Affiliate Fraud Through Adult Advertising Networks
* This post links to adult content *
Spend a while browsing through pornsharia.com (Alexa Rank #1045) and you’re going to stumble across something other than free porn, adult ads and every kind of man or woman looking to “hook up” only a few miles away from you.
Here’s a screenshot of the rogue ad in action.
When going through the packet trace, note how the scammer uses adxpansion.com to display a Flash binary which looks like a legitimate ad. This same binary then routes the browser through a number of hosts (ovirfh9384.info, my-hosts.info) in an effort to blank the referrer and then make a final request to Amazon.
The net effect is that affiliate chablo0b-20 is essentially stealing revenue from honest affiliates competing for the same traffic by claiming unearned commissions from Amazon. Of course, you could argue that Amazon is not losing any money because Amazon is catching these fraudsters. That may very well be the case (and if so the honest affiliates still lose!), but keep in mind we are dealing with fraudsters who are spending money to run ads on sites with enormous traffic. This doesn’t come cheap, so why would a fraudster spend money if he wasn’t making any?
Because Amazon probably isn’t catching them.
I give this fraudster a 4/10
- 1 point for basic Cookie-Stuffing
- 1 point for using the Flash bandit. If you want the Flash binary then get in touch with me.
- 1 point for spending his own coin
- 1 points for targeting sites with enormous traffic volume
Unfortunately this scam is not too difficult to pull off properly. A fraudster with a bit of technical know how and a budget can slip past the quality controls of an advertising network and quite easily start Cookie-Stuffing at scale.« Rogue Venturebeat.com Advertiser Plunders Affiliate RevenueCJ Affiliate 6365251 invisibly claiming commission on organic traffic to Symantec Norton »