Read What Stays in Vegas Online
Authors: Adam Tanner
The ruse relied on hijacking the computers of thousands of users, who did not realize that their Internet browsers were reaching out on their own to these little-known sites. Often this hijacking occurred after an Internet user visited a porn site. As the Internet browser displayed erotic images, malicious software known as malware would secretly launch a second browser. The malware running the second browser would then visit hundreds of sites, suggesting that the user might be interested in getting a credit card or buying sneakers. But all the user wanted to do was watch porn. Dstillery eventually created a “penalty box” system to remove suspect traffic from its systems, at least on a temporary basis. “We don't want to dilute the models with signals from people who watch porn,” Perlich said. The porn sites may have had their own legitimate advertising on their pages, but Dstillery wanted to stay away from those murky waters.
At least initially, Dstillery's honesty hurt the bottom line. “A couple agencies told us we put you up against this other vendor and they are beating you solidly,” Phillips said. Overall, Dstillery fell short of revenue projections for the year, displeasing its three main investors. Phillips said most of the twenty online ad exchanges where he places ads are polluted, some severely.
“Everyone out there does shady stuff, sometimes inadvertently,” he said. Either sloppiness or deceit lies behind the click fraud. “Benign neglectâit's not so benignâthey are neglecting that they are buying shit. I'm not saying that they know. Part of what I am doing in keeping
that dialogue open with competitors is, I want to let them know that we know what they are doing.”
The Dstillery data scientists found that some of the sites with the hyperactive traffic were owned by AlphaBird, a San Franciscoâbased company that operated more than seventy websites, such as
wellhabits.com
,
brilliantriches.com
,
fundwiser.com
, and
fulloffashion.com
. The company advertised that it “guarantees targeted, engaged audiences for online video” and said it had “delivered tens of millions of engaged viewers for publishers, agencies, studios and Fortune 1000 brands.”
11
Chase Norlin, AlphaBird's CEO, initially declined to talk about his company, but he later agreed. He said he was not aware of the traffic patterns Dstillery had found, and said that even if some dubious traffic entered into online advertising systems from time to time, his company made an active effort to weed it out. “You have to remember that when you buy media, sometimes crappy stuff does get in there and our system is designed to filter all that out. Sometimes stuff does get through, and this could be one of those occasions, but it is usually caught pretty quickly because we have to catch it or the clients catch it,” he said.
12
Norlin stressed that any company seeking to operate a business based on fraudulent traffic would quickly be discovered and would not be able to attract clients. He added that his company ran sophisticated real-time filters against automated, nonhuman bot visits to its site. “If what you are describing is accurate, we would have been shut off a long time ago. We wouldn't be a business. It's literally that simple,” he said. “We're a vertically integrated digital marketing company. We are about a hundred people. This is not some, you know, two-person shady operation in Eastern Europe.”
Norlin asked for evidence of unusual activity Dstillery had found. One spreadsheet I sent him showed the journey of an Internet cookie bouncing among several AlphaBird sites on May 22, 2012. A video also showed that typing in one web address oddly kept leading back to two AlphaBird sites.
13
Some time later, Norlin wrote back saying he would not comment anymore.
I wrote Norlin again, telling him I had planned a trip to San Francisco, AlphaBird's hometown. He agreed to meet, but the day before our scheduled meeting he canceled the appointment and said he would want me to sign a nondisclosure agreement or he would not talk again.
Two days later, an AlphaBird official wrote saying that Norlin, company president Alex Rowland, and chief operating officer Justin Manes wanted to talk. They had heard that several articles were going to appear the next day and had become alarmed about the negative publicity it could generate. Somehow they thought I was behind the articles (I wasn't). In the following days, a series of articles was published on fake botnet traffic, some naming AlphaBird as one of the problem sites.
AlphaBird said the secret to its ability to attract Internet visitors to previously unknown sites lay in “buying traffic.” Although buying an audience might appear to be a daunting task, an Internet search of “buy Internet traffic” leads to sites offering to bring visitors to any web page. For example,
maxvisits.com
sells one hundred thousand unique US visitors for $114, or $94.98 per hundred thousand visitors from forty-five countries. The company promised “real and unique human website traffic, no bots.” It also offered traffic from web browsers that “pop under” the browser a web user is looking at.
Upgradevisits.com
said: “Using our own proprietary software, we are able to âpush' visitors that have landed on one of our affiliates directly (or through redirection) to your website.”
14
Manes explained how AlphaBird did this. “It is really easy,” he said. “You put your money in the machine and you buy visitors and visitors come to your site.”
15
Rowland said his company paid others hundreds of thousands of dollars to deliver visitors to AlphaBird sites. “We do that at massive scale. We're also looking at this and saying, âWell, we figured out a model in which we can basically buy audience to come into the site, and even without a high degree of return rates, we still make money, so why would we not continue to do that?'”
Some of the services selling traffic do acknowledge techniques that raise ethical questions. For example,
Fulltraffic.net
offered to generate a million worldwide visitors for just $190 when I first looked, a number
that increased to $450 at the start of 2014. The company tells potential clients: “Be warned that this type of traffic may not be delivered in the form of full page (visitors may leave your site before the entire content is loaded). Be also warned that these visitors ARE NOT IP Unique, which means that the same person may load the same page SEVERAL TIMES and each of those times will be counted as a âVISITOR' by FullTraffic.”
16
The team at AlphaBird, which advertised that it had offices in San Francisco, Los Angeles, New York, and Sydney, said that if some of the companies they had used to deliver visitors deployed botnets or other fraudulent methods, they did not know about it. They portrayed a thriving business, but some months after we last talked in 2013, the name AlphaBird had flown. Its website redirected to a different company. Many of the AlphaBird websitesâsuch as
Iamcatwalk.com
, which had once showed surges of trafficâalso no longer operated by the end of 2013.
A California business filing showed AlphaBird had changed its name to Emerge Digital, whose website listed Norlin as its CEO and Rowland as its president.
17
Its home page boasted that
Inc. Magazine
named Emerge Digital as the fastest-growing advertising and marketing company in Silicon Valley and placed it at number eight on a list of five thousand companies overall in the United States. In 2014, Norlin said his business was thriving, although he had closed down the various websites in 2013. He added, “We were never proven guilty of anything. . . . Owning websites and driving traffic to them is common business practice. Regardless, we exited that business after all the negative publicity, but this is still happening widespread across the industry. Hopefully the Interactive Advertising Bureau or other governing body will come up with a set of standard practices that companies can follow so that the industry as a whole can improve and provide more value.”
18
In the big picture, Perlich says click fraud continues more or less unabated. In fact, the deceptions have grown more sophisticated, although companies such as White Ops have emerged to help advertisers eliminate bot fraud. Their message to marketers is simple. “Sophisticated bots act like people, but they don't follow your brands or buy
your products, and they are diluting your metrics and the effectiveness of your campaigns,” it says on its web page.
19
The click fraud issue came to light because Dstillery did not target individuals by name; it had stripped out personal data at the heart of traditional direct marketing. The company does not know who you are and has not linked someone's details to an Acxiom or other company database on hundreds of millions of people.
By contrast, service businesses want to know as much as they can about each individual patron. Caesars executives think a lot about how to gather data on their customers while behaving in a responsible way, a recurring theme in the next four chapters. They have seen that through clever use of incentives, companies can influence what people do and how they share data. They put those insights to the test when they ushered in a major change to their loyalty program, one that risked alienating their best customers.
Seeking the Goldilocks Balance
Fostering Loyalty
The best businesses give consumers a choice whether or not to share their data, and offer benefits in return. The trick for executives is to strike the right balance when offering incentives. Big data helps companies such as Caesars tweak their formulas to best influence customer behavior.
People will share information for discounts or rewards, a trend that has accelerated in the Internet era. For example, some car insurers offer better drivers lower prices if they allow monitoring of their driving habits. So motorists agree to install a telematics device in the car's dashboard, which sends back information such as what time of day the person drives, how fast he brakes, and other characteristics. At a company like Progressive, about two-thirds of drivers in the program get a 10â15 percent discount. So far, the company has avoided charging bad drivers more because it has been encouraging people to sign up. But in the future, bad drivers will have to fork out perhaps a 10 percent premium.
1
At Caesars, data from loyalty cards set the reward levels to motivate how people spend money. That's why Dan Kostel received an offer for $1,000 in free chips and a free room and meals at Caesars Palace. It seemed he had hit the jackpot even before crossing through the casino's always-open doors. It wasn't, however, a case of good luck.
Caesars singled out Kostel because he looked like the kind of player who would spend a lot and because he appeared receptive to
their offers. They looked at a dozen or more characteristics such as how far away he is from Vegas, his average bet, his favorite game, the things he charges to his room, and how often he comes. If he has not come in a while, he may get a particularly enticing promotion. Once he starts coming regularly, the offers may diminish. If the company calibrates its offers properly, both Caesars and the customer end up happy.
Kostel estimates that he lost a total of about $5,000 at the blackjack table during his first year as a Caesars regular. He knows that gamblers sometimes underestimate their losses and concedes the same may have happened to him. In any case, he says the casino gave him at least $5,000 in free rooms, food, drinks, and other perks, so overall he is satisfiedâas is the casino. CEO Gary Loveman said Kostel likely helped the casino's bottom line, even though he received many freebies. “It is very unusual that someone whose actual loss in gaming is $5,000 or perhaps a bit more, for that not to be profitable to us,” Loveman says. “That's how it should work: we should be able to give you things that you care aboutânot have you littered with things you don't care aboutâand have it work out profitably for us.”
2
Learning More About Customers
Customers today may allow an electronic “little brother” in the car or carry around loyalty cards in exchange for discounts, but once upon a time, people held their personal information close. They warily eyed merchants who seemed too nosy and asked too many questions. Businesses got used to learning a little about customers and then supplementing their files with outside data.
Veteran marketer Barbara Eskin has noticed a shift in the public's willingness to share information. She started her career in 1979 at
Ladies' Home Journal.
Back then the magazine found subscribers by renting subscriber lists from rivals such as
Good Housekeeping
and
Family Circle
.
3
“People were much more cautious about the information. It wasn't as easily accessible and, moreover, people thought it should be their own personal information,” she says.
Over the years, Eskin saw growing sophistication in how much marketers could learn about customers. In 1983, the US Postal Service introduced ZIP+4, which gave marketers far more precise information than before, sometimes pinpointing a single large apartment or office building. Marketers started mapping out micro-neighborhoods with customer information that became easier to buy over time.
More recently, Eskin worked as director of the loyalty program at high-end chocolatier Godiva.
4
Like Total Rewards at Caesars, Godiva's program offers incentives to tease out customer information that could help drive more sales. Godiva offers a free piece of candy every month just for signing up, which initially meant volunteering basic details such as name and email. Members can collect their rewards, worth $2.25 to $2.50 retail (although it costs just a fraction of that to manufacture), at any US or Canadian Godiva store. More than five million people joined in the first few years after the program's 2009 inception. Yet it did not work as widely as Eskin had hoped. Many did buy more chocolate, but 1.1 million signed up and then disappeared. The company needed more information to understand the people who were interested enough to sign up but who did not become good customers.