View desktop instructions

View mobile app instructions
Review At Risk Actions

Published on: Wed, 26 Mar, 2025 at 1:03 AM | Updated on: Mon, 31 Mar, 2025 at 7:30 AM

Actions with the most critical risk signals are automatically rejected as part of Event Risk detection. If you think any of these actions are legitimate and should be payable, they must be explicitly approved.

The following risk signal is automatically rejected:

Reason code: Conversion Spoofing
Risk level: Critical/Suspect
Description: A spoofed conversion is one that never happened. Client-side integrations like JavaScript can be vulnerable to bad actors creating fake conversion events to receive rewards, either directly via a partner account or more commonly via the reward scheme of a loyalty/rewards-type partner.
Solution: The best way to confirm if an action is valid is to cross-reference the order ID against your own order logs. Spoofed conversions will not exist in your backend system. To detect this, impact.com allows you to apply validation rules for expected order ID and conversion page URL patterns.

Review your conversion spoofing rules

Conversion spoofing detection relies on applying validation rules for expected order ID and conversion page URL patterns for each of your event types. Refer to the conversion spoofing rules report to know what rules we configured for your program. Contact support to update these rules where necessary.

Find and review suspect actions

The following steps will guide you to find and review any actions rejected based on validation rules:

From the left navigation menu, select [Engage] → Transactions → Pending Payouts → At Risk.

Filter for the conversions you want to view. Select [Search] [Search] when you have the filters in place.

View the Filter reference below for more information.

Filter reference

Filter	Description
Partner	Filter for flagged actions driven by a specified partner.
Event Type	Filter for flagged actions according to a specific event type. You can select from any event type that has been configured for your program, e.g., Click.
OID	Filter for flagged actions associated with a specified order. The order ID is a string that acts as an order's unique identifier.
Action Id	Filter for flagged actions (sale, app install, subscription, etc.) by inputting its unique identifier.
[More]: Add more filters. Shared Id: Filter for flagged actions with a specified shared ID. This is a value that is visible to both you and the partner and which can be appended to a tracking link for reporting purposes. Promo Code: Filter for flagged actions with a specified promo code, meaning a unique value that allows customers to get a discount checkout. Date Range: View flagged actions that were driven over a specified time period.

In the table, review the action based on your validation rules.

Select [Expand] to see additional conversion details.
View the Column reference below for more information.

Column reference

Column name	Description
Action Date	Date (and time) when the action was recorded.
Action ID	Unique impact.com ID for the action. Select the action ID to see the action's details.
Order ID	Unique OID (Order ID) for the action.
Event Type	A tracking method that is applied to a defined action.
Partner	Specifies the partner that drove the action.
Lock Date	The date that the action will lock, and the partner's payout for the action finalizes.
Reversal Reason	The reason why the action was reversed.
Revenue	Amount of revenue generated by this action.
Action Cost	The cost of the action the partner drove.
Promo Code	If a promo code is used for the action, it's listed here.

To approve a suspect conversion, select Approve in the Actions column.
- Alternatively, select the [Check boxes] next to each action, then select Approve below the filter menu.
Optionally, below the table, select [Download] to download the list as a .CSV.

Review your conversion spoofing rules

Find and review suspect actions

Related Articles