Measuring and Managing Online Affiliate Fraud

Affiliate programs vary dramatically in their incidence of fraud: in some merchants’ affiliate programs, rogue affiliates fill the ranks of high-earners.  Yet other similarly-sized merchants have little or no fraud.  Why the difference? In Information and Incentives in Online Affiliate Marketing, Ben Edelman and I examine the impact of varying merchant management decisions.  Some merchants […]

Perion Incredibar adware, CJ 7164280 invisibly claiming commission on organic traffic to Cafepress

Posted by on Jul 12, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman On a computer running Perion Incredibar adware, our crawler browses the cafepress.co.uk site.  Incredibar sees this traffic and invisibly invokes the CJ click link with publisher ID 7164280, which redirects back to Cafepress. Because the toolbar drops CJ cookies invisibly, there is nothing for us to show in a screenshot.  But […]

Perion Incredibar adware, CJ 7164280 invisibly claiming commission on organic traffic to Webroot

Posted by on Jul 11, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman On a computer running Perion Incredibar adware, our crawler browses the Webroot site.  Incredibar sees this traffic and invisibly invokes the CJ click link with publisher ID 7164280, which redirects back to Webroot. Because the toolbar drops CJ cookies invisibly, there is nothing for us to show in a screenshot.  But […]

CJ Affiliate 7115795 claiming commission on organic traffic to Gap

Posted by on Jul 10, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman On a computer running Zango adware, our crawler browses the oldnavy.gap.com site.  Zango sees this traffic and opens a window to surveysclick.com (packet trace).  Surveysclick.com returns tricky redirects and eventually does a POST through to a CJ click link with publisher ID 7115795, then on to Gap.  As shown in the […]

CJ Affiliate 3970235 invisibly claiming commission on organic traffic to Skinstore.com

Posted by on Jul 9, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman Using a computer running Zango adware, our crawler browses www.skinstore.com.  Zango sees this traffic and opens a window to firststopmall.com (network trace).  A user sees a popup offer from corehq.com.  But at the same time, an invisible image redirects to the CJ click link with publisher ID 3970235, then on to […]

CJ Affiliate 5898178 claiming commission on organic traffic to 123Inkjets

Posted by on Jul 8, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing

Co-authored with Ben Edelman Using a computer running Perion Incredibar adware, our crawler browses the 123Inkjets site.  Incredibar sees this traffic and invisibly invokes the CJ click link with publisher ID 5898178, which redirects back to 123Inkjets. Because the toolbar drops CJ cookies invisibly, there is nothing for us to show in a screenshot.  But […]

CJ Affiliate 5740999 claiming commission on organic traffic to Tirerack

Co-authored with Ben Edelman On a computer running Zango adware, our crawler browses the tirerack.com site.  Zango sees this traffic and opens a window to Trackmyads (packet trace).  Trackmyads returns tricky JavaScript that redirects to Offershack which redirects to the CJ click link with publisher ID 5740999, then on to Tirerack.  As shown in the […]

CJ Affiliate 3744050 claiming commission on organic traffic to Vistaprint

Posted by on Jul 3, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing, PPV, Wire Fraud

Co-authored with Ben Edelman On June 25, 2013 using a computer running Zango adware, our crawler browses the vistaprint.com site.  Zango sees this traffic and opens a window to searchquikly.com (packet trace).  Searchquikly 302 redirects to shoppingcollections.com which returns JavaScript that redirects to an encoded CJ click link (which maps to affiliate ID 3744050), then […]

CJ Affiliate 6365251 invisibly claiming commission on organic traffic to Symantec Norton

Posted by on Jul 2, 2013 in Adware, Affiliate Fraud, Cookie-Stuffing, Wire Fraud

For the remainder of this month I will be working with Ben Edelman to report a flurry of infractions involving rogue affiliates. On June 25, 2013 using a computer running Zango adware, our crawler browses the buy.norton.com site for Symantec Norton software.  Zango sees this traffic and opens a window to Doublemyspeedscam (packet trace).  A user […]