Can Someone Explain Affiliate Fraud...?

Status
Not open for further replies.
D

Drover

New member
Nov 28, 2006
369
1
0
Houston, TX
I have a basic understanding of what it is. I'm looking for an explanation of how they do it. I'm honest and not really a techie guy so, NO, I'm not trying to figure out how to do it...lol.

I'm cloaking my affiliate links to prevent it, but I don't really understand how having my affiliate ID will let them steal my commissions. Can it be done if there are no cookies involved? What about if the affiliate network has a form right on my page?
 


Wow.. I am actually interested in thie very topic as well. I know nothing. Is there a good refrence to read before I ask my 21 questoins. :)

This is a topic I want to know more about.
 
Some trojans look for affiliate IDs and dynamically rewrite them.
So it will parse the page and change any affiliate IDs in the page to the hacker's.

Then of course there is the low-tech way of people manually removing affiliate IDs because they don't want to make affiliates money.
 
It also exists in the sense that affiliate send sales with stolen details, get the payout and the merchant then get's chargebacks - hence why most affiliates have a buffer between sales and payout dates.
 
machinecontrol said:
Some trojans look for affiliate IDs and dynamically rewrite them.
So it will parse the page and change any affiliate IDs in the page to the hacker's.
Click to expand...

This was sort of what I was looking for. What do you mean by "parse the page"? Which page? Is the page actually changed? At what point is the affiliate ID actually changed?

Anyone have links to any good articles on this?
 
The aID is changed at any point (page, widget, xss, isp, proxy, network, vendor)
yes let's not forget vendor fraud ;)
 
Drover said:
This was sort of what I was looking for. What do you mean by "parse the page"? Which page? Is the page actually changed? At what point is the affiliate ID actually changed?

Anyone have links to any good articles on this?
Click to expand...

The trojan is installed on the users pc. So the user views your webpage and clicks your affiliate link. The trojan on the users pc sees this by sniffing the http traffic and it dynamically changes your affiliate id with the hacker's affiliate id. (This can be in the url or the cookie that is sent in the http request)

Also note that it not necessarily needs to be a malicious program that does this. Some adware - spyware removal tools delete or dont send cookies. Read Cookies Detected by Anti-Spyware Programs: The Current Status
for more info.
 
Just as an estimate, with the afflilate fraud what do you think the is the average percentage of lost profits for the Affiliate? And how effective is cloaking at preventing this?
 
Any good affiliate network should be able to spot these fraud affiliates easily enough though.
 
Status
Not open for further replies.
Top Bottom