People are gaming your referral program
Your referral numbers look great on paper, but something's off. Self-referrals, fake accounts, and reward abuse are eating your budget. You're paying for growth that doesn't exist. This is more common than you'd think — eBay's early referral program was so heavily gamed they had to shut it down entirely. Uber dealt with drivers creating fake rider accounts to collect referral bonuses in new markets. Any program that rewards signups without verifying real engagement will attract fraud, and it scales faster than legitimate referrals. If 20%+ of your referred 'users' never activate, you probably have a fraud problem.
TL;DR
"People are gaming your referral program" is a common referral problem. Key signs include spike in referrals from a small number of accounts — top 5% of referrers driving 50%+ of volume and referred users have suspiciously similar email patterns (same domain, sequential numbers, or disposable email providers). Start by trying: Move reward trigger from signup to first meaningful action (purchase, project created, 7-day retention) — this single change eliminates 80%+ of casual fraud.
Overview
If you're dealing with “people are gaming your referral program”, you're not alone. This is one of the most common referral challenges that solo founders and indie hackers face. Below you'll find the warning signs to watch for, root causes to investigate, and quick wins you can try today.
Signs you have this problem
- Spike in referrals from a small number of accounts — top 5% of referrers driving 50%+ of volume
- Referred users have suspiciously similar email patterns (same domain, sequential numbers, or disposable email providers)
- Referred users have activation rates under 10% compared to 40%+ for organic users
- Referral costs are climbing 20%+ month over month but revenue from referred users is flat
- Same devices, IPs, or browser fingerprints appearing across referrer and referee accounts
- Sudden referral volume spikes from specific geographies or during off-hours
Why this happens
- No verification that the referred user is a real, unique person — email-only signup is trivially gameable
- Reward is given at signup instead of after meaningful engagement — gamers never need to use the product
- No device fingerprinting or IP analysis to catch self-referrals — basic fraud that's easy to detect but often ignored
- Reward value is too high relative to the effort of creating a fake account — if the reward is worth more than 5 minutes of effort, it'll be gamed
- No cap on referral rewards per user or per time period — unlimited upside attracts professional gamers
Quick wins to try
Move reward trigger from signup to first meaningful action (purchase, project created, 7-day retention) — this single change eliminates 80%+ of casual fraud
Add basic fraud checks: same IP within 24 hours, disposable email domain blocklist, device fingerprint matching
Cap referral rewards at 10 per month or 50 total per user — legitimate referrers rarely exceed this, gamers always do
Require phone verification or a minimum activity threshold (3+ sessions, 7+ days active) before releasing the reward
When to prioritize this
When referred user activation rate is 50%+ lower than organic user activation, or when referral costs per activated user exceed your paid acquisition CAC. If more than 20% of referred accounts never log in a second time, investigate fraud before spending another dollar on referral rewards.
Ready to solve “people are gaming your referral program”?
Golden Gecko matches you with the right experiments based on your specific situation. Sign up free to get step-by-step guidance and track your results.
- AI matches playbooks to your goals
- Step-by-step experiment guidance
- AI interprets your results