* Please note the update at the bottom of this post *
I am attending the AM Days conference this week, so MAD Monday comes a day early. If you are also attending AM Days, be sure to say hi. If you’re a blackhat incognito, hold onto your hat, for you may just feature during my presentation (oh dear!).
Speaking of blackhats, today’s rogue doesn’t score very high points for technical complexity, but I do award bonus points for putting in a little bit more effort than usual.
Line 1019 – 1022 are images which tell the browser to load using affiliate links as their source. Note that these links were only meant to be loaded via clicks initiated by the user. From Affiliate Window’s Terms and Conditions:
3.3 Links must not mislead Visitors. Links may only be placed with the intention of delivering Valid Clicks.
The bottom line is that the browser will be invisibly redirected through to the sites of the merchants that these affiliate links represent. The net effect has cookies placed onto the machine of the user in question (packet log summary). If said user makes a purchase anytime soon, this rogue affiliate will be paid. Merchants impacted are: johnlewis.com, dorothyperkins.com, debenhams.com and missselfridge.com
This affiliate scores 3/10 for his efforts:
- One point for the most basic form of cookie-stuffing
- Another point for setting up a pretty nifty site (it looks pretty good)
- One more point setting up similar sites in the fashion and cosmetics vertical and running this scheme across them as well: kissandmakeup.tv, osoyou.com and shoewawa.com
* 10/8/2012 Update
AffiliateWindow contacted me to let me know that the cookie-stuffing activity highlighted in this post is the result of an unmonetized tracking experiment that they are conducting, i.e., they are trying to determine how many people end up buying something from the merchant on the other side of the affiliate link without having clicked on it.