Understanding Spam Prevention: Cheating Types and Anti‑Cheat Strategies in Zhuanzhuan's Risk Control System

When Zhuanzhuan was founded, risk control was created as a business line to combat cheating; after nearly three years it has expanded its scenarios, refined its technology, and now offers a relatively stable anti‑cheat capability. This article reveals how the risk‑control system works.

Cheating Types

Spammer cheating mainly falls into two categories: content cheating and behavior cheating.

Content cheating includes: Traffic diversion – directing users off‑site for transactions via QQ, WeChat, phone numbers, URLs, etc. Fraud – impersonating official accounts (e.g., fake customer service) to collect fees. Harassment – sending private messages that contain spam, promotions, or other unwanted content.

Behavior cheating : actions such as share‑boosting or view‑boosting to artificially increase exposure and strengthen content propagation.

Anti‑Cheat Methods

To counter cheating, Zhuanzhuan employs three main anti‑cheat methods: strategy anti‑cheat, product anti‑cheat, and model anti‑cheat.

Strategy anti‑cheat : The quickest and most effective way to tackle spammers and top‑level problems. A strategy consists of rules + penalties. Example: if a product title or description contains a sensitive word, publishing is blocked; the rule identifies the word, the penalty blocks the post.

Product anti‑cheat : Used when strategies cannot fully identify malicious behavior. Product‑level solutions (e.g., real‑name verification, captchas) guide users to normal usage while raising the cost of cheating.

Model anti‑cheat : As cheating techniques evolve, machine‑learning models become essential. Supervised algorithms are trained on manually labeled samples to detect spam images, fraudulent merchants, and other abusive behaviors.

Interception Control

If the concepts above seem distant, consider the most tangible part of risk control: interception. Two typical QA statements illustrate the problem:

Non‑risk‑control QA: "Why was I intercepted ?"

Risk‑control QA: "Why was I not intercepted ?"

Understanding why interception occurs (or does not) requires examining the risk‑control architecture:

In‑Process and Post‑Process Strategies

In‑process strategy : Executed before an operation completes (e.g., text recognition, user‑level assessment, frequency calculation). Example: a post containing a sensitive word is blocked before it is actually published.

Post‑process strategy : Runs after the operation is finalized, handling more complex or time‑consuming checks such as offline product audits.

Rules and Penalties

Rule : Consists of features + standards. Example: if a user places more than 50 orders within an hour, the rule triggers an interception.

Penalty : After interception, actions are taken. Internal penalties (e.g., lowering user level, deleting items) are handled by the spam system itself, while external penalties (e.g., freezing an order) require coordination with other business lines.

Troubleshooting Interception Issues

If an interception behaves unexpectedly, follow these steps: verify the risk‑control stage, confirm the rule conditions, and finally check whether the penalty execution failed.

When a business line integrates risk control, it may either call the strategy engine or directly use risk‑control services (e.g., account‑linkage queries). If a workflow is blocked during testing, first check whether the invoked risk‑control capability is present and then design appropriate workarounds.

Past Highlights

Zhuanzhuan Cross‑Platform Tracking Test Solution

Mobile H5 Performance Testing Platform (Part 1)

Live Stream Testing Decryption

Dynamic Proxy‑Based Test Framework for Zhuanzhuan Transaction System

Automated Exploration of the Happy Delivery Mini‑Program

Beetle Dual‑Active Practice

Case Management and Continuous Integration for Everyone

Visual Data Construction Tool Built in Five Minutes