Dashboard Manual Pricing Use Cases

Referral Fraud

If you're running any sort of referral or affiliate program, you know all about the fraud that comes with it.

Someone sets up a referral link, clicks it themselves from a different browser tab, signs up with a disposable email, and collects the bonus on both sides. Then they do it again and again and again. Referral fraud is one of the easiest abuse patterns to execute and one of the hardest to catch with conventional tools.

Dregs gives you the upper hand.

The Referral Abuse Dilemma

Referral and affiliate programs can be a powerful growth channel. When they work, your happiest users bring you more users just like them. But they also create a strong financial incentive for fraud — and fraudsters notice.

A typical referral abuser creates fake accounts using free or disposable emails, refers themselves, and collects the bonus from both the referrer and referred side. Some do this once or twice. Others operate at scale, cycling through dozens or hundreds of fake referrals with automated workflows. To your system, each referred signup looks like a legitimate new user arriving through your best acquisition channel.

The standard web application defenses don't hold up well against determined referral abusers.

Email verification Disposable email services pass verification just fine, and even real email addresses are free

Unique referral codes The codes work exactly as designed, the problem is just that the "referred" users are fake

Payout delays Waiting periods can buy you time, but often just mean the fraudster waits a bit longer to collect

Manual review Doesn't scale to large numbers of affiliate referrals, or when reviewers can't spot a pattern

IP restrictions VPNs, mobile networks, and coffee shop Wi-Fi make IP-based detection trivial to bypass

Referral fraudsters present as legitimate signups. Each individual account passes standard form validation. The abuse only becomes visible when you can connect the referrer to the accounts they're referring to themselves, and most systems can't do that automatically.

What Referral Fraud Costs Your Business

Unlike some forms of abuse where the damage is more abstract, referral fraud hits your bottom line directly. It also compounds far beyond the amount taken by fraud, because it erodes this otherwise powerful growth channel from the inside while wasting budget on fake users who will never generate real value.

Direct financial loss

Obviously, every fake referral pays out a bonus to someone who gamed the system. Referral credits, cash bonuses, free months, account upgrades — you're giving them to a fraudster and their puppet accounts.

Program credibility

When fraudsters dilute your referral program, legitimate referrers lose trust. Payout thresholds get raised, verification gets stricter, and the people who actually bring you good users get punished for the behavior of bad actors.

Distorted metrics

Your referral channel will look like it's performing well, with new signups flowing in. But the users are worthless. Product decisions based on inflated referral numbers could lead you to overinvest in bad marketing channel.

How Dregs Detects Referral Fraud

Dregs analyzes referral fraud from multiple angles simultaneously with its pipeline of AI-assisted analyzers. A fraudster might disguise one signal, but disguising all of them at once — device details, identity relationships, profile quality, and behavior — is substantially harder.

Relationship Graphs

Dregs automatically maps relationships between accounts that share devices, IPs, sessions, or behavioral patterns. When someone refers themselves, both the referrer and the referred account are linked together by the shared device. By the third fake referral, you have a clear cluster — the original referrer at the center, with a web of puppet accounts radiating out.

Referrer Device Matching

Self-referral is the most common form of referral fraud, and the simplest to catch. The fraudster clicks their own referral link and signs up from the same device. Dregs matches the device fingerprint instantly — no cookies, no IP matching needed. The Uniqueness score drops for both accounts the moment the referred signup happens, even if they used incognito mode or a different browser.

Profiles Lack Authenticity

Fake referral accounts exist to trigger a bonus, not to use your product. They tend to have the thinnest possible profiles: disposable email, minimal name, no optional fields filled in. The Authenticity score measures this hollowness. When every referred account from the same referrer has a throwaway email and a three-second name, the pattern is unmistakable — especially compared legitimate referrals.

Shallow User Behavior

Fake referrals usually follow a script: sign up, complete the minimum actions required to trigger the referral bonus, and go silent. The Behavior score can be trained to detect this pattern of identical onboarding steps, identical sequence, and a sharp activity cliff at the exact point where the bonus is earned. Real referred users keep exploring your product. Fake ones have no reason to.

Example: Catching a Referral Scheme

Here's what it looks like when someone tries to farm their own referral link:

Monday

User A shares their referral link. A legitimate user with normal scores across the board. Nothing suspicious.

Tuesday

"Lisa M" signs up via the referral link from the same device. Dregs recognizes the shared device fingerprint immediately. The Uniqueness score drops to ~20 on both accounts. A relationship link is created between them.

Wednesday

"Marc B" signs up — with the same device again, disposable email, completes the bare minimum onboarding. Dregs now has three linked accounts. Authenticity sits at ~30 (disposable email, thin profile). Behavior score at ~25 (identical onboarding path as User B).

Seconds later

Dregs slaps a "Referral Fraud" badge on all three identities based on your badge rules. An escalation fires to your configured channels. A webhook notifies your application, which automatically freezes all pending referral payouts for the cluster.

No manual investigation was needed... the fake referral ring is identified and flagged within seconds once it meets the defined criteria.

Stopping Referral Fraud

Detection is only half the story. How you respond determines whether the fraudster keeps trying or gives up entirely. Dregs gives you the ability to automate whichever approach fits your program, or the information to take matters into your own hands.

Freeze rewards

Automatically freeze or void referrals where abuse is suspected or the referred account scores below your threshold. The referral doesn't count, the bonus doesn't accrue, and the fraudster gets nothing for their effort. Clean, quick, and decisive.

Restrict fraudsters

Reduce or revoke referral privileges for accounts that show a pattern of fraudulent referrals. The referrer's link automatically stops working or their bonus rate drops to zero. They can still use your product, but the referral abuse vector is shut down.

Require engagement

Only pay referral bonuses after the referred user demonstrates genuine engagement with real usage over time, not just completing a signup checklist. You can even use the scores from Dregs to evaluate which referrals are eligible for rewards!

Referral fraud only pays off if the payout goes through. With Dregs webhooks feeding scores and relationship data to your application in real time, fraudulent referrals can be frozen before a single bonus is issued — protecting your budget around the clock.

Referral fraud is closely related to duplicate account abuse. If someone is gaming your referral program, they're almost certainly creating multiple accounts too — and Dregs catches both patterns with the same integration.

Stop referral fraud before it drains your program.

Dregs links self-referrals from the first shared device. Install the tracking script, start scoring, and get control of fake referrals.

Schedule a Demo