Founder of Blueprint. I help companies stop sending emails nobody wants to read.
The problem with outbound isn't the message. It's the list. When you know WHO to target and WHY they need you right now, the message writes itself.
I built this system using government databases, public records, and 25 million job posts to find pain signals most companies miss. Predictable Revenue is dead. Data-driven intelligence is what works now.
Company: Vesta
Core Problem: MVNOs and telecom operators lose millions in revenue to payment fraud on prepaid wireless transactions, while also declining legitimate customers due to overly strict fraud filters. Vesta enables them to approve more legitimate transactions while eliminating fraud losses in real-time.
Industries: Telecommunications, Mobile Virtual Network Operators (MVNOs), Payment Processing
Company Types: Large Mobile Network Operators (MNOs), Mobile Virtual Network Operators (MVNOs), Global Telecom Operators, Payment processors serving telecom
Company Size: Large enterprises with 100M+ annual transactions, presence in 40+ countries
Title: VP of Fraud Prevention & Risk Management / Director of Payment Operations
Key KPIs: Transaction decline rate (false positive rate), fraud loss percentage of revenue, marketing waste from fraudulent sign-ups, customer approval rate (target 80-97%), chargeback rates
Your GTM team is buying lists from ZoomInfo, adding "personalization" like mentioning a LinkedIn post, then blasting generic messages about features. Here's what it actually looks like:
The Typical Vesta SDR Email:
Why this fails: The prospect is an expert fraud prevention leader who has already evaluated every major fraud solution in the market. They've seen this template 1,000 times. There's zero indication you understand their specific fraud attack patterns, approval rate gaps, or regional risk exposures. Delete.
Blueprint flips the approach. Instead of interrupting prospects with pitches, you deliver insights so valuable they'd pay consulting fees to receive them.
Stop: "I see you're hiring compliance people" (job postings - everyone sees this)
Start: "Your weekend approval rate drops to 72% vs 86% on weekdays - peer MVNOs maintain 84-85% consistency" (aggregated internal data showing their specific operational gap)
PQS (Pain-Qualified Segment): Reflect their exact situation with such specificity they think "how did you know?" Use government data with dates, record numbers, facility addresses.
PVP (Permissionless Value Proposition): Deliver immediate value they can use today - analysis already done, benchmarks already pulled, patterns already identified - whether they buy or not.
These messages provide actionable intelligence operators cannot get elsewhere. Each play delivers immediate defensive value whether the prospect responds or not.
Use real-time fraud detection across your customer network to identify geographic fraud spikes and alert operators in affected regions before the attacks hit them. Combine specific attack pattern details (fraud type, method, time window) with actionable blocklists they can implement immediately.
Time-sensitive threat intelligence delivered with geographic specificity creates immediate urgency. When you tell an operator "3 other Dallas MVNOs were just hit with SIM swap fraud in the past 72 hours," they know this isn't a generic pitch - it's a real threat they need to defend against right now. The offer of fraud vector signatures provides instant defensive value.
This play requires real-time fraud detection across your customer network detecting attack patterns, geographic clustering, and specific fraud methodologies. Must aggregate fraud loss data across minimum 3-5 operators per region to ensure anonymity.
This is proprietary operational data competitors cannot replicate - only Vesta sees fraud patterns across 100+ operators in real-time.Identify promotional abuse rings targeting specific fraud vectors (port-in promotions, device financing offers) and alert operators in affected regions with exact dollar amounts, attack methodology, and actionable blocklists. Focus on recent attack windows (past 21-30 days) to create urgency.
Specific dollar quantification ($127K in losses) combined with exact date ranges and clear exploit methodology proves this isn't speculation - it's intelligence from actual attacks. Offering device fingerprint blocklists provides immediate defensive value the operator can implement today to protect promotional budgets.
This play requires aggregated fraud loss tracking across customers with dollar amounts, fraud type classification, promotional offer analysis, and device fingerprinting capabilities.
This synthesis of fraud loss + promotional targeting + device fingerprints is purely proprietary to your platform.Monitor attack patterns targeting specific telecom infrastructure (T-Mobile MVNOs, AT&T resellers, etc.) and alert operators on that infrastructure before they're hit. Provide compromised credential hash lists that operators can cross-reference against their customer databases immediately.
Infrastructure-specific targeting creates immediate relevance - if you're on T-Mobile and 8 other T-Mobile MVNOs just got hit with credential stuffing, you know you're next. The specific date range and attack methodology explanation provides credibility, while the credential hash list offers instant defensive value.
This play requires attack pattern monitoring across customers by carrier infrastructure, credential stuffing detection capabilities, and access to compromised credential databases or hash lists.
Only Vesta sees attack patterns systematically targeting specific telecom infrastructure - external security researchers don't have this operational view.Track synthetic identity fraud rings targeting specific geographies and promotional offers. Alert operators in affected states with exact application counts, date ranges, fraud methodology, and SSN pattern blocklists they can implement to prevent fraudulent sign-ups.
Synthetic identity fraud is incredibly difficult for operators to detect on their own because the identities appear legitimate. When you provide exact application counts (340+ fraudulent applications), explain the exploit method (fabricated SSNs targeting promos with device financing), and offer SSN pattern blocklists, you're solving a problem they can't solve independently.
This play requires synthetic identity detection capabilities across customer application data, SSN validation and pattern analysis, and geographic clustering of fraud attempts.
Synthetic identity detection requires platform-scale data across multiple operators - individual operators cannot detect these patterns in their own data alone.Benchmark operators' approval rates by customer type (first-time international customers, recurring customers, high-value transactions) against similar-sized operators. Show them specific approval rate gaps that directly impact strategic priorities like international expansion or customer acquisition cost.
First-time international customers are key to market expansion goals. When you show an operator they're blocking 23% more of these customers than peers, you're directly connecting approval rate gaps to their strategic business priorities (international expansion, CAC optimization). The risk threshold comparison offers immediate diagnostic value.
This play requires approval rate data segmented by customer tenure (first-time vs recurring), geographic market, and risk scoring thresholds. Must aggregate across similar-sized operators to provide meaningful benchmarks.
Only Vesta has approval rate benchmarks across 100+ operators with this level of segmentation - external researchers cannot access this operational data.Analyze operators' approval rates by time period (weekday vs weekend, business hours vs evening) to identify operational inconsistencies that suggest staffing gaps or overly conservative automated rules. Compare against peer operators who maintain consistent approval rates to show this is a fixable operational issue.
Most operators don't track approval rates by time period, so they're blind to weekend drops. When you show them their approval rate drops 14% on weekends while peers maintain consistency, you're identifying a hidden revenue leak they didn't know existed. The hour-by-hour analysis offers immediate diagnostic value for optimizing staffing or fraud rules.
This play requires approval rate tracking by time period (weekday/weekend, hourly patterns) with transaction volume correlation. Must benchmark against peer operators who maintain consistent approval rates across time periods.
This temporal approval rate analysis is only possible with platform-scale transaction data across multiple operators.Benchmark operators' international transaction approval rates by country against similar-sized operators processing cross-border payments. Identify massive approval rate gaps (19+ points) that indicate overly aggressive fraud filters blocking legitimate international expansion revenue.
International expansion is expensive and strategically critical. When you show an operator they're blocking 19% more international transactions than peers, you're quantifying a direct threat to expansion revenue goals. The country-by-country breakdown provides immediate diagnostic value for pinpointing which markets they're over-blocking.
This play requires approval rate data segmented by country/region with benchmarks across similar-sized operators processing international payments. Must track approval rates for 30+ countries to provide meaningful country-level comparisons.
Only Vesta processes payments across 40+ countries with benchmarking data at this geographic granularity.Detect sophisticated fraud patterns where attackers switch payment methods mid-transaction (card to ACH, prepaid to credit) to exploit approval gaps between payment types. Alert operators in affected regions with dollar quantification and transaction flow signatures for immediate detection.
Payment method switching is a sophisticated fraud technique most operators don't monitor. When you explain the exact methodology (switching from card to ACH mid-transaction) with regional specificity and dollar impact ($63K losses), you're revealing a blind spot in their fraud detection. Transaction flow signatures provide immediate detection value.
This play requires payment method switching detection across transaction flows, fraud loss tracking by methodology, and regional clustering of attack patterns.
Detecting payment method manipulation requires transaction-level visibility across the entire payment flow - operators only see their own transactions and miss cross-operator patterns.Benchmark operators' chargeback rates against similar transaction volume peers to identify elevated chargeback exposure that triggers payment processor fees and account restrictions. Provide chargeback reason code breakdowns to identify root causes by transaction type.
Elevated chargeback rates create two painful business problems: higher payment processor fees and risk of account restrictions/termination. When you show an operator they're running 163% above benchmark (2.1% vs 0.8%), you're quantifying both a cost problem and an existential threat to their payment processing relationship. Reason code breakdowns provide immediate diagnostic value.
This play requires chargeback data aggregated across operators by transaction volume tier, with reason code analysis segmented by transaction type.
Only Vesta has chargeback benchmarks across 100+ operators with this level of segmentation - payment processors don't share this data across their merchant base.Track refund fraud rings systematically exploiting promotional offers (port-in bonuses, device promotions) by claiming the promotion then disputing the charge. Alert operators whose promotional offer structures match attack patterns with account identifiers for immediate blocking.
Refund fraud targeting promotional offers is difficult to detect because each individual transaction looks legitimate - the pattern only emerges when you see the same ring hitting multiple operators. When you explain the exact methodology (port in, claim promo, dispute charge) and confirm 4 other MVNOs were already hit, you're providing intelligence they cannot generate internally.
This play requires refund fraud detection capabilities, promotional offer structure analysis, and account fingerprinting across customer base to identify fraud ring patterns.
Detecting refund fraud rings requires seeing patterns across multiple operators - individual operators see isolated chargebacks and miss the coordinated attack pattern.Benchmark operators' approval rates by transaction amount range ($50-$100 top-ups, $100-$200, etc.) to identify transaction tiers where they're over-declining compared to peers. Show them these gaps represent high-volume revenue segments where fraud scoring is miscalibrated.
Mid-tier top-ups ($50-$100) are often the highest volume transaction segment for MVNOs. When you show an operator they're 16 points below peer approval rates specifically in this range, you're pinpointing a massive revenue leak. The transaction amount threshold analysis provides immediate diagnostic value for recalibrating fraud scoring rules.
This play requires approval rate data segmented by transaction amount ranges with fraud scoring threshold analysis to identify where operators are over-declining specific transaction tiers.
This transaction amount segmentation with fraud scoring correlation is only possible with platform-scale data across multiple operators.Monitor card testing bot activity targeting prepaid wireless checkout flows. Alert operators whose checkout vulnerability profiles match operators already experiencing attacks, with bot signature patterns for immediate detection and blocking.
Card testing attacks generate massive chargeback exposure ($40K+) and most operators don't detect bot patterns until after the damage is done. When you identify specific checkout flow vulnerabilities and provide bot signature patterns for defense, you're enabling proactive blocking before chargebacks hit.
This play requires card testing bot detection capabilities, checkout flow vulnerability profiling across customers, and bot signature pattern identification.
Detecting card testing patterns requires transaction-level visibility across multiple operators to identify bot attack signatures - operators see failed attempts but miss coordinated bot patterns.Benchmark operators' approval rates by time period to identify temporal patterns suggesting operational issues (understaffing, overly conservative weekend rules, time-zone coverage gaps). Show them peer operators maintain consistent approval rates and provide hour-by-hour diagnostics.
Weekend approval rate drops directly impact revenue on high-volume days when customer demand spikes. When you diagnose the likely operational cause (understaffing or conservative rules) and show peer operators maintain consistency, you're identifying a fixable operational problem with immediate revenue impact.
This play requires approval rate tracking by time period (weekday/weekend, hourly patterns) with transaction volume correlation and peer consistency benchmarks.
This temporal approval rate analysis with operational diagnostics is only possible with platform-scale data across multiple operators.Analyze approval rates by time period (weekday vs weekend) to identify temporal drops suggesting operational issues like understaffing or overly conservative weekend fraud rules. Compare against peers who maintain consistent approval to show this is fixable.
Most operators track overall approval rates but don't segment by time period, so they're blind to weekend drops. When you identify a 14-point weekend decline and diagnose the likely operational cause, you're surfacing a hidden revenue leak. The hour-by-hour analysis provides immediate optimization value.
This play requires approval rate tracking by time period (weekday/weekend, hourly) with peer consistency benchmarks across similar-sized operators.
This temporal segmentation with operational diagnostics is only possible with platform-scale data across multiple operators.Old way: Spray generic fraud solution pitches at VP Payments titles. Hope someone replies.
New way: Use proprietary fraud intelligence to show operators their specific approval rate gaps, regional fraud exposures, and operational blind spots. Mirror their situation with data they cannot get elsewhere.
Why this works: When you lead with "Your weekend approval rate drops to 72% vs 86% on weekdays - peer MVNOs maintain 84-85% consistency" instead of "We help MVNOs improve approval rates," you're not another vendor pitch. You're the intelligence source who already did the diagnostic work.
The messages above aren't templates. They're examples of what happens when you combine proprietary operational data (fraud patterns, approval rates, attack signatures) with operator-specific targeting. Your team can replicate this using the internal data requirements documented in each play.
Every play traces back to proprietary internal data. Here are the data requirements for the playbook:
| Source | Key Fields | Used For |
|---|---|---|
| Vesta Internal Fraud Intelligence | fraud_loss_by_country, fraud_type_percentages, real_time_fraud_spike_detection, attack_pattern_signatures, device_fingerprints, compromised_credential_hashes | Regional fraud alerts, attack pattern detection, synthetic identity rings, promotional abuse tracking |
| Vesta Internal Transaction Data | approval_rates_by_operator_size, false_positive_rates, fraud_loss_percentages, percentile_rankings, transaction_amount_ranges, time_period_segmentation, chargeback_rates, reason_codes | Approval rate benchmarking, operational diagnostics, chargeback analysis, transaction tier optimization |