Avoiding Digital Ad Fraud That Kills Your ROAS with Rich Kahn, Anura: Show Notes & Transcript

Welcome back to Strategic Counsel by ForthRight Business! Looking for Marketing Smarts? You’re in the right place. After almost 4 years of helping to make you savvier marketers, we decided to broaden this podcast to include more business-oriented topics that will make you savvier business leaders.

In this episode of Strategic Counsel by ForthRight Business, we’re talking how to bring back our confidence in media spending with Rich Kahn. Listen to the episode on Apple Podcasts, Spotify, and your other favorite podcast spots – follow and leave a 5-star review!

• Episode Summary & Player
• Show Notes
• Marketing Smarts Summary
• Transcript

Strategic Counsel: Avoiding Digital Ad Fraud That Kills Your ROAS with Rich Kahn, Anura

Bots are everywhere. Yes, there are reasons to be worried. Ad fraud can hijack your campaigns and deplete your ad spend quickly. But, there is hope! Fortunately, there are some good agents out there cracking down on the bad guys – and bringing back our confidence in media spending. That’s why we welcomed on Rich Kahn, Co-Founder & CEO of Anura. They eliminate invalid traffic in real time – stopping bots, malware, and human fraud before they drain your budget. Here’s a small sample of what you will hear in this episode:

• What is ad fraud?
• Why privacy laws sometimes protect the hackers
• What triggers should market leaders look out for for ad fraud?
• What are the hackers going after most?
• The surprising reason ad fraud isn’t illegal

And as always, if you need Strategic Counsel, don’t hesitate to reach out to us at: ForthRight-People.com.

Check out the episode, show notes, and transcript below:

Show Notes

• Avoiding Digital Ad Fraud That Kills Your ROAS with Rich Kahn, Anura
  
  • [0:00] Welcome to Strategic Counsel by ForthRight Business
  • [1:28] Welcome Rich Kahn to the show!
  • [5:02] What’s going on with ad fraud?
  • [6:38] What can business owners who want to advertise do?
  • [8:52] How does Rich correct the damage?
  • [12:54] Privacy laws sometimes protect the hackers
  • [14:28] What is the hacker’s end game?
  • [15:53] What are the hackers going after most?
  • [20:43] What can clients expect from Anura’s services?
  • [25:36] What triggers should market leaders look out for for ad fraud?
  • [29:28] How do you know who’s a fraudster and who’s not?
  • [31:47] How do credit card companies know which transactions to block?
  • [34:52] Understanding email phishing
  • [38:52] Why has the Anura team stuck around?
  • [42:28] There will be more fires tomorrow…
  • Rapid Fire Questions
  • [45:21] The worst advice Rich has ever received
  • [45:50] Where’s the worst trade show?
  • [47:02] What is Rich reading?
  • [48:10] What do people need to know about ad fraud?
  • [49:48] What’s the most important action a leader can do right now about ad fraud?
  • [51:26] Make sure to follow Strategic Counsel on your favorite podcast spot and leave us a 5-star review on Apple Podcasts
  • [51:43] Learn more at ForthRight-People.com and connect with us on Facebook, Instagram, and LinkedIn

What is Strategic Counsel?

Welcome back to Strategic Counsel by ForthRight Business! Looking for Marketing Smarts? You’re in the right place. After almost 4 years of helping to make you savvier marketers, we decided to broaden this podcast to include more business-oriented topics that will make you savvier business leaders.

Thanks for listening Strategic Counsel. Get in touch here to become more strategic.

Transcript

Please note: this transcript is not 100% accurate.

00:03

Welcome to the Strategic Council by Forthright Business Podcast.  If you’re looking for honest, direct and unconventional conversations on how to successfully lead  and operate in business,  you are in the right place.  In our discussions, we push on the status quo and traditional modes of thinking  to reveal a fresh perspective.  This unlocks opportunity for you, your team  and your business. Now let’s get to it.  Welcome to the Strategic Council Podcast. I’m Ann Candido.

 

00:32

And I am April Martini. And today we’re going to talk about a topic that has a lot of you guys freaking out and that is digital ad fraud. I just say the word bots and people just have this like visceral negative reaction.  And reality is there are actually reasons to be worried. So ad fraud can hijack your campaigns and deplete your ad spend quickly, but there is hope. Yes. And you’re going to hear a different side of the AI conversation today from us.  You know, we have a

 

01:01

Let’s call it healthy skepticism.  But when we find ways to use AI for good, we feel compelled to share them. And before you all get worried, we do have a guest for this episode. and I do not profess to be experts on ad fraud,  but we certainly are experts on how it’s eroding confidence in media spending. Yes. And so without further ado, I’d like to introduce our guest who is expert Rich Kahn, CEO and co-founder of Inura. Hi, Rich. Would you like to introduce yourself and give the listeners a bit of your story?

 

01:29

My name is Rich Con. I’m the CEO and co-founder of an aura. Uh, we’re a husband and wife team that started the company. Shoot. I started the software. I’m a developer. I’ve been a developer since age nine. Holy cow. Wrote my first game when I was nine, got published in a, in a magazine when I was 12, one of those, those kind of guys. And, uh, so about 20 years ago, we had an ad network that my wife and I started and we had some problems with traffic while you didn’t know what it was. Started looking at it, realized it was fraud.

 

01:59

I tried to find a fraud solution in the marketplace and nothing existed. So  I said, well, I’m a developer. guess I’ll write it myself. And I wrote it myself and it worked great. And I kept progressing it and growing it. And then 10 years later, we got to the point where we had a lot of people asking to license it.  We thought, you know, this would be easier just to sell the company and call it a day. So we basically ran a process, hired an M &A bank, and we started running the process. And I spoke to  all the big boys  and they all said the same thing.

 

02:28

You know, we don’t care about your ad network, but the fraud software is interesting because it’s a big problem and it’s only getting worse. And we’d love to see how that, you solve it. Is it standalone and do you have clients behind it? We had to say no. And they all said the same thing. Once you do call us back, we got to look and we did some testing against us and some market players to see if there was a, if we offered something different and we realized we actually have a better solution. So we decided to take out a second mortgage on the house and build a new platform and hire a bunch of people and get the thing going.

 

02:59

Wow. Awesome. Also scary. All of that. I but you know, if you had your first big entrepreneurial opportunity when you were 12, I think you’re now all had at it. So it’s a, it’s just now a process of what’s the next best thing or next big thing, right? Well, it was interesting because my wife and I could have retired before starting this business and you know, we’re a glutton for punishment. So after looking at the product,

 

03:28

and comparing it to the market players, like, oh my God, we’ve got to do this.  Like  it’s almost like I hate to use the word from an old movie, but a moral imperative. Like you really must do this problem because we’re solving something that other solutions are not. So we basically,  we moved a lot of the employees from one company to the other because you know, that’s the hardest part about building a business is finding good employees.  And I mean, some of my employees are still with us today. I’ve got one of my developers been with me 18 years.

 

03:56

My chief product officer was 15 years, my CTO is 10 years. My help desk guy that runs around in our compliance office has been with me 15 years. Like my personal assistant, 10 years. Like we have a lot of tenure with our positions. So running a company, we’re doing something right. You know, we’re not perfect. No company is, but I think we do a decent enough job that we have seniority. In fact, one of my guys, my longest 10 year person, I hired him when he was 19 and he was with us for 13 years and left us.

 

04:24

Uh to go to amazon because they pay a lot more than I can afford to pay And uh after three years, he wasn’t happy and decided to come back. So Wow That’s testament. Yeah, yeah, that’s testament for sure Awesome. We might ask you some questions on that later april’s probably curious because she’s the uh  organizational development half of of what Our little duo here, but let’s uh, I literally told myself in my head stop because I was gonna start down that path And i’m like not why we’re here today april not not right now. You can ask it later april i’ll

 

04:54

Maybe if we have some time later, you can ask, OK? Or you can ask as part of the rapid fire. OK, that’s fair.  Awesome. let’s start with getting a picture of the havoc digital ad fraud is causing. Talk to us about the impact. Because this was really, I mean, I didn’t even understand the full, like, just everything that’s been going on and just how huge and magnified it really is. So give us the lay of the land here. So because I can give you the numbers. The numbers, yeah.

 

05:22

The numbers are the numbers, right? But it’s understanding the impact, right? So I love watching Shark Tank. And I love when these new entrepreneurs come up with these great, unique inventions and are like, oh, this is for the baby sector. And it’s like a $10 billion industry. Or this is a $15 billion industry. And we just want to capture a small part of that. 1%. 1 % of that. Right. If we could just get one small percentage of that, it would make world of a difference. Well, 10, 15 billion.

 

05:51

This industry is $140 billion problem. So to put that in perspective, last year, I think as a global society, spent, depending on who you look, which article you read, it’s around $700 billion in global digital marketing spend. $140 billion. So about 20 % was lost to fraud. Wow. That makes you sick. That’s how big of a problem. And it’s growing. And we’re predicting by 2028, it’ll be a $200 billion problem.

 

06:21

So it’s no longer a question of if you have a fraud problem, it’s a question of how much fraud you’re dealing with. Yeah, that is a business all in itself. Put it lightly. industry. So like speak to like the tensions this is causing then for a lot of folks who are in the process of really wanting to do good by their digital ad campaigns and are scared, like I said in the intro, just like freaking out. Yeah. So

 

06:50

I mean, if you’re managing a campaign, whether it’s for yourself or for a client,  usually there’s some performance metric behind it, right? Hey, fill out a form because you want to get a roof, you know, a quote on your roof or,  you know, make this purchase on this new product that we’re selling, you know, from Shark Tank, right?  Shark Tank approved product.  And if you listen to those clients, they’ll say, hey, I keep getting leads that fill out the form that have no idea about who we are. Or I keep getting Mickey Mouse to fill out my forms.

 

07:18

Or I get charge backs where you know the somebody comes in the the user credit card everything looks good I ship the product and next thing you know I get a charge back because it was a stolen credit card I’m out the product. I’m out the charge back fees and I’m out the money  You know if you hear those and they’re common  conversations that  Media managers or campaign managers are coming across that’s fraud and it’s happening on average 25 % of the time So when we bring on a new client

 

07:48

We’re seeing an average of 25 % fraud. So when I gave you that 140 billion, that only represented 20 % of the marketing spend that’s being very conservative. Because if I, if I said 25%, it’d be much bigger number. So we’re trying to keep it really, really conservative, but it depends on the marketing channel that you spend money on. There’s I think eight marketing channels that are out in the marketplace or nine, depending on what you look at. like the biggest channel of marketing is programmatic, right? So you display in your TV stuff.

 

08:18

that has an average of 50 % fraud. Oh, geez. I mean, it’s out of control. I mean, if you look at Google search, and I’m not talking about Google search partners and all that, I’m just talking about search on google.com, you know, has five to 10 % fraud. Still, there’s still a level of fraud that hits that network. So we

 

08:39

focus in our business and I was thinking about, gosh, our clients are going to listen and they’re going to start freaking out.  we focus on small to mid-size B2B service based and nonprofit for our business. Not that everybody’s dollars aren’t precious, but specifically, right? They’re wanting to do spend in places that really make sense for them, more limited budgets, those types of things.  Talk to us about, well, how do the conversations go? I can imagine how.  And what do you do then  to kind of jump in and right the ship?

 

09:10

right? Because like we said, we’re not the experts, but we certainly know what happens when somebody gives us exactly the examples you said. You know, they’re filling out forms, nothing’s coming through  or you know, some random person that doesn’t exist when I trace it back, all those things happen. So give us some insight there. So essentially at that point, that’s the sign that you have a fraud problem, right? So now you have to go about and fix that problem. And with AI today, it’s not something that you can easily do yourself. So

 

09:37

And it’s expensive, right? So let’s say you just thought, I’m a technical company, you know, I’m a B2B, I know what I’m doing. I’ve got some really talented people on my team. Let’s build it ourselves. So to build it yourselves, you need probably a couple of developers at minimum to start. So you’re talking three, four developers that know what they’re doing. So they’re not cheap. You’re a couple hundred grand a year each. Then you’re to need data lake. You’re going to need, you know, a couple hundred thousand dollars worth of, you know, software and infrastructure to process the data and to store the data.

 

10:07

a look at the data. And so now you’re spending.

 

10:12

10, 15, $20,000 a month, and you’re just starting the process. Right. Right. You haven’t even begun to write software. You’re just starting to analyze data and figure out what’s real, what’s fake. But at the end of the day, you’re only looking at your data. So you’re only looking at data under one small lens. So a lot of times it’s more cost effective to license the technology like a technology like us typically costs less than the cost of one resource. We have access to a much bigger data lake because we’re seeing

 

10:41

Hundreds of clients data versus just one client’s data. We’re seeing all the different platforms. So if I see fraud, you sometimes I’ll see fraud happen on one vertical, like maybe it’s on health insurance and we see a special attack attacking health insurance companies. We build a, an hour, we update the algorithm to account for that and it’ll catch it before it hits other, other verticals because usually when someone finds a way to get to skate around one vertical, it’s just a matter of time before it shows up another vertical. So

 

11:12

And the way our technology works is as we’re collecting this data, we have machine learning running through the data, looking for anomalies and want to find something even small. goes to an engineering team with a lot of experience, a lot of tenure in doing this.  And that’s where you really spend the money.  If you’re building it yourself, you really got to find somebody who understands and knows the space. We even actually had a client, just to give an example, who relies on our data so much that they went into a hacking group that commits fraud.

 

11:41

and hired one of these black hat hackers to be a white hat hacker.  He’s gone that far  and he stays. He actually stays in tune with the hacking groups to try to figure out what’s going on. So  he hired this guy. He calls him a white hat hacker  and his job is to stay in the groups, listen to all the new hacks that are coming out and try to hack around our system so that if they can find something, they can bring it to our attention so we can fix it because of

 

12:10

They can find it then sure enough, you know the world that’s committing 140 billion dollars with the fraud is going to find something. So it’s constant like it’s a constant battle. Think of it this way. Every time a new version of Windows used to come out, right? Oh my God, look, there’s all these kind of hacks because it’s a new version of Windows. Well, how often is a new version of Chrome Safari Firefox? How often do those come out? It’s like every month. So every time a new one comes out, they make plug some holes for some type of fraud.

 

12:40

But they open holes and are the security vulnerabilities or privacy laws that we have developed in this country. Protect the fraudster. You know, and just give an example. When we first started this project, we were able to get the UD ID identification numbers of a cell phone. So I can say I’ve got a device ID for this cell phone and you’re used to able to grab that through JavaScript, which is the technology. It’s a client side technology that we use to run our code.

 

13:09

not too long after we were started the project, they pulled that away.  said, well, want to keep it private. want to keep privacy is important to people.  What does that do? It also allows the fraudsters to be able to hide behind that privacy. So while we’re  proving these privacy policies out and people want to be private and I get it.  I want to be private. don’t want Facebook listening to my phone when I’m talking in the car and then showing me ads for what I was talking about,  which we all know happens.  want to be, I want that kept private, but yet.

 

13:38

It’s private to some people, but not to others. Like privacy is big in Chrome.  You don’t think Google has access to all the privacy stuff that’s behind it? No, they have access to all that stuff. We all know that. We all can pretend that it doesn’t exist, but when you’re sitting there and all of sudden next thing you know, stuff you talk about or stuff you’ve been looking at that’s supposed to be in a private window, start showing ads for that type of product, that type of service, you know there’s a problem.

 

14:04

I find it very interesting to people are still very conservative about their social security numbers. I’m I’m like April’s five year old or six year old can find my social security number if she really wanted to. I’m like, it’s not that hard anymore. But people are just like, oh no, I can’t send them my social security number. like, That said, it’s like put us in the brains of these hackers, right? What are they looking for? What are they trying to do? What is their end game here? Oh, yeah.

 

14:34

And how are they doing it? Why are they using their powers for evil? Well, here’s why. You remember the old statement? I remember growing up and it used to be a commercial out pop on crime doesn’t pay the average fraudster. read an article and I believe this to be true. The average fraudster makes five million a year and is not breaking any laws. Because there’s no laws on the books that state you can’t do ad fraud.

 

15:02

Now we all know logically it’s Right. But morally, yeah. Show me a law that  a lawyer can go after and then,  OK, let’s say there was a law in the books. How do you track down that fraudster? What privacy laws that protect your privacy? So  we built a system that encourages fraud because, OK, let’s say you’re not in America. Now nothing that there are no laws out there internationally and say you can’t do this.

 

15:31

And you know what international labor labor costs are very low compared to the US and the average fraudsters making five million a year Who do you think’s putting that all together? organized crime Right you hire a bunch of smart intelligent people you tell them what you want done. Look I can teach you all how to be a fraudster today Right, and you don’t have to be technical about it the technique technology is already out there You know, you can go on the dark web

 

15:59

and find  human fraud forms to commit ad fraud. Arm them with an affiliate link that says, want you to go to this link, and here’s a list of 1,000 people’s names that would  just 1,000 people’s information. So in other words,  they’ll have Rich Con’s information, my name, my address, my phone number. Go hand fill out a form and spoof the IP address so it looks like it’s coming from Middletown, Delaware, which is where I live.

 

16:26

Spoof of the device so looks like it’s different devices coming from your system, which they have all the technology for. But you as the manager don’t have to have the technology. You just have to find the human fraud farm, tell them what you want done, give them a database of names to fill out. And then every time they fill out a form, you make them 15 bucks, 20 bucks.  Or if you do in the legal side of things, you could be making a hundred or 200, $300 per  form. How many forms do you think a human can fill out in an hour?  nine bucks an hour to license these people.

 

16:55

Because the human, you know, the laws, their labor costs are very low. So you pay $9 an hour to license these forms. They have all the technology set up. All you have to do is give them the basic structure and you’re up and running. And imagine if that one person worked 40 hours a week. What if he hired a team of five or 10 people to do this? How quickly can you make five million a year? And what are they looking for? Like, what are they, what are they going after right now? Like what’s the hot stuff? It’s anything. Anywhere people spend money.

 

17:23

is a target because that’s what they’re trying to accomplish.  let’s say it’s let’s say it’s lead generation, which ultimately a lot of companies ultimately have it come down to  my son owns a power washing company and Christmas light company. They fill out a form.  It’s for him. That’s that’s the end game is to get a form filled out, which he’s paying for. So they know in order to attack and get paid money to fill out that form, I have to have a name that matches the phone number and email address, which is very easy to get on the Internet. Well, you said, look, they can get your social security number.

 

17:53

They give you your phone number and email address and a heartbeat. It’s cost you nothing. They get that information. They hand fill it out so it  gets around most bot detection or captures, right? They throw up a capture. Human’s going to be able to fill it out.  fact, capture has been beat by AI for the last five or six years that  I’m aware of. It’s been beat. So that doesn’t help you to have a capture. It just slows down your real buyers and hurts the buyer’s journey. So you basically, they’re going after attacks like that, or they’re going after

 

18:23

There’s a whole  world that does click fraud. So in other words, like when you go to Google and buy traffic from Google, there’s that little  checkbox that’s checked off by default that says search partners. Well, inside the search partners are thousands and thousands of companies that are paid to drive clicks to Google’s advertisers. They sneak into those scenarios and are able to make money that way.  Display.

 

18:51

Hey, every time an  ad impression is displayed, you get paid. There’s, there’s countless ways to get, you know, fraudulent activity involved in that direction. Ultimately, the biggest goal is money. Okay. They’re looking to make money, right? That’s the short answer. How they do it. Every channel has got a different channel target. What are they targeting? Low hanging fruit. Somebody had, I want to say it was, uh, ADT. I think they had a commercial at one point where the criminal walks up to the house and sees the ADT sign and says, I’m just going to go to the next house. Right. That’s not. Yep.

 

19:21

That is,  yeah.  Why? Why have to deal with an alarm system if you don’t have to? If the next house doesn’t have it, right? So  as low hanging fruit, I think that’s what frauds just focus on. You don’t have a fraud detection solution. Right. You’re an easy target because you don’t even know what’s going on.  I can’t tell you how many people I think majority of the people that hit us up  organically are saying, hey, I’ve got a problem. I have no solution. I didn’t even know you guys existed.

 

19:51

Meanwhile, the first fraud solution came out probably in 2008 or nine. So they’ve been out there, just not, people just don’t know. And people just don’t know how to search for that. Like I’ve got a problem that they’re looking for the problem, the pain point, what’s going on. I’ve got somebody falling on a form and when I call them, doesn’t exist. So of course companies like myself are trying to build articles around that scenario so that when they do searches for those weird types of scenarios, we show up. But that’s what they’re doing is they’re trying to find out, it doesn’t matter, you know, what vertical, what channel, just where can I make money?

 

20:21

Do I make money on an impression, is one one thousandth a two dollar  CPM impression? Do I make it on a click where it could be a couple of dollars a click on Google? Do I do it on a form where it could be anywhere from  20 bucks to 400 bucks?  Where is the low hanging fruit? OK, so if we flip to, like you said, and I like the ADT example.

 

20:43

And I totally understand that reference, right? Like, okay, they come up to my house, I have it, why would I even bother? I’m gonna move on. So when you guys get involved, what is like the win on the other side? know, like what can the clients expect? Do you clean it all up? Do you continue to maintain? And like you said, get in front of you, hire the black hat guy to be the white hat guy to kind of preempt what may be happening. Like what happens when they bring you in? Well, for our thing, the first thing we do is we want to scan.

 

21:11

Right. We want to do a free scan. It’s free trial. We don’t charge customers for it. We just want to find out, you know, because I’m a developer. My job is to solve a problem. You have a problem. Can I solve that problem? I can then I then I have a sales pitch. Right. So go behind it. But the first thing I want to do is understand what kind of problem you’re dealing with and how bad is it? So they simply drop a tag on their website. In fact, 75 % of websites are built using Google Tag Manager. We’re pre-built in the Google Tag Manager. So takes two to three minutes with no technical lift.

 

21:41

You don’t even need a developer to deploy our code. Okay. Somebody who has access to be able to drop a tag. Okay. We drop the tag and our whole goal is not to do anything, just to  monitor and find out two questions.  One, how much fraud do you have? Okay. And two, where’s it coming from? Okay. And that gives us our ability to say, hey, look, you’re dealing with 25 % fraud. It’s coming from this, that, and the other place. Here’s the game plan of how to use our technology to ultimately solve that problem.  And…

 

22:10

Usually the ROI for our product, cost of our product versus what we’re saving you is significant.  It’s many, many times over what you pay us to in the refund. Otherwise, if we cost you more than the cost of fraud, then what’s the point? What’s the point? Yeah. You’re to pay for fraud.  But we have  ROI as many times over. So our goal is to identify that. And then we can have a solid conversation with somebody because nine times out of 10, when we first start talking to them about the product, it’s like, wow, I know I have it happening. I don’t know how often.

 

22:39

Let’s find out. Let’s exactly how much fraud you’re dealing with. If it makes sense to work together in this way, when we sit down and we look at the math, it’s a it either makes sense financially or it doesn’t. nine times out of 10, it does because they’re having if they’re if they’re seeing the problem. Yeah, it’s big enough that there’s a problem. Like I had a company call me. I was working with a company not mentioning names, but I was working with a company and it took four years before they became a client of ours. And they’re beginning to like, yeah.

 

23:09

We know that it exists. I don’t think it’s happening to us.  We’re not ready for a trial and then things went on then And it was out of the blue all of sudden like in one quarter. They realized a lot of complaints from clients a lot of issues  Now they get on the phone. They call us and like hey  We think we’ve got a big problem And then you basically run the scan to find out 60 percent of their traffic is fraud So what’s happened is over time like if you had five or ten percent fraud

 

23:37

probably just dissipates inside the campaign. It’s like probably just the cost of doing business.  know, hey, it’s a big amount of money and it can especially depending on how much you spend, but it may not be a big issue. Once you start getting above 10%, 10, 15, 20%, you start to feel the issue. Like there’s a problem here. We need to figure this out. If it gets north of 20%, the  sky’s falling. Like they know they have to solve this problem. Otherwise you’re going to start losing clients if they haven’t already. So  we try to help them.

 

24:06

which our goal is to try to help people as quickly as possible. But some people have to be able to justify the cost, which is everybody does. So they have to sit down and figure out. And I always get that question. I think we can build this ourselves.  It’s going to question more money. It’s going to take a lot more time.  With us, we can step in for a lot less money than you can build yourself. And you’re taking advantage of hundreds of clients’  and 20 years of development instantly.

 

24:34

That’s that’s available to you day one. Like I just got off the phone with somebody and who’s doing programmatic spend They want to know well, do you already have a list of domains that are no good to buy on? I just want that list. Yeah, that’s client data We don’t release client data because we don’t own the data that belongs to the clients So our clients know that we can’t sell the data We can’t give out the data like we use it in aggregate to help find new threats and to write our front like we just released a 2024 fraud report

 

25:03

of like, where’s fraud coming from? What countries is it coming from? Who’s got the cleanest traffic? You know, what is the percentage of fraud? Like all these big numbers that we throw out, we have a whole report designed around this and we use it for that kind of data, but we don’t disclose, you know, so and so had 24 % fraud. Like we solved that. That would not be a good sales pitch. Oh, don’t use a Nora because what’s going to happen is they’re going to disclose your percent. That’s why we have NDAs between our companies so we don’t disclose that information.

 

25:32

That privacy is good privacy. Yeah. Yeah. Well, let’s pull it up a little bit because I know if I’m putting myself in the position of a market leader who probably knows enough to be dangerous.

 

25:50

How would you talk to them about what is potentially going on, especially if we’re talking about digital ad spend, which is how we set this up? Because we know that they’re sitting there going, well, then why should I even do a digital campaign to begin with? Because if I do it and I’m losing 25%, but then I have to pay for somebody to manage my fraud, what’s even the point? So there’s a little bit of that going on. But then it’s like, what are the triggers? What should they be looking for? Obviously, you said we’re getting

 

26:16

fraudulent responses on forms and stuff like that. But when you’re doing more of like an ad campaign and it’s clicks back to your website and you those sorts of things or clicks to other places, like what are you seeing? Like, and how would you talk them through about like  what should set up a red flag for them  as they’re kind of thinking about their digital ad programs or how to set up their digital ad programs or the ad campaigns in a way that they can avoid this from the beginning? I look at it this way.

 

26:46

Sure, you can go back to advertising the newspapers. Right. But who’s there? Fair enough. You know, was actually I just took a flight back from from a trade show and an older gentleman next to me sat down and cracked open a newspaper and I turned and asked him, I said, wow, I didn’t know they still print those. But they’re a lot thinner now. Yeah, yeah, it was. It was. But my question is, is in marketing 101 is be where you’re where you’re.

 

27:14

ICP is be where your ideal client profile is gonna be and they’re all on the internet  Right. Everybody’s got a phone. Everybody’s got a laptop. We all are digitally connected So you don’t have a choice, but if you want to market and they always say the most amazing thing happens when you don’t market nothing  You got a market and if we’re gonna market you’re gonna market where your people are they’re gonna be on the internet so Deciding you know, I’m not gonna market where where digital fraud is is not an option

 

27:43

You have to advertise there. So the whole question is, you know, some people hire, you know, media managers to do what? To improve their return on ad spend,  ROAS. Improve that. And how do they do that? They do that through effective managing. Because again, let’s say you had a campaign that was clean of fraud. You’re using our product. You have no fraud. There’s still a lot of optimization that has to happen.  You’ll need to optimize your campaign for the right audience. You know, if you’ve got a  monster truck rally and I did a campaign for a monster truck rally one time.

 

28:13

The last thing you want to do is advertise to older older women. That’s not the ICP, right? You’re looking for the younger crowd. You’re looking for a certain demographic. You’re looking for the certain type. Now if I had a knitting magazine, that might be, you know, for the older generation. Less, you know, but like I said, all different people do it, but they’re different stages of life. So you’re trying to find the right audience. So a good media manager is going to be looking for the right audience that’s going to have the highest level of performance.

 

28:40

and meet the campaign goals of whatever the spend is. If you have a spend of $100,000 a month in digital marketing spend, you want to spend it where it’s most effective. So we’re just another tool to eliminate  non-productive audiences.  The audience that we’re eliminating  is truly non-productive. They’re not going to generate real revenue for you. So by eliminating that audience, the rest of the audience automatically increases  in  the digital marketing spend and increases the ROAS on that.

 

29:11

So  that’s really what you got to focus on is just a good media manager, whether it’s internal or an external manager, is focusing constantly on improving the performance based on improving the audience. And what we’re doing is just identifying an audience that doesn’t work. And then how do you block that audience from being part of what gets searched? Well,  every channel is different.  A great example is search and social. You build a negative audience.  Or what do they call it? Exclusionary audience.

 

29:41

an audience that you don’t want to So, how do you know that if people are posing as your target? So if these fraudsters are trying to get your money, I’m assuming they’re sophisticated enough to kind of pose as your target, right? And then they kind of come in and try to infiltrate. Sure. If I’m understanding right. So what’s that look like? Like how do you know who’s a fraudster versus who’s not? You need software to understand the difference, unfortunately.

 

30:09

There’s no way around it. You need to be able to identify them and you need software to do that. Example like our software, what it looks at when somebody lands on a landing page, we look at over 800 data points on the user’s environment, hardware, software, plugins, everything we can grab.  The only PII that we grab is, and I disagree with this, which is the IP address.  GDPR standards says an IP address is a unique identifiable data point, which I disagree with. You know, if you’re going up to a cell tower,

 

30:38

You’re sharing that IP address with hundreds, if not thousands of people. You go to a Starbucks, go to a conference. Heck, even you’re in your home, it’s not, it doesn’t belong to you because you’ve got people in your home beside yourself and dozens of devices that are sharing that IP address. So outside of that IP address, we don’t collect any personal identity. I don’t care if it’s your name or not. What I’m looking for is, the person that’s entering this information trying to hide themselves? And that’s all we do. It’s very simple, complex on how we do it, but

 

31:08

It’s pretty simple. The concept of what we’re looking for. If they’re trying to hide themselves, they’re trying to spoof the IP address, trying to spoof a device, trying to trying to pretend that there’s somebody that they’re not. That’s when we catch it. Like a great example is there was a Vesor MasterCard commercial out not too long ago. There’s an older gentleman sitting on the back porch and he’s got his he’s got his computer out, laptop out, he’s got a credit card in hand. He says, I’m going to buy this dress and it comes out as a young woman’s voice. He’s impersonating a young woman.

 

31:36

one reason or another, but he’s using a stolen credit card. So  at that point, that’s what we’re looking for is somebody who’s impersonating somebody else.  Well, it’s so interesting too, because I’m running through my mind. We had a recent thing with our credit card. Like typically, it’s like an outrageous thing, right? In times past, it would be like someone went and spent a few grand at Walmart, and that’s not somewhere we shop or whatever, right? But there was one recently where it absolutely could have been us.

 

32:04

And I was like, isn’t it interesting to your point about being able to mimic and then, and to your point about, how do you know the difference? I still don’t understand how the credit card company flagged it, but I have to imagine it’s some way like this where they’re looking at 800 data points and something didn’t line up that it’s me or Bryce using the card. There I had, had a similar situation where I had a speeding ticket, so I was going a little too fast and gave me the website to go to. went to the website. I must have mistyped it and a fraudster must have been buying that mistyped domain.

 

32:35

I landed on the landing page. looked legit. And I figured, wait, I typed the address in. must be the right address, right? And looked legit. I filled it on. My information hit submit. And then I got probably within an hour, I got an alert for my credit card. Did you make this purchase? And I’m looking at the site and I’m like, no, I didn’t make this purchase. So I said, all right, block it as fraud. So they shut my whole credit card down. And I only have one credit card. I only use one credit card. So like I’m traveling right now. I’m on business. I need my credit card. So I had to go back and undo the freeze.

 

33:06

And then  two weeks later, I got another charge from the same company. And again, none of the charges went through, the company, my credit card company flagged them as bad  as fraud. So I went ahead and looked at the information. I called the number that came through on the transaction. said, I don’t know how you got my information, but I didn’t sign up. He said, what’s the last four digits of your credit card number? I’ll take care of it right now. Like they knew they were doing something bogus.  That’s a different type of fraud.  Right? They’re stealing, they’re getting, cause you know how hard it is usually to get

 

33:34

off of once you get onto like a recurring charge, you call them up, goes to voicemail. They send you a link to go to, it takes you down a long path. Like this is a different type of fraud. It’s a phishing type of fraud where they put the information in and they were collecting information. you don’t call it, it was like, I want to say it was 1999. So how many people take the time to block a 1999 charge? And it takes time. It’s not like, you know, most people have real time flags. Oh, you spent more than right. Five hundred dollar charge limit. Right. Right.

 

34:03

Oh, I got I got the alert is over 500 but no, this is well below it. It was 1999 Then you start looking through you so you wait until your credit card bill post then you get the bill and then you look through it and Maybe you catch it. Maybe you don’t because it’s a small charge You’re like, don’t recognize. I’m probably something I did I can’t imagine somebody’s trying to rip me off for 20 bucks, but they they do that in mass Over time. Yep, and they make a lot of money. Well, I mean that also leads to another question We get asked a lot which is a little bit ancillary to this but bring it up for

 

34:32

completeness because we know they’ll ask is the whole malware security, know, having people hold your Your accounts ransom and having them hold your your whole systems ransom What do you have to say about that? Like what? What should people be doing about? that piece of security That’s really that’s a different type of type of type of fraud, right?  So what happens is and it’s mostly through email a lot of times what they’ll do is it’s a phishing technique

 

35:02

And they make the bait look good. So it looks like you got an email from bank of america and you know you do and you just happen to bank with america which millions of americans do And it says oh, you know, we have some update on your account click here to log into your account and being lazy People click on the email worst thing you can do Yeah, just go to the site. Yeah, go to the site directly like if you look at the actual link You’ll see that it may say bank of america. Dot

 

35:28

Something.us.russia, right?  It always has some weird address to it.  But a lot of people don’t look at that. They just say, oh, this looks like my bank. Click. That’s the first problem.  Then you go and you put your username and password in there. They assume a lot of people use the same username and password for everything else they do. And they can try to access your machine  using the same username and password. So one thing is make sure you use different username and passwords for everything that you log on to, which is a pain in the butt. So many things.

 

35:57

It is what it is.  But at the end of the day, yeah, so it’s it  don’t don’t click on email links, even if it’s your bank and you trust it, just go straight to the bank itself.  Log in the old fashioned way by by going into that. That’ll eliminate a lot of that issue. There are more advanced tech tactics, obviously, that can take advantage of your machine and hijack your machine, because let’s face it, I mean, if a hacker wants on your machine and you’ve got valuable data on your machine, they’re getting in,  they’ll find a way. But it was funny, I took

 

36:27

a white hat hacking course  years ago because there was a guy that was coming to town that was doing it who is a well-known hacker and he was the one teaching it  and I was very interested I’m like I gotta go to this one  and he was talking about it  and there’s a famous lawsuit of one of  the world’s biggest hackers and they said how did you crack the username and password to get into the account and his responses  most of the time I just asked for it

 

36:56

He’s like, what do you mean? So he goes, I’ll give you a perfect example. He was trying to hack into a bank and I think it was the bank. So he did some research and this is all social engineering. So he did the social engineering and looked at new when the people were going to be like the security people are going to be there when they were not going to be there. And he walked in dressed up, dressed the part of a security engineer said, oh my God, I’m late. My boss is going to kill me. I’m going to get fired. I got four kids at home to feed and he played this whole story up.

 

37:26

And I don’t know the story itself, but he played up the whole story to the secretary that was there. And she’s like, oh, sure. I’ll help you out. Come on in. Let him into the server room. Got him access into the server room. And he came back out and he’s like, I mean, appreciate all your help, but I’m going to get fired. I don’t have the password. I left it at home. I got nobody at home right now. I’m going to be in trouble. Sure. Just use mine. Oh, geez. Oh, it’s social engineering.

 

37:53

It wasn’t like, I ran some special like like you see in the movies I ran some special thing that ran through a bunch of codes and and hacked me it used to work back in the day, but it doesn’t work anymore. Codes are just too complex right now. That’s how we did it. He basically just asked for the username and password. That’s how he asked, but he asked for username password and it was given to him and he logged into system to what he had to do. Just see that’s the using power for evil. But it was interesting to find out because the whole idea behind it is how do you protect your business from somebody hacking your network? And it’s like.

 

38:22

No matter what stop story can give you,  don’t share username password with them.  You know, that doesn’t exist. Like that. And was just like, it was all the things you should be looking for as a comp, somebody running a company to prevent somebody from hacking your network.  Wow. And that  was probably 2003 or four or something like that. I took the course and it was just the advanced stuff that they were doing then. Now it’s a lot more advanced. Oh yeah. Lots of really, really fantastic insights there.

 

38:52

April, did you want to ask about the team before we  get to the rapid fires? I know you’re dying to. Well, I mean, you did kind of open the door because, you just gave an example of a human being the problem instead of  what they’re hacking into.  But I mean, I would. So  as Ann mentioned, we do a lot of organizational development work. And that’s like my favorite  thing that we do right now for sure is all the people stuff.  I would love to hear just

 

39:20

From your perspective, why have all those people stayed with you for as long as they have? Have to ask them really that. Oh, come on. You have some years. Don’t be humble right now. Over the years, I’ve asked  and  a lot of them will say that we’re just the best group of people that they’ve worked for, the best bosses, which is me and my wife. And we try to treat them  the way we’d want to be treated. Like we’re specific about certain things, but we always talk about family being important to us.  Now, it doesn’t mean take off any time you want. It means.

 

39:48

So our time off schedule, right? You can take as little as an hour. Let’s say your kids having a baseball game and you want to make it. We encourage you to make it. Just take an hour off. You don’t have to take a half a day and burn a half a day. Take a hold. Just take the hour. Take two hours. Take what you need. You know, very important. Our schedule is eight to five. We’re pretty strict with that. We’re in office. We’re big on in office because I love to just walk around. I love to watch people collaborating. It’s just all stuff you just lose when it comes to just 100 % offline. appreciate that. Yep.

 

40:17

So we’re big on in office.  Um, and I could just be old school, not changing with the times. That could just be part of me, but it’s just something that I live with. But  we work eight to five, but come five o’clock, I’m kicking your ass out.  Go spend time with family. That’s our work balance. Because when I first started the company, my wife and I started the company, we working around the clock. First off, it’s a new company. You’re just working around the clock anyway, but it’s yours. Yeah. And it’s yours. Right.

 

40:43

So, but there’d be times where like you’re just working, working all sudden, it just spills into dinnertime and it spills into nighttime and like, you just don’t ever get a stop. So it got to the point where we said, we need an office because we got too many distractions in the house, you know, between the kids. We had four, we four kids. have too many distractions in the house between the kids, the animals and everything else. We need an office. So we got an office and we said, okay, eight to five, we’re going to focus 100 % on work and five to nine, we’ll focus 100 % on family. And that became the work balance that we’ve

 

41:13

And still in our office today. like come five o’clock if we still we walk around the office as we’re walking out someone still working. Hey, come on tomorrow’s another day like go spend time with your family That’s what it’s about.  And I think people appreciate that a lot, you know, it’s always like well, how come we can’t work from home and well  Can’t have everything like in our business. You can’t have it all so but for us it’s you know, we invest heavily in our office we invest heavily in the office environment  and the core values  and

 

41:41

So when we’re here, we want to get work done, focus on work, concentrate on work, get it done, and then go home and spend time with the family. So I think it’s the work life balance that we offer. Cause I talked to a lot of people that work remote and five o’clock they don’t stop.  They’re still working because they’re making up. Especially in your business.  Yeah. Maybe they took off a couple hours to take a long lunch, maybe  they’re finding themselves, they’re now responsible to get the job done.  It doesn’t matter what time of day or night that is. I have people that I know work remote that

 

42:11

They start at eight o’clock in the morning and they’ll still be working come nine, 10 o’clock at night. They just don’t get a break. Yeah. Well, and I think the other piece is you’re setting and holding to expectations on both sides.  Right. Like it’s eight to five here in the office. There’s a plan if you need to leave. But then also, if I find you here at five o’clock, you’re out. Not I’m going to take advantage of the fact that you’ll work yourself to death because that’s type of person you are. Yeah. Appreciate it. And I think that that goes a long way with people.

 

42:39

They don’t get everything that they want, but they get a lot, a lot of what they want and they get the life balance that they need. Well, I think also it’s a really good reminder to everybody because you’re in a pretty critical  role with regards to what your company does. mean,  and it can be very easy to be like, there’s a fire all the time. There’s something to fix all the time and to have an actual point in time where you’re like.

 

43:01

There’s gonna be more fires tomorrow. The fires can wait, even though it feels very urgent. It’s a really good lesson for a lot of people who feel like, dang, if I don’t get this done, if I don’t get this worked out today, if I don’t like, and that’s the kind of the mentality of like, there’s going to be more tomorrow. So go in, spend the time, refresh, revive, engage, like do what needs to be filled back up so that you’re fresh again tomorrow or else.

 

43:31

The energy level just depletes to the point of no return.  I even tell our customers to the expectations.  We have really good expectations on support. So like another one, someone has a support request. It will be handled within one business hour. And we tell them to work eight to five Monday through Friday.  So if a response comes in after five o’clock, it’ll happen  before nine o’clock tomorrow. You’ll get an answer.  So they already know the exam now. I monitor every request coming through. So if I see your system is down.

 

44:01

all the fancy stuff that we have in the software and the hardware, checking our systems, failed us and we missed it. Guess what? My CTO is getting a phone call. That’s a fire that cannot wait till eight o’clock the next morning. But how often does that happen? I believe it’s, and actually it wasn’t a client that reported it was something that we caught internally. My CTO who’s responsible for network engineering was on vacation in Puerto Rico.

 

44:27

And in an area where internet reception reception wasn’t strong and he had to go find an internet section and fix it And he has back up in 15 minutes, but He’s one of the few that you know, unfortunately and I always tell people if you do your job, right the first time I will not have to bother you during vacation. I do not like bothering you on vacation Your vacation is your personal time. I don’t even care if you just took two hours off. Go see the dentist I don’t want to have to call you during your time off. Just make sure your stuff is working right and Something happened and something he didn’t anticipate and he had to fix it

 

44:57

But that’s rare.  that’s also the C-suite. Yeah, that’s point. C-suite’s expected to have to work beyond certain hours when needed, which is rare. We try to do it as minimal as possible. Awesome. Well, thanks for sharing. know you just made April’s Day.  Before we wrap up and let you close us out,  are you up into some rapid fires? Sure. All right. So your first question, what is the worst advice you’ve ever been given?

 

45:26

Trust somebody other than yourself. So  in other words, you’re doing a marketing campaign. Trust the campaign managers know it better than you. Nobody cares more about your campaign than you. So while I trust, but I verify.  I know you said you’ve been doing the trade show circuit. What’s been your most favorite place for a trade show? Anything but Vegas.  I feel you on that.

 

45:54

I love Vegas. I do not love Vegas. Look, I’ve been to 10 trade shows so far this year and five of them were in Vegas. good. I out. That’s fatigue on top of fatigue. Yeah, I’m so Vegas’d out. So anytime it’s not in Vegas, I’m like, yes. But if I had to be honest, my favorite place so far would have been Dubai. Oh, good one. Yeah, very good. Anything specific as to why? The city is just absolutely incredible.

 

46:21

The sidewalks are decorated with flowers like you’d find in like a high end, you know, home or hotel or, know, and the whole, the whole city is like that. Everything is just like done up to the nth degree. It’s just, it’s just beautiful out there. Everybody’s so nice.  Yeah. There’s some weird rules like my wife and I, you know, you’re not allowed to hold hands, you know, the kiss in public, no PDA. Otherwise there’s jail time. Like it’s, it’s serious when you’re out there, but the place is just so nice. And it’s just,

 

46:49

You know, the food was delicious. Everything was really nice. I enjoyed it. Oh, wow. Well, good to know. Good to know the rules. to know.  And the final one, which I we asked this a lot of people, I think it’s extremely interesting. I see here, though,  is what are you reading right now? You know what? I haven’t picked it up in like two weeks, but it’s a book by. Was the  the cybersecurity expert that’s on the shark tank, Robert Hershvick, right? Yeah.  Yeah.

 

47:18

I’m a huge fan of that show too. I think I’ve seen them all. I’m just playing catch up. I think I watched them up through a certain season and then started getting caught up in other things and stuff like that. So I think I’m a season or two behind, I enjoy listening to entrepreneurs come up with unique ideas and I just love the entrepreneur spirit and especially when they have a, I love it when I have a product that’s no good. They’re like, no, this is great. They’re pushing it. I that pitch.

 

47:47

Yeah, when Mr. Wonderful talks about being the cockroach where you should take behind the barn and shoot it. Yeah.  You could just see their little hearts just breaking apart.  I know I’ve had some bad ideas in the past. So  I know the feeling. know the feeling.  Oh, gosh. That’s awesome. All right, Rich, to wrap this up, anything to close us out with that we didn’t talk about you think is really critical for people to know and then obviously tell everybody where to find you. Yeah. So one thing I’m to tell everyone is

 

48:16

It’s an idea. Everybody knows bots are a problem and they know frauds out there and they’re curious about it. Well, one of things we do is a lot of education on our website. So in nor.io and you are a legacy. It’s spelled here. I O or.com takes you to the same place. But essentially we have three or four blogs that come out every week talking about the subject. We have a lot of case studies and not case studies, white papers and  eBooks that we’ve written over the years. Usually release one a quarter. So like we just released.

 

48:45

the ultimate guide to ad fraud, which if you’re new to ad fraud, it’s a great read. It’s about 60 pages long. It’s a little beefy one about 10 chapters. And it goes through all the different stages and steps and stuff like that. We just released it because we didn’t realize the internet doesn’t have one. So we want to put one together and put it out there. Release video clips. I’m doing podcasts like this  probably two or three times a month. And then if you follow me on LinkedIn, I post snippets  of like Q and A’s that have happened over the overtime. So I put out about three of those a week.

 

49:15

just to keep people educated because it’s really it’s an educational for us it’s an educational sale. So we’re trying to constantly show people what’s going on, how what to look for the signs to look for things that they can do. You know, we even have some stuff on there on what they can do now. You know, if they’re a small company, they can’t afford a service like us what they should be doing now to try to minimize the impact. All that kind of stuff is on the website. Wonderful, wonderful. If you have a gift in closing us out.

 

49:42

for those people who may not be able to afford you guys, what is the  one thing or a couple things that they can do right now? Look at the data, follow up and follow the money. So if you’re looking at your data, you’ll be able to identify when you start to get attacked more so than others. Like I said, it’s not a question of if you have fraud, it’s question of how much fraud you have.  So I just spoke to somebody  yesterday, their small company just getting started. And we gave them a couple of tips of what to look for, what signs to look for.

 

50:12

When they start getting to a certain point and it’s beyond what they can handle give us a call. So it’s really keeping an eye on  Call disposition reports, right? So if you have a call center that’s calling your leads that you’re generating Two questions that they should be asking on those calls one is did you fill out the form? Which is usually the first question. Hey, we’re calling you based on the information you fill in the form and did you just fill it out? Because sometimes what what fraudsters will do is recycle old age leads A lead that you might have filled out 30 40 60 days ago

 

50:41

And they’re taking it and recycling it to get paid as a new lead. But this one, when they get the person on the phone, the person’s like, Oh yeah, I remember filling out the form. They never say weeks ago because usually what happens, you fill out a form, it goes through a quick check and it hits the BDR desk within seconds and they’re, dialing it. So things like that you want to look out for. So we have all that kind of stuff on the site. It’s a of stuff to read, or you can reach out to one of our fraud experts and they’ll answer any questions you have. Awesome.

 

51:11

Thank you so much, Rich. And with that, we encourage you,  all of our listeners there, to take at least one powerful insight you heard and put it into practice. He just gave you several really great ones.  And remember, strategic counsel is only effective if you put it into action.  Did we spark something with this episode that you want to talk about further?  Reach out to us through our website, forthright-people.com.  We can help you customize what you have heard to move your business.  And make sure to follow or subscribe to strategic counsel on your favorite podcast platform.