Shulou(Shulou.com)06/01 Report--

Not long ago, Wechat's crackdown on "private domain traffic" caused a sensation on the Internet. Rumor has it that Wechat banned 30 million users overnight. However, Wechat quickly issued an official statement confirming that this is not true, but it is true to clean up illegal accounts that use plug-ins. The purpose is to crack down on the serious problem of malicious marketing in Wechat.

Wechat said that millions of black ash production accounts were processed in the first half of the year, which may seem like a huge amount of data, but it may really be just the tip of the iceberg.

According to data monitored by threat hunters, Wechat has an average of 100000 malicious registrations a day, and the total data for half a year will far exceed 1 million.

At present, black ash products widely exist in all kinds of black transactions. In addition to malicious marketing, there are also × ×, fraud, porn and so on. WeChat is one of the important criminal means, and the industry behind the account has blossomed. Douyin, QQ, platform account, even if it is just a phone number, as long as it can gather traffic and reach it repeatedly, it can be used to realize the transformation and realization of traffic. It can become your "private domain traffic".

Some people can't help but ask, what is private domain traffic, and does it have anything to do with malicious marketing?

What is "private domain traffic"?

When it comes to 2019 industry slang, private domain traffic can have a name, but before we understand it, we can talk about public domain traffic.

Public domain traffic, we can understand it as the traffic generated in a public place, such as Taobao, JD.com, Douyin, these are all public platforms, and you can be regarded as renting a store on the platform to "do business". Users and fans are like the traffic belonging to the platform for "shopping". When your "business" is doing well, these traffic will flock to your "store". Otherwise, you will need to spend money to seek help from the "platform", such as:

Spend money on "advertising" to let the platform recommend you to a prominent location, increase exposure, and introduce more traffic.

Spend money on "buying care", create the illusion that your own "store" is very popular, and introduce more real traffic.

Either way, the ultimate goal is to introduce traffic into your own "store"-your private domain, otherwise that traffic is just a platform.

Therefore, public domain traffic belongs to the platform, and you need to be familiar with the allocation rules of the platform in order to get a piece of the pie.

Private domain traffic is different. you only need to direct users to your private account, which is tantamount to directing traffic to private sites, where you can be free from the rules and do not need to spend money to "buy trust" or "buy promotion". You can directly reach users and dig deep into the value of them.

One of the advantages of private domain traffic is the high conversion rate. People who can enter your "store" to buy your products or like your videos are probably the target customers who are interested in the products under your door. With a little guidance in the later stage, it can bring about significant transformation. For example, sharing a link to a product in a group or moments can greatly hit the needs of users and promote purchase.

Another advantage is low cost, and the threshold for "private domain traffic" is much lower than spending high promotion fees to buy traffic in exchange for unstable conversion rates. Using some marketing means, we can guide users and customers to get into the group, or share and forward, so as to achieve low-cost or even zero-cost promotion.

And this is a more valuable existence than spending money to "buy promotion" and "buy care". They can be bought with money, and the conversion rate cannot be bought with money.

Low cost can be replaced by high conversion rate, there is such a good thing, of course, a lot of people line up to do it. However, here comes the problem. At present, it is suitable for the application of "private domain traffic". There is a prescribed limit on the number of friends. For example, the number of friends on Wechat is 5000, and that of group members is 500. how to ensure a steady stream of new traffic? and how to ensure that you can still get a high and stable income when the conversion rate fluctuates?

This is a question of "quantity", and the emergence of the maintenance industry is timely.

Second, the industry's attention to "private domain flow" has promoted the development of the maintenance industry chain.

When the marketing concept of "private flow" began to popularize, finance, e-commerce and education were the first industries to generate demand for the maintenance industry. As mentioned above, this involves the cost of getting customers and the conversion rate.

After threatening the hunter to set up his own "Ghost Valley Laboratory", he also asked the hunter to disguise as a black ash production practitioner to break into the enemy's internal experience and secretly visit the cooperation mode of the maintenance industry, combined with later in-depth research, we combed the whole chain in a comprehensive way. Let's take Wechat as an example. Note: the Ghost Valley Laboratory is a laboratory set up to threaten hunters for black ash production research, using black ash production tools to highly restore black ash production, simulate and reproduce the details, and deeply analyze and study the behavior of black ash production. )

Upstream: production number

Batch registration is a means for black ash production to register malicious accounts in different business scenarios by using a large number of mobile phones "× ×", and then realize cash by means of wool, brushing, malicious marketing and other means. at present, it has been highly scaled and marketed. For specific scale and data, please refer to the article "Analysis of Anti-Fraud scenarios" on the generation and circulation of false accounts.

After completing the batch registration of WeChat, Black Grey products will use scripts to allow WeChat to automatically complete a series of operations, highly simulating normal user behavior and making it look like a normal account, so as to avoid the risk of account closure.

Mid-stream: maintenance number, recovery account

For ordinary users, Wechat accounts are just the key to social networking, but in Black Grey products, Wechat accounts are clearly priced products.

Do you know how much your account is worth?

Threat hunters use the anti-fraud intelligence monitoring platform to monitor that all Wechat accounts are valuable on the black market, and that prices increase with time, which is a "account maintenance" process.

We have highly simulated this behavior in the "Ghost Valley Lab". As long as a large script is entered through the PC, connected mobile devices can automatically complete a series of behaviors such as adding friends, building groups, giving likes, automatically replying, and sending moments according to the script settings.

In the black market, according to the time of the maintenance number, there will be different categories of new number, month number and year number, and the price will be significantly different.

The price of the newly registered account is usually about 10 yuan, and the account that has been maintained for a month can buy 50 yuan and 150 yuan for half a year. Accounts with real-name authentication, including binding × ×, bank cards and other real-name information, the price can be added to the original price of 40-60 yuan.

The longer the maintenance number is, the more complete the real name authentication is, the closer it is to the real user, and the less likely it is to be blocked, so the higher the price.

In addition, according to different functions, it is divided into station street, direct login WeChat account; according to different regions, it is divided into domestic number and foreign number; and so on.

As far as the hunter knows:

Station street number: this is a way to make use of site exposure. In popular terms, it is in the "people around" function so that you can be searched by others, so that people can see your ads, so as to achieve the purpose of promotion and marketing.

Direct login number: when logging in with an account and password, there is no need for a friend to send a CAPTCHA, no need to answer verification questions, and is not subject to whether the seller is online.

Domestic and foreign accounts: for accounts registered in different regions, foreign accounts are more stable and more difficult to close than domestic accounts.

However, the maintenance number is only one of the ways for merchants to obtain account numbers. In order to quickly obtain accounts with real-name systems and long-term use, merchants will also collect accounts through recycling or other means.

Reclaim account number

Hunter Jun once saw a pop-up window at the bottom of an account trading website, showing the QR code for information and contact information about the recovery of Wechat accounts. Pretending to be a social member who is in urgent need of money, the hunter added him.

After the friend request was passed, there was no ceremony to say hello. The other party went straight to the topic and asked the hunter to provide screenshots of account information, moments, bank card binding, transaction records, and other information. The more complete the information provided, the higher the price. None of the above information will be recovered according to the new price, and the price is also about 10 yuan.

When the hunter tried to ask about the purpose of the reclaimed account, the other party did not give any answer.

If the WeChat account is regarded as a simple commodity, recycling means that the middleman earns the price difference, and going back to the maintenance number, it can be regarded as the self-production and self-sale of the goods.

Spreading down from this ring, it is parasitic in the lower reaches of the black ash production of the Wechat ecosystem.

Downstream: cheating behind "private domain traffic"

The experience of WeChat business consultants to make money.

In the communication group of black ash industry practitioners, a young WeChat business consultant shared his experience of making money in recent years.

The consultant said frankly that hundreds of thousands to millions of dollars have to be invested every year to promote their products, but most of them have been wasted. Under the pressure of high competition, it is difficult for investment to be proportional to sales. Later, we found the way of WeChat business. "there has been a saying of 'private domain traffic' this year. In fact, we are also managing our own 'private domain traffic', but we just have more means." The consultant said.

According to consultants, some product lines are in great demand, and they can control hundreds of mobile phones at a time through group control technology, add friends in batches, send purchase links, and post bulk advertisements in moments. Then use the program to record the number of purchases of all customers, the amount of consumption, according to different spending power to re-pull the group.

"this is a rough process, which helps us to select high-quality customers," the consultant said. "put those with strong spending power in a new group, and in the next mass purchase of links, we can send only these high-quality customer groups. In this way, the cost of getting customers is extremely low, but the conversion rate is extremely high."

After that, as long as the considerate mass message asks customers whether they are satisfied with the goods, and take the initiative to send a red packet of 2-5 yuan, the relationship between customers and businessmen can be further strengthened.

You don't have to pay promotion fees to the platform, you don't have to buy fake traffic, all the money you earn goes into your pocket, and earning one million dollars a month is not a dream, WeChat business consultants finally said in the group with the tone of development offline.

The recruitment of the monitor of micro-class

Paid courses are already a common phenomenon nowadays. Before Wechat was blocked on a large scale, Hunter Jun saw the course link of "sign in and return the full tuition fee" on moments. Click in is a short course introduction and a QR code to add friends.

After trying to add friends, I was asked to scan the second QR code to add friends, and then I was pulled into a Wechat group chat. I could start the course by charging tuition fees to the group as required, and then share the links to my moments every day, even if I finished signing in.

According to a person in the group who calls himself the monitor, there are still many groups who need a monitor like him to take up the management work. As long as they reply to the group messages in their spare time every day, they can earn extra money, and interested users can contact by private messages.

The hunter believed him privately.

The monitor said that every day, a steady stream of people learn about this course from the sign-in links in WeChat moments. After adding them, An account will divert them, and then push them to another B account according to different courses. B account will pull users into the group in batch. The monitor said that these operations, including subsequent group announcements or other information push, can be done by the machine in batches, and it is very easy for the monitor to be responsible for some subjective questions that the robot cannot answer.

It is understood that the way of diversion of AB accounts is to avoid the supervision of Wechat, to achieve the diversion of fans and operators, and to avoid the risk of being reported and blocked by users.

The machine is the so-called group control technology, adding friends in batches and sending group messages in batches is not only efficient, but also direct and vertical. Each group only needs a human customer service to manage, which can maintain the relationship between customers and merchants. The rest of the promotion work can be easily achieved by clocking in and learning in customer moments.

After the continuous fermentation of Yanghao and group control, the ecology of Wechat has indeed been seriously affected. The ad links shared by users or merchants can be seen in moments every day, which directly reduces the user's experience. In order to maintain the health of the Wechat ecosystem, the Wechat team carried out the "plug-in processing" action, which triggered the industry's thinking about "private domain traffic". But in fact, Wechat hit black ash production far more than this time.

If you count it, Wechat introduces new measures to crack down on black ash production every year. It has been particularly strong in the past two years.

When we cracked down on the distribution of vulgar novels in early 2018, a large number of Wechat official accounts were directly removed from the shelves; after that, the Wechat accounts and WeChat groups suspected of × × were dealt with and punished to varying degrees in the first and second quarters respectively; to this year, we began to crack down on malicious marketing practices caused by "private domain traffic" on the platform, which can be said to be getting stronger every time.

However, why the black ash production is still arrogant?

After a long-term confrontation with black ash products, threat hunters have found that this is a process of continuous game, and while our means of confrontation are constantly upgrading, the technical means of black ash products are also constantly evolving, and the forms are becoming more and more diverse. the traditional means are no longer sufficient to ensure the security of the platform. The platform must establish or access a more systematic protection mechanism to effectively solve the security problem.

Third, how to effectively ensure the security of the platform

Threat hunter safety technology experts said that today's black ash production has been highly specialized and chained, and a clear division of labor in the upstream, middle and downstream makes their operation very efficient, and any single attack is not enough to solve the problem.

In this competition, on the one hand, the platform should take the initiative to understand the enemy's ideas, strategies, and means; on the other hand, it should constantly review its own protection strategy. adjust in time when the mode of black ash production changes.

Identify the basic resources of black ash products and do a good job in account security protection.

In the highly chained operation mode of black ash production, they are very dependent on the underlying basic resources, which is not only the malicious source of the whole industrial chain, but also the key node of our confrontation. Although the technical means of black ash production are constantly iterated, it is always inseparable from the support of the underlying basic resources, such as × ×, black IP and so on. Through the identification of basic resources, the false account registered can be traced directly, and the platform can further intercept or reduce the right according to the degree of evil done by the account.

Obtain fraud information of black ash production and actively adjust risk control strategy

By actively collecting information on black ash production, we can understand the current public opinion and trend of black ash production, which can be used as the support and basis for risk control strategy adjustment. Anti-fraud intelligence generally includes: the interface of black ash production preparation, the trading platform involved, the tools used, the related resources involved, and so on. Through the layout and control of these nodes, we can understand the evil logic and means of black ash production, and make risk control strategies in advance. In addition, the monitoring of the categories and price changes of black ash products can help the platform to determine the effectiveness of risk control strategies in a certain period.

Upgrade the platform protection system to increase the evil cost of black ash production

Once the platform catches the signal of upgrading the means of black ash production, it is necessary to adjust the risk control strategy in time, and upgrade the protection system accordingly, so as to increase the cost of black ash production. Black ash production can not be cracked down once and for all, the platform can only constantly raise the evil threshold of black ash production, let them realize that the cost here is too high, difficult to make a profit, will naturally be deterred.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.