Fake Reviews & The Google Play Store

Posted by on Oct 9, 2014 in Affiliate Fraud, App Stores

The Fair Credit Reporting Act ensures that Americans are granted a free credit report from Equifax, Experian and TransUnion once every twelve months. If you are fortunate enough not to encounter a scammer along the way to getting your free credit report, then you’ll most likely end up at  annualcreditreport.com Unfortunately, not everyone is so […]

Measuring and Managing Online Affiliate Fraud

Affiliate programs vary dramatically in their incidence of fraud: in some merchants’ affiliate programs, rogue affiliates fill the ranks of high-earners.  Yet other similarly-sized merchants have little or no fraud.  Why the difference? In Information and Incentives in Online Affiliate Marketing, Ben Edelman and I examine the impact of varying merchant management decisions.  Some merchants […]

“babyface” compromises qbnews.cn

Posted by on Nov 18, 2013 in Affiliate Fraud, Cookie-Stuffing, Mad Monday

Qbnews.cn ranks in the top 54,000 sites world-wide. Load it up in your browser and you’ll see nothing out of the ordinary. Fire up a Web debugger and monitor the outbound traffic from your machine though, and you will see an entirely different story: affiliate fraud. This site has been compromised and the attacker (aka […]

Cellphonetech stuffing Amazon cookies with heightened concealment

We’ve recently been watching an Amazon Associates fraudster taking remarkable efforts to cover his tracks.  Like many rogue Associates we’ve looked at, he’s stuffing cookies invisibly.  He’s using Flash-based stuffing, a technique first written up last year.  But he’s several notches more sophisticated than most: The fraudster begins by buying a 125×125 IFRAME in the […]

Rogue CPL Activity

Posted by on Oct 22, 2013 in Affiliate Fraud, Arbitrage, CPL

Cost Per Lead (CPL) is an advertising model where the advertiser pays for sign-ups from interested consumers. Affiliates play the middle men in these transactions for they send the interested consumers in the direction of the advertiser. So for each consumer that signs up with the advertiser, the affiliate in question is paid a commission […]

Linkshare Affiliate ‘smaqEgQUEvQ’ Targets att.com

Posted by on Jul 29, 2013 in Affiliate Fraud, Cookie-Stuffing, Mad Monday, Wire Fraud

If you are a Linkshare affiliate competing for the same traffic as today’s rogue affiliate, know that you do not stand a chance. The reason for this is because Linkshare affiliate ‘smaqEgQUEvQ’ is unfairly using Cookie-Stuffing techniques to maximize his affiliate revenue. Let’s look at how the scam is put together. When visiting this page […]

Bestpcantivirus targets antivirus vendors

Posted by on Jul 22, 2013 in Affiliate Fraud, Cookie-Stuffing, Mad Monday, Wire Fraud

Upon casual inspection, bestpcantivirus.com reviews antivirus solutions for your PC. In their own words: We recommend you the best antivirus software for your PC. Our reviews and recommendations are balanced from the performance, budget and easy to use. Below are the Top 3 Antivirus programs that will give you the best performance and are Worth The […]

Perion Incredibar adware, CJ 7164280 invisibly claiming commission on organic traffic to Cafepress

Posted by on Jul 12, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman On a computer running Perion Incredibar adware, our crawler browses the cafepress.co.uk site.  Incredibar sees this traffic and invisibly invokes the CJ click link with publisher ID 7164280, which redirects back to Cafepress. Because the toolbar drops CJ cookies invisibly, there is nothing for us to show in a screenshot.  But […]

Perion Incredibar adware, CJ 7164280 invisibly claiming commission on organic traffic to Webroot

Posted by on Jul 11, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman On a computer running Perion Incredibar adware, our crawler browses the Webroot site.  Incredibar sees this traffic and invisibly invokes the CJ click link with publisher ID 7164280, which redirects back to Webroot. Because the toolbar drops CJ cookies invisibly, there is nothing for us to show in a screenshot.  But […]