighting vets Avito, Yandex lead way in prevention techniques BY PAVEL MARCEUX Russia has historically been an epicenter of online fraud, with domestic Internet firms understanding the challenges of combating malevolent viruses, data attacks, fake profiles and various scams. The upside of facing decades of online fraud is the wealth of expertise companies have developed in regulating their environments and protecting consumers. It is no accident Russian companies such as Kaspersky Lab and IB-Group have become global leaders in Internet security. Classifieds majors Avito and Yandex are also honing their anti-fraud techniques to retain the value of their business, especially as the volume of listings continues to grow. Algorithms and codes combat auto and realty fraud The Internet search giant Yandex has developed sophisticated algorithms to combat fake listings and malicious bots on its real estate classifieds platform Yandex.Realty. According to Ivan Chernyshov, project manager at Yandex, the company has “combined our technologies, from collected experiYandex ence in running classifieds projects and in terms of our Big Data experURL: Yandex.com tise, to prevent erroneous listings Owner: The largest investors in Yandex are Baring such as duplicates and frauds.” Vostok Capital Partners and With its specialized Big Data deTiger Global Management. partment, the Yandex Data FactoLaunched: 2000 Bottom line: Yandex is a Russian company that offers ry, the company is likely the best an internet search engine and search solutions to a placed company in Russia to impleworldwide customer base. ment data-based algorithms to combat unwanted listings. However, Yandex has also installed additional human-based measures. All Yandex.Realty listings go through moderation by a dedicated team and the site also has an online submission form to report any fraudulent activity by users. For its car classifieds business, Auto.ru, Yandex has also made a major step in anticipating and removing fraud. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 22 Vol. 16 No. 6 Classified Intelligence Report Russia’s leading auto classifieds platform has started to automatically check used-car listings in the Moscow region to determine whether the vehicle is stolen or if the specifications listed by the seller are correct. This is being done by checking the VIN code. If any issues arise after the check, the car’s listing is removed or amended. Kirill Smolin, project manager at Yandex.Auto, an auto classifieds platform run together with the Auto.ru brand, said, “Currently, there is no law that forces car owners to provide the VIN code when selling their vehicle, but we are offering to provide this check voluntarily. It allows us to fully audit the history of the car and enhance the trust that our users have towards our listings.” Avito also turns to Big Data to cut costs in moderation Being Russia’s largest online general classifieds platform, with over 28.1 million listings this month, brings its own problem when Avito fighting fraud. Avito’s rapid growth has, to a URL: Avito.ru degree, outmatched its capability to provide Owner: Vostok Nafta Investment Ltd and Inwell-moderated listings to its huge national au- vestment AB Kinnevik dience. Launched: Its popularity (top-10 site by Web traffic 2007 in Russia) has meant that the platform has be- Traffic: Monthcome a favorite among fraudsters, with consum- ly of around 25m Business model: Holding company ers and rival companies publicly critical of the Bottom line: Avito operates the leading genaccuracy of Avito’s posts. eral classifieds site in Russia In 2013, Avito committed to an automated fraud detection process by investing in a Big Data warehouse solution provided by HP Vertica. According to Nikolay Golov, Avito’s chief data warehousing architect, the technology was chosen because it was able to process data quickly and it could be upgraded with additional commodity hardware easily. The Big Data move was also a basic business decision. In 2013, Avito had around 250 staff working on the moderation of listings. By the end of 2014, the moderation group had stayed at the same number, but the volume of listings nearly doubled. Increasing human resources in this space to deal with the growth of the site was simply too capital-intensive and automation had become the only realistic solution. The diversity and sophistication of scams, as well as the sheer volume of listings, mean that Avito has also placed the responsibility on the users to recognize fraudulent activity before engaging in transactions. The site does this via its “safety” blog, where it lists and describes the latest classifieds scams. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 23 Vol. 16 No. 6 Classified Intelligence Report Online payment fraud still low but growing rapidly Classifieds platforms have few levers to combat online payment fraud, as this issue can only be dealt with by the actual payment operators. So far, online payment fraud levels in Russia have been significantly lower than in Western Europe. The level of fraud-related losses in Western Europe is roughly comparable to that in the USA, making up 0.04 percent of total payment volume, according to the Russian branch of international payment operator PayU. In Russia, this level is four times lower. Adyen, a global provider of online, mobile and point-of-sale payment solutions, confirms that Russia is not ranked among high-risk countries. “We have a very limited level of fraud in Russia thanks to our risk management system and also because bank card issuers don’t allow fraud,” explained Elodie Trichet, senior strategic partnerships manager at Adyen. Risks are limited for the merchant as 3DS is the accepted norm of security and expectation for online shoppers in Russia. Adyen, a global provider of online, mobile and point-of-sale payment solutions, confirms that Russia is not ranked among high-risk countries. “For a long time, managing fraud risk in Russia meant blocking the IP address of fraudsters. Now, our main task is to improve the conversion rate for our clients. A lot of clients come to us precisely because our mission is no more preventing fraud but driving sales, which means accepting a real customer that another payment operator would have refused,” Trichet added. However, as revealed by international research company Euromonitor, payment fraud levels grew faster in Russia than anywhere else in Europe in 2014. In other words, the rapid growth in bank card use in Russia could well be masking a serious deterioration of the fraud situation in the country, which will be fully revealed only when card payment growth stabilizes. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 24 Vol. 16 No. 6 Classified Intelligence Report In Spain, vigilance and victories Top companies reveal challenges, common solutions BY CILA WARNCKE Fraud varies by vertical. A generalist classified site like Milanuncios.com, which offers millions of products in hundreds of categories, offers plenty of scope for would-be scammers. Historically it was a prime target for fraud, according to Frode Nordseth, CEO of Schibsted Classified Media Spain. Thanks to rigorous fraud detection work the number of number of fraud cases is decreasing month by month. “We're almost at the bottom limit,” he said. “We stop about five to 10 percent of the ads before they get to the user.” One of its most vulnerable categories is holiday rentals, where criminals can take deposits then disappear with the money. Auto classified Coches.com reported a similar attempted fraud figure of about 10 percent, mostly offers of non-existent cars for sale. Chief technology and marketing officer Nuño LópezCoronado told the AIM Group that a dedicated quality team checks every ad for potential fraud, meaning that less than point-one Auto classified Coches.com reported a similar attempted percent make it onto the site. fraud figure of about 10 percent, mostly offers of nonexistent cars for sale. Information, rather than currency, is the main target of fraudsters on employment sites, according to Jorge Guelbenzu Lapresta, general manager of InfoEmpleo.com. The most common scams are ads requesting personal data, as well as pyramid job offers. Overall, InfoEmpleo keeps fraud down to less than 1 percent of its total ads. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 25 Vol. 16 No. 6 Classified Intelligence Report Data Tools and Technology Big Data is key to maintaining integrity in classifieds, allowing companies to rapidly sort and assess information. “Years ago it was all done manually,” said Nordseth. “Now up to 95 percent is done using advanced data analytics, such as tools that analyze word patterns.” Sophia Casas, email product manager for Trovit, said automated data analysis is vital to keeping fraud out of the huge volume of ads it processes. The multi-channel aggregator has multiple systems to scan ads and reject ones that do not match the pattern of a legitimate ad. “Our tools constantly learn and evolve to become better adapted to catching fraud,” she said. Humans are still an important element of the feedback loop, however. Trovit recently implemented the tool for reporting suspicious ads. The data they acquire will go to further refine their prevention methods. Property portal Fotocasa.es is a leader in mobile and recently launched Spain's first smartwatch property app to accompany its market-leading Property portal Fotocasa.es is a leader in mobile and recently launched Spain's first smartwatch property app to smartphone app. One of its recent anti-fraud innovations is auaccompany its market-leading smartphone app. tomatic phone number validation. When a seller uploads an ad he or she is sent a unique code by phone. They enter the code to confirm the phone number in the ad is authentic. Without the code, the ad can’t be uploaded and automatically disappears from the user's account after three days. In the auto sector, fraud prevention is based on pattern analysis and checking standard markers. “The first thing our tools analyze is the price. In fraudulent ad is usually 20 to 30 percent below the market value,” López-Coronado said. “Then we check the description. Scammers will repeat the same ad, only changing the car's make and model. We also check the seller's IP address. If the IP is in Asia or South America the ad can't be true.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 26 Vol. 16 No. 6 Classified Intelligence Report Coches.com's quality team also screens for low-quality photos, ads that request payment by transfer services such as MoneyGram, and ads where the seller claims to be “about to leave the country” and selling at a low price in a hurry. Fraud Prevention Best Practice Data tools are first-line protection against fraud. But a robust fraud defense system also involves understanding the product and market, and engaging users. Though user feedback may seem a blunt tool in the era of rapid big data analysis, it is key for two reasons: 1. Data tools have to be taught to find fraud. Humans are more likely to spot new scams. 2. Engaging users builds trust, which is the whole point of fraud prevention. Sources from Spain's top employment site InfoJobs.net told the AIM Group it checks every ad published on its site. In addition, a dedicated team randomly reviews offers and responds to user feedback. “Our users are very collaborative,” said Casas, of Trovit. “They alert us to any irregularity they detect, which helps improve our functionality. We work hard to educate our users and advise them to be careful of 'miraculous' offers.” In verticals where users are purchasing items, whether its cars, home electronics or holiday rentals, Casas emphasized the importance of being price savvy, both for portals and users. “An ad with a price that is significantly lower than the average for similar ads is probably going to be a fraud.” Conclusion Despite the specific traits of fraud in different markets, the main point all these professionals make is that fraud is a protean problem. The constant evolution of digital technology and user behavior means there is not one single fix for fraud. “It's like an arms race,” Nordseth said. “We do something so they do something, then we have to update our systems. They are always trying to get around our systems.” Classifieds need a comprehensive strategy, dedicated staff and adaptable tools to keep ahead of criminal creativity. And they need to remember that information is their best weapon. “When we get a fraudulent ad we just kick it off the system,” said López-Coronado. “We don't say anything to the advertiser because if you give them information about why it wasn't valid they will do it better the next time.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 27 Vol. 16 No. 6 Classified Intelligence Report How OLX.pl fights fraudulent ads Site verifies listings, has separate anti-scam unit BY ANDRZEJ SOWULA Automatic listing verification against fraud, a special fraud protection unit, user education and close cooperation with the police are foundations of the user safety policy at Naspers’ OLX.pl, Poland's largest general classified site. The site is visited by 7.5 million users per month, and even though most of them are honest and come to OLX in search for used stuff they need, it happens that there are also fraudsters. This causes a lot of distress among users who have been deceived, judging from the comments dedicated to safety on the OLX blog. For that reason, OLX.pl has its own policy of supporting the safety of users, although it only governs placing listings on its site and does not mediate in the transaction between the seller and the buyer. OLX.pl URL: http://www.olx.pl Owner: Allegro Group Address: Poland Launched: April 2014 Traffic: 7.5 million unique users per month (source: Megapanel Gemius/ PBI, 10/2014) Business model: Fees for adding a listing in an automotive category; fees for highlighting listings. Bottom line: Olx.pl is Poland's largest general classified site in terms of users, number of visits and number of listings. “Most of our listings are premoderated prior to activation in the site, and this is the first line of resistance against fraud. We also have a separate unit to fight against dishonest users," said Marcin Urbańczyk, general manager at OLX.pl. According to Urbańczyk, the company has introduced several other security measures, but he didn’t want to reveal them to make fraudster’s lives easier on Olx.pl. “There will always be some black sheep with dishonest intentions. However, it is a marginal problem if you look at the scale of our site,” said Urbańczyk. “We do not have accurate statistics on the number of fraudulent listings compared to all listings, but we can certainly say that it is only a fraction of a percent of all listings on OLX.pl.” © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 28 Vol. 16 No. 6 Classified Intelligence Report We can learn a bit more from Piotr Chochłow, head of the User Safety Unit at OLX.pl. He emphasizes the role of user education. “"We carry out educational activities using many tools, such as warnings on the page, on our blog and on Facebook. We also run a special section on the site dedicated to user safety topics (here) and we always emphasize in correspondence with our users the principles of OLX and encourage our users to pick purchased items personally," Chochłow said. As part of these educational activities OLX.pl has recently warned its users on its blog against the increasing number of fraudulent job listings that are aimed at stealing personal data. Such data are required to open a bank account in the name of another person. Therefore, the fraudsters first ask for scans of identity cards and then to transfer a very tiny amount of money to the bank account indicated by a fraudster later on. As OLX explains it on its blog, by transferring the money we confirm the data, and thus a fraudster may take a loan from the bank in our name. Paying via bank transfer is the most frequently named ingredient of the fraud process that can be found in the voices of people defrauded on OLX.pl, who share their experiences in a variety of forums dedicated to the security of transactions on OLX.pl. “Collecting purchased items and paying (for) them in person is the safest way to complete the transaction. We emphasise that fact also in our advertising campaigns," Chochłow said. Another way to communicate this information to the user are provocative actions carried out by the security team of OLX.pl. Basically It puts a fake listing on the site, which bears the hallmarks of a scam. “Anyone who is interested in this offer receives the information from us that this listing is a provocation made for educational purposes and the exact instructions how to avoid this type of situation in the future," said Chochłow. OLX also actively participates in the prosecution of the fraudster after notifying by the user. “We do all we can to help the victims and law enforcement authorities. We provide the user with information (about) what he or she should do (go to the police and report the case), and then we strictly cooperate with the police. Of course, the fraudster’s account is deactivated in our service right away,” Chochłow said. He said his team has also a few other tools to effectively fight with fraudsters, but he doesn’t want to reveal them. “We try to speak as little as possible about the security-related issues, so as not to facilitate the operation of fraudsters,” he added. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 29 Vol. 16 No. 6 Classified Intelligence Report Allegro’s aim: Halt ‘perfect crimes’ Identity thieves target Poland’s largest auction site BY ANDRZEJ SOWULA The most difficult to detect fraud on Allegro.pl —- the largest auction site in Poland and Central Europe —- are the ones with the use of the personal data of others. Assuming someone else's identity, the fraudster can keep total impunity if he works in a carefully thought-out manner. However, Allegro has its ways to protect users against perfect crimes and secure their interests in the event of fraud. A perfect crime on the auction site Allegro was described in the Polish press. A swindler, using a fake account, sold electronics on the site. After receiving payment he never sent the purchased goods. One of the deceived users bought the pendrive SanDisk Extreme 64GB for 129 PLN ($35 U.S.) from him. Nothing aroused his suspicions because the seller had 500 positive comments and only two negative. After completing the transaction on Allegro, the pendrive did not arrive. Attempts to contact the seller failed. There was no response to emails and the seller’s phone was silent. The case was reported to the police where there had been already 55 similar cases. The scammer earned 13,000 PLN ($3,529 U.S) and remained unpunished. Police could not establish his identity, and prosecutors dropped the charges. It turned out that the account was established in the name of a Mr. Andrzej from the City of Wroclaw, who some time ago lost his ID card. The search for the perpetrator using the IP address brought no results either, as the scammer had connected to the Internet using his phone as a router, which could not be identified because it worked on a pre-paid card, not assigned to a specific person. It was also discovered that the bank account to which the money flowed from the auction was set up with a stolen identity. The only clue the police had, the recordings from the camera at an ATM in the City of Legnica, in which the scammer cashed out, proved to be also of little avail. The recording was of poor quality and the fraudster was disguised to prevent being identified. Anna Tokarek, PR Brand Manager at Allegro Group, did not want to tell us the exact statistics of similar scams on Allegro. She assured us, however, that in general fraudulent listings on Allegro are a very small percentage. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 30 Vol. 16 No. 6 Classified Intelligence Report “Buying on Allegro is safe, and the percentage of failed transactions is small as evidenced by the fragmentation of comments --- positive represent 99.5 percent of all issued, then neutral, and then negative, which are not even 0.5 percent,” said Tokarek. Allegro’s representative pointed out that potential risk associated with buying on Allegro.pl is in most cases reduced to zero thanks to Allegro’s Buyers Protection Program. It provides a refund if the ordered stuff does not arrive or if a customer received an item not as described in the auction. In such cases the customer can claim compensation and get their money back. The maximum amount of money Allegro can refund is up to 10,000 PLN (about $2,716 U.S.). The most important condition for receiving compensation is reporting the case to the police. Applying for compensation is possible upon receipt of confirmation of reporting from law enforcement. According to Tokarek, the best way to protect users against fraud on Allegro is constant education on how the scammers operate. One of their favorite methods includes announcing bargains. “If the product price is drastically different from its actual value, users should find out as much as possible about the seller,” Tokarek said. “They should check the history of his previous transactions and comments from buyers. If there are still doubts after such verification, it is better to buy from a seller who has the Standard Allegro badge. Then you can be sure that the transaction will be 100 percent successful.” She also emphasizes that the site warns users not to buy outside Allegro, because shopping that way is not protected by the Buyer Protection Program. In the case of fraud, users will not be able to apply for compensation. Allegro often warns its users against phishing, which is another very common method of collecting data used by scammers on Allegro. “If you receive a suspicious message in which the sender insists (you) log into Allegro via a link indicated in this message, watch out, it can be a phishing message. The link included in that message is not directed to the real Allegro, but to the fake website whose mission is to capture the data you use to log into your Allegro account. Such messages also may include attachments such as viruses,” said Tokarek. Allegro’s representative assured that their arsenal of methods of dealing with scammers is not limited to user education, but they declined to reveal details to avoid helping scammers. However, as they emphasized, it is primarily education that can ensure the safety of users and allow them to avoid even the best planned fraud. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 31 Vol. 16 No. 6 Classified Intelligence Report Job portal learned from attacks Labor crisis makes Portugal’s Net-Empregos a target BY CRISTINA COSTA Portuguese job portal Net-Empregos has learned many lessons in how to stop fraud the hard way --- by being attacked. “In my opinion there is not a type of fraud or abuse we have not experienced. From illicit listings scraping with later falsification, to bogus job offers, phishing attempts or money laundering scams,” explained Rui Encarnação, founder and CEO of Net-Empregos. In his experience fraud registers and bogus job offers have been increasing with Portugal´s labor market crisis: “Very popular on job portals is currently the money mule scam to launder cash from criminal sources in Eastern Europe. People are hired for example as ‘Commercial Representative’ for a caviar export firm to deposit payments from so-called ‘customers’ on their bank accounts and later transfer this money to an bank oversea for a small commission,” said Encarnação. The independent job portal is the clear market leader in online recruitment in Portugal. An average of 25,000 job openings are published each month on Net-Empregos, making it among job seekers the top site for job search with a SimiliarWeb estimated traffic of 2.8 million visits in February. Safeguards against fraud At 13.3 percent, Portugal has the fifth-highest unemployment rate of the European Union (Eurostat January 2015). Net-Empregos increased registered employers to 120,000 companies. More than 3 million candidates have placed their resumes in Net-Empregos’ database. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 32 Vol. 16 No. 6 Classified Intelligence Report Portugal´s online recruitment market is a no-cost-per-ad market for recruiters. Major job verticals follow the Net-Empregos business model to offer free listings, only monetizing from upsells of premium or display ads and additional services. CEO Encarnação, who has refused offers from local major classifieds competitors to sell his small company for several million, points as core growth factor for Net-Empregos, its freemium personal client services that as a positive side-effect helps avoid usual fraud schemes. “We double-check everything. Not only validating data with our Anti-Fraud system, but calling back employers, if we suspect there is a mistake or even a possible fraud involved,” said Encarnação. Before posting a job opening employers have to pass through a mainly self-developed anti-fraud registration process on Net-Empregos. “Based on our past experience with fraudsters we built a multi-data-authentication process, mainly based on the validation by phone, if, for example, a mandatory information in the registration form is suspicious or misses,” explained Encarnação. (The registration form for companies on Net-Empregos has several mandatory fields like address, postal code, location and company email. To begin an authentication as employer, companies have to provide at least a Portuguese landline number and the unique companies register identification number “NIF” (Número de Identificação Fiscal). During this validation process that lasts up to 24 hours, job listings are not placed live on the platform. For the phone validation Net-Empregos takes advantage of the fact that Portugal has fixed landline area codes based on geographic prefixes: “Our platform automatically matches the address and phone data filled into the registration. If, for example, an employer registers an address in Porto and provides a Lisbon area phone number, there will be an alert for a manual check by our team.” The staff of three employees of Net-Empregos starts a verification and validation process, crosschecking for example filled-in company identification numbers with the official database of the company register. “If we do not find a correct entry of the NIF in the company register, the job offer is not validated until we receive additional information per mail like for example a copy of the company´s permanent commerce register certificate,” explained Encarnação. In his opinion, only this manual crosschecking of data and direct, local contact approach, which sometimes is not pursued at general classifieds portals because of the amount of listings, makes it possible to minimize fraud effectively. “Some weeks ago we received a bogus listing, faking a job opening at a large multinational optician company, where everything seemed correct at first glance with the fraudster © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 33 Vol. 16 No. 6 Classified Intelligence Report mirroring even the correct NIF number. But since the contact e-mail was not in our database, we called the company and found out that their website had been scraped for fraudulent purposes,” Encarnação said. Fighting mobile danger The highest fraud menace for job boards comes according to him currently from mobile phones, so Net-Empregos decided to block mobile phone registrations. “If a client provides a mobile number, we validate this number by using a two-step voice code verification,” said Encarnação. For this mobile data validation Net-Empregos applies the paid software solution “Verify Voice” provided by U.S. software company TeleSign. Through an installed API interface Telesign calls the user´s mobile number back, speaking a verification code generated that the user has later to fill on the platform. Net-Empregos’ job-seekers Fraud and Abuse prevention goes even further: The job vertical has introduced an “Employer blacklist” based on the feedback coming from candidates containing names of companies that do not pay or fake higher salaries. “We have now over 500 companies on our list that which are not allowed to post job openings anymore, since we want only to mediate reasonable jobs with acceptable working conditions,” Encarnação explained, Net-Empregos even limited postings in some categories to avoid the usual job offer spamming on freemium job portals and to meet job seekers’ need for reliable openings. “Some Realtors from franchise companies placed hundred of vacancies, selling job-seekers later paid-for training on a commission basis, but only employing a scarce number of them afterwards,” said Encarnação. His team controls now narrowly how many listings are placed by some realtor franchises, allowing them to place vacancies only from time to time. This user-centered strategy has made Net-Empregos popular among users of social media channels like Facebook. Net-Empregos has over 900,000 followers on Facebook, which corresponds to a value of five percent of Portugal’s working force of slightly over 4 million people. If Net-Empregos gets a reliable user feedback from applicants of a fraud or discovers one itself, an alert is posted on Facebook. “This interaction with our community of jobseekers is one of our strengths in fighting fraud and also an asset for employers, since we offer reliable employers a cost-free posting of their vacancies on Facebook,” explained Encarnação. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 34 Vol. 16 No. 6 Classified Intelligence Report New feature puts scams on hold Italy’s Immobiliare.it verifies phone numbers for ads BY ALESSANDRA RITONDO The Italian market leader Immobiliare.it in February launched a feature similar to Google two -step verification, an in-house software, conceptually simple to use even for users. And since that time, according to Silvio Pagliani, co-founder and member of the board of Immobiliare.it, the scams have disappeared. “For the ads coming from individuals, we verify that phone numbers are real. The user must ring the portal's dedicated phone number from his or her phone,” explained Pagliani. Here's how it works: A user posts the ad, and Immobiliare.it requests verification by sending to the user an email asking to click a link (pretty standard mode), when the user enters the phone number, a pop up-window appears saying, "Call the number XX-XXX-XXXX by the phone number you entered.” The user calls and the system makes the match. "Because scammers know that a phone number is traceable and is associated by law in Italy to a person, this feature has much increased the security on the site in the free ads for individuals area. Every day the system receives hundreds of phone verifications, related to the fact that we have hundreds of new ads by individuals daily,” said Pagliani The telephone control occurs even if the user wants to change any sensitive data to their account on Immobiliare.it . Pagliani Launched in 2007, Immobiliare.it is owned by Gruppo Immobiliare. Part of the same group are also the portals Immobiliare.it and Eurekasa.it, launched in October 2005.The launch of NuoveCostruzioni.it dates back to November 2008.The portal operates in the area of new buildings, while Affitti.it was launched in September 2009 for rentals. Immobiliare.it bases its strength on technology, research and development and advertising and its success on hard work, investment and expertise. Each month, more than 7 million people access Immobiliare.it by Web, tablet and smartphone. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 35 Vol. 16 No. 6 Classified Intelligence Report Stuffle.it adds unique protections Buyers can pay on site; goods, money guaranteed BY CHRISTOFFEL VOLSCHENK Stuffle.it, the app-only flea market acquired by ImmobilienScout24.de late last year, launched a desktop version this week with a new way to provide security. Now, Stuffle.it is a general classifieds platform with an Android and IPhone app, just like all the general classified players we know in Germany --- Kleinanzeigen.ebay.de, Quoka.de, Kalaydo.de, Markt.de, Local24.de and Dhd24.de. You can search in different categories, and limit your search geographically. That's the first impression. But, look a bit deeper, and it's clear that Germany has gained a unique general classifieds platform. One on which used goods are paid for on the site, and which offers buyers / sellers delivery options. One which guarantees buyers and sellers they'll get their goods and money. These are also the major income sources of Stuffle.it. The site takes a transaction fee on sales if paid with PayPal --- otherwise not. The transaction fee is paid by the seller and delivery fee by the buyer. Other income sources are upsells, such as the "Schaufenster" (shop window), which places listings in prominent positions. Advertising as an income source was expressly banned from the site, because, it says, "advertising sucks on apps and sites." This is quite a revolutionary business model, at least for Germany. So, here is the explanation given by the site of its payment method (translated and shortened in some cases by us): Pay on Stuffle...it’s safe and simple As you may have noticed, you can pay in the app and on the site. We’ll explain: What are your benefits as a buyer? For buyers it is free to pay on Stuffle. It is also simple: Instead of bringing cash, you can pay for your purchase directly with PayPal. If you haven’t got a PayPal account, you can also pay directly by credit card. But, with a PayPal account you get PayPal Buyer Protection. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 36 Vol. 16 No. 6 Classified Intelligence Report Buyer Protection is a guarantee that you really get your purchase item. If not, you may claim your money back. Want to pay with PayPal? Simply ask the seller once you’ve agreed on a selling price. You can recognize sellers who offer payment with PayPal by the small PayPal flag in their profiles. If you want your purchase delivered by Stuffle and the seller says it’s OK, you can pay for your product and have it delivered all inside Stuffle. How do you benefit as a seller? Never send bank data to strangers! If you use the payment function, you are guaranteed to get your money without waiting. [This] guarantees you the highest level of security. Should something go wrong, you’ll still get your money if you can prove that you dispatched the product. To use the secure payment option, connect your PayPal account with your Stuffle account. This added security we cannot offer free, unfortunately. We charge a fee of 5 percent of the sale value. We reckon this is fair. Should you and the buyer [use] delivery by Stuffle, you will initially receive both the purchase price and the delivery cost paid by the buyer. Later we’ll deduct the delivery cost, and reimburse you the portion of the PayPal fees linked to the delivery cost. ... You don’t want to use PayPal? You are free to decide on a payment method with the buyer. Cash on delivery, by direct bank transfer, or credit card. But, remember: We cannot help you when problems occur in these cases. The buyer and seller protection is only available if you used PayPal. Which payment methods are available? With PayPal you can use all major credit cards and direct debit cards. This varies from country to country. You want to pay across borders? This is possible. Even worldwide. The buyer will always be charged the invoice amount in his own currency at the current exchange rate. Exchange rates are constantly changing and are beyond our control. How does Stuffle benefit? We developed Stuffle so you can sell your stuff more easily and quickly. The payment function now makes Stuffle even better for all. It gives you more security, and we earn money. Why are we earning our money in this way, and not with advertising? We think advertising in apps and on sites sucks. That’s why our site and app are ad-free. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 37 Vol. 16 No. 6 Classified Intelligence Report Geebo offers SafeTrade program SafeTrade is the new initiative from the AIM Group to make life safer for buyers and sellers who use classified advertising sites. It’s being offered by police and sheriff’s departments in the United States, and now it’s being offered by a generalclassified site, Geebo.com. Geebo is a mid-tier site that describes itself as “safe community classifieds.” It’s owned and operated by Greg Collier, who made the SafeTrade program incredibly easy. We called and asked him to join; he did, and two days later it was live on his site. “You have our full support,” he said. Thanks, Greg! If you want to participate in SafeTrade, email us: [email protected] . It’s free and easy, and it will help your site and your users trade safely. A listing on Geebo.com with the SafeTrade logo © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 38 Vol. 16 No. 6 Classified Intelligence Report Vendors who help stop fraud, abuse Fireblade URL: fireblade.com Headquarters: Israel Founded: 2008 by Shay Rapaport, CEO, and Erez Azaria, CTO. About: Cloud-based website security solution, including DDoS protection, website acceleration and real-time monitoring, load balancer and failover. Fireblade relies on a behavioral approach to website security that follows on users’ behaviors and reputations, rather than signatures. Clients: AutoTrader.com, LayerShift, SimilarGroup and EBay, where Fireblade stopped scraping, spamming and fraud at EBay Classifieds. Formerly knows as: SiteBlackBox Besedo URL: www.besedo.com Headquarters: Sweden Founded: 2002 in Stockholm by Jesper Lilliesköld About: A content-management provider for digital classifieds, Besedo uses a combination of technology and manual checks to ensure the authenticity of ad content content. Provides online content moderation, fraud and abuse management, and customer service to online businesses. Specifically classifieds, i-gaming, e-commerce and user-generated content sites, and Web-based financial services. The company has six offices and serves 15 countries. Clients: Schibsted Classified Media Spain (Fotocasa.es, Coches.net, InfoJobs.net, etc); Leboncoin.fr; Ebay Kleinanzeigen, Germany; Gumtree UK; Subito.it; Tocmai.ro; Bomnegocio.com; OLX Poland and Brazil © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 39 Vol. 16 No. 6 Classified Intelligence Report Imperva URL: www.imperva.com Headquarters: Redwood City, Calif. (U.S.) Founded: 2002 by Mickey Boodaei and Shlomo Kramer About: Data-security specialist focusing on physical, virtual and cloud-based data and database security, regulatory compliance, application and file security. Approximately 3,500 clients in 90 countries worldwide. Impreva delivers wide-ranging data protection services to classifieds and other businesses. It provides tools for classifieds such as web app protection; fraud prevention against phishing, malware, identity theft, etc; site scraping Elca Informatique SA URL: www.elca.ch Headquarters: Switzerland Founded: 1968 by Daniel Gorostidi About: Privately held company, just sold to a group of private investors by CEO and President Daniel Gorostidi. Specializes in the fields of software development, systems integration and business consulting. Elca Group has additional offices in Zurich, Geneva, Bern, Paris, Madrid and Ho Chi Minh City (offshore development). Elca offers several anti-fraud management, data protection (ELCrypt), multi-factor authentication solutions (ELC), online electronic signature services, and identity and Access Management Solutions. Clients: FNAC, Manor, Migros, Manor, Nestlé © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 40 Vol. 16 No. 6 Classified Intelligence Report ISpin AG URL: www.ispin.ch Headquarters: Switzerland Founded in: 1999 by Marco Marchesi About: Swiss public limited company, privately held specialized in data and information security. Offers companies assessments and audits, business security consulting, security solutions engineering, security culture and education and managed security services. ISpin AG offers several anti-fraud and security solutions, as for example its own solution “I AM Pocket” an Access management solution and is provider of worldwide renown Anti-Fraud Solutions providers like RSA, Palo Alto, Cisco and Vordel. Clients: Charles Vögele Trading AG, Coop, Denner, Spar Management AG, Swisscom IT Services, Sunrise Company: Iovation URL: Iovation.com Headquarters: Portland, Ore. (U.S.) Founded: 2004 About: This global online-fraud prevention and detection company works with finance firms, retailers, online communities, classified publishers and dating sites. Its TrustScore tool assigns a fraud-likely rating to all visitors to client sites. Scoring depends on the data platform of the visitor’s device, transaction frequencies, and any fraud history. The network stops 200,000 fraud incidents daily, and has 3,000 active fraud analysts, the company said. Clients: The company shares information such as fraud-identified IP addresses with more than 300 clients that include AutoTrader.com, Cars.com, Trader Media, Etsy, Poshmark and Finn.no. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 41 Vol. 16 No. 6 Classified Intelligence Report Company: Distil Networks URL: distilnetworks.com Headquarters: Arlington, Va. (U.S.) Founded: 2011 by Rami Essaid, Engin Akyol and Andrew Stein About: A leading public and private cloud security provider that blocks malicious bots, or automated computer programs, attacking your website. The setup to stop bots is lightning–fast, secure, and completely transparent. Clients: The company has helped OnTheHouse.au, Australia’s only free property research portal, the Honoluly Board of Realtors, Tool King and StockTwits. Kaspersky Lab URL: usa.kaspersky.com Headquarters: Moscow Founded: 1997 by Eugene Kaspersky About: Fourth-ranked Kaspersky Lab offers commercial and consumer security products, such as anti-virus, anti-malware and firewall applications, in addition to security systems designed for small business, corporations and large enterprises. Larger solutions include protection for workstations, file servers, mail servers, payment gateways, banking servers, mobile devices, and internet gateways. Clients: With more than 270,000 companies protected by Kaspersky products, clients include big names such as Ferrari, Strabag and Telefonica. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 42 Vol. 16 No. 6 Classified Intelligence Report Da Vinci Forensics URL: www.davinciforensics.co.za Headquarters: Cape Town, South Africa. It has staff throughout Africa. Founded: October 2014 About: Da Vinci partnered with a number of companies to be able to handle a broader spectrum of problems. The main partners are Telexing, McAfee and Magix Security. Da Vinci has a close relationship with the SA Police Service (the electronic intelligence division), which works with Da Vinci when the company detects organized crime posts, or when it suspects a crime syndicate may be at work. Clients: Naspers and a number of others. Ergon Informatik AG URL: www.ergon.ch Headquarters: Switzerland Founded: 1984 About: Ergon provides security solutions and application development for finance, industry, retail, telecom and the public sector. It’s Airlock Suite provides a Web application firewall and other security measures. Clients: Coop, Credit Suisse AdNovum AG URL: www.adnovum.ch Headquarters: Switzerland Founded: 1988 by Stefan Arn About: AdNovum specializes in implementation of demanding IT projects, design, implementation and maintenance of software and security solutions. Nevis Security Suite (reverse proxy, authentication, identity management and signature service). The EBPP Validator (electronic bill presentment and payment) checks content provided by billing companies for potentially dangerous content. Clients: UBS, Sunrise, Post, Swisscom. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 43 Vol. 16 No. 6 Classified Intelligence Report Open Systems AG URL: www.open.ch/ Headquarters: Switzerland Founded: 1990 by Florian Gutzwiller About: Open Systems AG is specialized in all kind of mission control security services, focusing on network security, application delivery, identity management and global connectivity. Provides several Identity management solutions. Firewalls, Load Balancers, Web Single SignOn, DND and Global Connectivity Solutions. Clients: Spiegel Verlag, International Red Cross, UBS and others. InfoGuard AG URL: https://infoguard.ch Headquarters: Switzerland Founded: 1988 About: Infoguard is manufacturer of Swiss Made Layer 2 and fax encryption. The company provides consulting in security areas and has developed an Encryption and Authentication software for mobile and web access. It has strategic partnerships with leading network and security product manufacturers. Member of the Crypto Group Clients: COLT Telecom Switzerland GmbH, Sunrise, Bluewin (Swisscom). © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 44 Vol. 16 No. 6 Consulting Services for Interactive Media and Classified Advertising Classified Intelligence Report Vol. 16 No. 6 Mar. 26, 2015 Naspers gains more Schibsted sites Classifieds rivals now competing in only 5 countries BY CHRISTOFFEL VOLSCHENK And then there were five. Last week, we reported that Naspers had acquired Asani.com.pk, Schibsted’s general classifieds platform in Pakistan (here), and said with Pakistan out the way, the number of countries in which Naspers and Schibsted still compete had dropped to 10. In our report we forecast that more countries would follow. But, we didn’t expect it to happen so soon. And we didn’t expect the next four countries to drop in one go. But that’s what happened. Schibsted handed another three of its general classifieds sites to Naspers, namely BuenAcuerdo.com.ar in Argentina, Tradestable in Nigeria and Vende in Peru. Terms of the deal were not disclosed; in fact, the arrangements were not announced. Then, Schibsted withdrew from a fourth country, namely Egypt, where the site 2Olli.com was closed. The short explanation why the site closed says it all: Because Schibsted thought there were enough sites in the market to serve the needs of Egyptians (freely translated). Now there are five countries left: Tayara in Tunisia, where Naspers is active with Dubizzle; Kufar in Belarus (OLX); LeBonCoin in France (OLX); Subito in Italy (OLX), and Segundamano in Spain (OLX). Until sometime last year, Schibsted operated two general-classified sites, LiaoMaiMai and LiuMaiMai, in China, where it was a nominal competitor to 58.com, Baixing.com and Ganji.com © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 45 Vol. 16 No. 6 Classified Intelligence Report (among others, of course). But those sites are now dead. Naspers holds a 34 percent stake in the Chinese portal Tencent, which in turn owns 19.9 percent of 58.com (NYSE: WUBA), which is a general-classified site. We expect two more countries to fall soon -- Tunisia and Belarus. In the rest of the status quo will probably not change. With Nigeria, Africa’s most populous country, now also in the hands of Naspers, one can’t help but wonder how long the Swiss media house Ringier is going to hold out before it decides that Africa is Naspers territory for classifieds. (Meantime, Rocket Internet is also trying to build a variety of classified businesses in Africa.) With the merger of OLX with TradeStable, OLX.com.ng reported it had 148,000 listings. And one can assume the Tradestable listings are still to be added. Against this merged giant, Ringier steps up to the plate in Nigeria with its site Ady.ng with 14,000 listings. That’s a mismatch, if ever there was one. In Uzbekistan, meanwhile, the Naspers site is being rebranded next week --- from Torg.com to OLX.uz. The site said the name change was the only thing that would change about the site. Its app, design and functionalities will all be unchanged. When the truce between Naspers and Schibsted was announced on Nov. 13 last year, the players left the impression that that was the full extent of the deal. Since then, the two companies have agreed to cooperate in about 15 additional countries. In the first week after the truce was announced, it wasn’t possible to say with any certainty which company got the better deal, if either one did. Today, with about 20 countries in the truce deal, it seems pretty clear that Naspers has pulled the better cards in the truce negotiations. Could this be why Schibsted’s share price has been on a downward trajectory lately? © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 46 Vol. 16 No. 6 Classified Intelligence Report Job sites sprouting Down Under Seek hangs on to top spot in Australia amid launchBY KATE LYONS The Australian jobs listing market has seen a flurry of new competitors during the past 18 months, with start-ups all scrambling for a point of difference against market leader Seek.com.au, whether through category specialization, stripped-down business models or reduced rates for advertisers via direct deals and pay-per-click models. Seek still reigns supreme, however, accounting for one in four jobs listings in Australia, 22 percent of placements and as of 2013, 24 percent of the total market. Among the start ups which have surfaced in the past 12 months are SpotJobs, OneShift, Expert360 and Nvoi, all claiming to cater for specific categories of job seekers. SpotJobs specializes in entry level jobs for young workers in the retail and service industries, Expert360 and Nvoi in professional sector contract positions, while OneShift spruiks (means promote in Australian) its use of detailed job-matching technology including criteria such as hair color, tattoos and smoking status. If that sounds a bit like an online dating site, dating site EHarmony has already spotted the synergy, branching into employment advertising with a site called Elevated Careers. OneShift has also added a new specialization with its recent acquisition of mature-age job board Adage, consolidating growth which has included $5 million in new investment and plans to launch in New Zealand next year. The highest-profile launches in the last 12 months have been the entry of U.S. site Indeed to the Australian market with a multi-million-dollar brand campaign vowing to shake up the market and a move for Fairfax away from its dedicated job site, MyCareer, to Britishbased site Adzuna, launched in Australia in 2014. All Fairfax job search and online listings shifted to Adzuna under a joint venture agreement reached late last year. This segmentation of the job listing market into specialist sites reflects a fracturing of the employment market itself, with permanent or long-term positions giving way to contract work, flexible positions and project-based employment. In terms of new business models, sites like Nvoi and Adzuna are stripping back business models to reduce costs, Nvoi through a © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 47 Vol. 16 No. 6 Classified Intelligence Report cloud-based platform specializing in temporary and contract white collar recruitment using direct engagement with hiring managers, thus eliminating agency fees, and aggregator Adzuna through a direct to employer pay per click model. Adzuna listings have gone from 80,000 at launch in January 2014 to 135,000 to date. Raife Waite, co-founder and joint CEO of Adzuna, told AIM Group the deal with Fairfax had been vital in gaining traction and visibility in what was virtually a monopoly market for Seek. However with the rash of new start-ups, that could be about to change. “Our big point of difference is that we are a free-to-list model. Our service is not limited to self-selection on site,” Waite said. “Every job-seeker gets sent directly to the employer and we can therefore offer a better cost-per-click rate.” Recruiters push to Adzuna across a wide range of categories, and can make determinations on spend depending on volume. Individual cost-per-click prices are set for each category, there are no lock in contracts and advertisers have flexibility to vary their budgets based on performance. Waite says Adzuna is also building in features and widgets aimed at engaging job seekers with their employers' environments through social media like Facebook, as well as importing some features from its U.K. parent such as Value My CV. In terms of market trends, Waite says more big corporate recruiters are choosing to go direct to market rather than through recruitment agencies. He added that mobile marketing and enhanced content were the areas to watch in the next 12 months. Sarah Macartney, public relations manager for Seek.com.au, was unfazed by the rush of new competition, telling the AIM Group that while Seek had seen many new businesses come and go it had always maintained market leadership. She cited the fact that Seek delivers 22 percent of placements in Australia and boasts more than 28 million visits per month. This compares to its nearest competitor's placement rate of 2 percent. Half-year results for Seek Ltd. in FY15 showed 14 percent revenue growth and 7.3 percent growth in job ad volume in February this year against February 2014. This was despite a rising unemployment rate and subdued macro-economic conditions, Macartney said. She agreed that the uptake of mobile devices, portable apps and enhanced content had dramatically changed the way both candidates and employers interacted with Seek, with over 59 percent of visits to the site now via mobile, up 34 percent year-on-year to January 2015, and 20 percent of applications now coming through a mobile app. “In response we have developed a seamless experience across devices, with candidates able to search, create profiles and prepare applications on any device, and hirers able to access and manage ads and applications via mobile,” Macartney said. © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 48 Vol. 16 No. 6 Classified Intelligence Report More news and analysis on AIMGroup.com Reminder: We post news and analysis between editions of Classified Intelligence Report on our website, AIMGroup.com. Here are some of the articles you may have missed: When, how, will NextDoor make money? It’s become quite common for social-media startups to spend years giving everything away for free before introducing revenue drivers. Hyper-local online community NextDoor, which has one-third of all U.S. neighborhoods on board, is no different. While we at the AIM Group and others have been told that advertising is not in the offing for quite some time, that’s the most obvious way for NextDoor to start filling its own coffers. StreetFight looks closely at how this might play out, and is a bit critical … (Read more …) Recommerce: Main competitor of classifieds? Warning: This article by Christoffel Volschenk is full of observations, assumptions and opinions, posted to stimulate debate on the changing competitive environment classified companies find themselves in today. Please throw in your dime by sending an e-mail to [email protected]. First observation: The business model “self-sell” on classified platforms and the business model “recommerce” compete head-to-head. It’s an either-or game. Every used product sold to a recommerce player … (Read more … ) SpotAHome Closes Investment Round Spanish property portal SpotAHome, founded last year, has closed its first external funding round. Novabrief named the investors as Gabriel Leupin (California), Charlotte Street Capital (London), and Howzat Partners (investors in Trivago, London). The amount of the round was not disclosed, but according to the Novabrief report it is a six-digit figure. Founded by Alejandro Artacho, Bruno Bianchi, Bryan Mc Eire, and Hugo Monteiro, SpotAHome is a platform designed for direct booking of accommodation for a month or more, and is aimed at people planning … (Read more … ) © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 49 Vol. 16 No. 6 Classified Intelligence Report Auto Trader U.K. shares soar on floatation Auto Trader U.K.’s shares soared on their first day of conditional trading on the London Stock Exchange last week. From an initial public offering price of £2.35 per share ($3.46 U.S.), which valued the company at £2.35 billion, the share took just a quarter of an hour to hit £2.65, before closing at £2.56, an increase of nearly 9 percent on the IPO price. Floating 59 percent of the company raised £437 million for Apax Partners, which owned the company outright after buying 49.9 percent from Guardian Media Group in 2007 and then paying £619 million to secure the remaining 50.1 percent … (Read more … ) Apploi debuts job-posting fees Video-focused recruitment mobile app Apploi, which just landed $7 million in venture capital, has introduced its first revenue driver – posting fees. While some early adopters are being offered a 50 percent discount, the initial fee for any employer to post jobs is very small – $15 a month for unlimited job posts. Apploi now has 4,000 employer advertisers, with several thousand job seekers applying to their jobs every week. By email Apploi, shared these thoughts: We feel that now is the time where we have proven (Read more … ) New Belgian real estate site will compete with Immoweb Yet another attempt is being made to chip away at Immoweb’s market share in Belgium’s competitive online real estate market. Shelterr.com was launched with a goal of providing superior user experience focused on “esthetics and ergonomics.” The site, with a freemium model, caters mostly to professionals, and has user navigation and layout that are similar to AirBnB – location and street view first, then prices and other features, such as seeing one’s eligibility … (Read more … ) © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 50 Vol. 16 No. 6 Classified Intelligence Report Former EBay VP Payne new Tinder CEO Chris Payne, who was an EBay executive for more than six years, has been named CEO for dating site Tinder. Pinder left his position as EBay Marketplaces VP in December. He announced his new role with a tweet: “It’s a match! I swiped right on Tinder! So fired up to work with @seanrad and the entire Tinder team.” (Read more … ) Chinese online above 10 % of 2014 retail revenue Official data from China’s National Bureau of Statistics indicate that online shopping value accounted for 10.7 percent of the country’s total retail value in 2014. The total transactional value of the country’s online shopping market exceeded $253 billion U.S. (2.8 trillion yuan) last year. According to the latest data from IResearch, a market researcher focusing on the China Internet industry, this represents a staggering year-on-year increase of 48.7 percent. It is expected that, with regards to current shopping trends … (Read more … ) Snapdeal in India to double its workforce India ecommerce marketplace Snapdeal has announced plans to double its workforce by the end of the 2015-16 fiscal year. The proposed increase to a 10,000-strong workforce across verticals is necessary to support the company’s ambitious expansion plans. Aimed at increasing delivery operations and capability, the plans are reportedly worth $150 to $200 million. Regional centers are being established across the country to provide proximity to customers, which will add to the more than 30 offices currently in operation. At least 15 percent of the planned hiring will feed the supply chain and operations manpower needs. As part of Snapdeal’s growth strategy it has been acquiring Indian companies that will allow it to become a luxury goods site, moving from general consumer to a niche marketplace. In February it acquired … (Read more … ) © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 51 Vol. 16 No. 6 Classified Intelligence Report MercadoLibre to grow 60 percent in 2015 Latin American ecommerce and technology company MercadoLibre, which also has a growing classifieds business, expects to grow by 60 percent in 2015, Argentinian news agency Telam reported. “We had a good year for ecommerce and we expect to grow between 58 and 60 percent in 2015,” Sean Summers, marketplace VP at MercadoLibre, said recently. He said MercadoLibre (Nasdaq: MELI) grew 100 percent in Argentina in 2014 and forecast ecommerce to advance even more in the years to come, adding that ecommerce “is still … (Read more … ) Fatfish investment backs Seek challenger Sydney and Singapore-based internet ventures firm, Fatfish Internet Group, has invested $40,000 in Singapore dollars seed funding (A$50,000 / $36,500 U.S.) in online recruitment start up Nvoi, launched in November as a disruptor to market giant Seek.com. Fatfish is one of a number of investors contributing to a A$400,000 seed round in Nvoi ahead of a planned public listing for the company this year. Nvoi is a cloud-based platform specializing in temporary and contract whit- collar recruitment, targeting hiring managers in … (Read more … ) Homely in Australia makes its bid Melbourne-based property portal Homely.com.au, launched in late 2013 as a banner-ad free alternative to traditional real estate portals, has launched its first consumer campaign, luring buyers with promises of unrestricted search capabilities and comparative freedom from unwanted marketing. The consumer campaign includes billboards on Melbourne’s West Gate freeway, as well as ad shells, direct marketing and online social marketing. At launch Homely had 1,700 real estate office sign ups and 100,000 listings, with real estate principals paying for “whole office” sign ups rather than for individual listings. Lower costs for property portal advertising are promoted … (Read more … ) Monster, Kalaydo partner with Kleinanzeige.focus Earlier this week we reported (here) Kleinanzeige.focus.de, the classifieds search engine for Germany operated by news site Focus Online, was on a path of explosive growth. Feedback on our article now enables us to explain in more detail what has happened at the site since its launch about five months ago. According to a source, at launch the traffic goal for the site was 2 million Google Analytics sessions per month by the end of 2015. … Four months after the launch traffic approached … (Read more … ) © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780 Page 52 Vol. 16 No. 6 Classified Intelligence Report LinkedIn ads stink, says SEM expert According to search engine marketing expert and WordStream founder Larry Kim, LinkedIn ads “stink” because LinkedIn’s marketing of them and marketing delivered by them are also odoriferous. In a Small Business Trends article, Kim points out that LinkedIn’s 93 million “active” users only generated $153 million in advertising revenue for LinkedIn in the … (Read more … ) Social media huge classified competitors You’d have to have your head deep in the sand not to have noticed that major social networks are getting ready for (or have already started on) an evolution to marketplace, launching or acquiring various revenue inducers and / or marketplace tools. A classified or marketplace publication or group that ignores this trend does so at its own peril. Here is a sampling of the important moves Facebook, Instagram, Twitter and Pinterest are making: (Read more … you’ll have to be signed in with your AIM Group client ID.) Zillow launches Agent Finder review product Zillow has introduced a new agent ratings product that takes aim at the Achilles heel of Realtor.com – its lack of reviews because members and the National Association of Realtors don’t want them there. While Realtor.com has a poor-cousin recommendations feature, it has yet to debut anything that is a truly-reliable view of agents by those who’ve been their clients. (Read more … ) Avito --- the insiders' story The two founders of Avito.ru, the Russian classified powerhouse, “tell all” in a 45-minute podcast with BreakIt.se, a new Swedish site. They talk about their difficulties, their mentors, and their plans to go public. Unfortunately, the podcast is in Swedish --- so it may be tough for you to understand, unless you know the language. We’ve got you covered: Lars Herlin, our terrific writer / analyst for the Nordic companies, has listened to it and written it up. We’re editing his report as we wrap up this issue. It’ll be on our website, AIMGroup.com, latAvito founders: er today. It’s worth reading. Jonas Nordlander Filip Engelbert (rt.) © 2015 Advanced Interactive Media Group LLC [email protected] +1-407-788-2780