Are there scams in affiliate marketing

Affiliate Marketing Fraud Methods

Markus Kellermann

Markus Kellermann is an expert in affiliate marketing and has been working in online marketing since 1999. As a partner and managing director, he heads the digital marketing agency xpose360 GmbH, based in Augsburg. As an author, Markus Kellermann has already published a large number of articles in specialist magazines. With Affiliate NetworkxX, Affiliate TactixX and Affiliate Conference, he also organizes three of the most important affiliate events in Germany and, in addition to the affiliate portal, also operates the Affiliate MusixX podcast.

Download more from this author article as PDF

Affiliate marketing is still one of the biggest growth drivers in performance marketing. The affiliate network Zanox alone generated over 367 million euros in sales in 2010. Affilinet also expects growth of over 20 percent for 2011. Nevertheless, as in every industry, there are black sheep in affiliate marketing, which, according to the software provider Xamine, cause annual damage of over 13 million euros. Markus Kellermann mercilessly exposes the possibilities of fraud for Website Boosting and gives tips on how to better protect yourself against fraud.

There are many types of affiliate marketing scams, but there are just as many ways to protect yourself from scammers. However, this requires the necessary experience and also the knowledge of how the fraudsters proceed exactly.
In this article, I would like to provide an overview of the measures that are repeatedly attempted to obtain unlawful commissions and the methods that can be used to counteract them.

1. Cookie dropping

Cookie dropping is as old as affiliate marketing itself. It tries to simulate clicks, which then set one or more cookies for certain partner programs in the user's browser without a user having actively clicked on an advertising medium. If the user now generates a sale / lead, the publisher receives a commission for it, even though no advertising service has been created. The technical methods of cookie dropping now range from the automatic delivery of the advertiser page via iFrames, flash tracking, forced clicks or automatic redirects after logging out to criminal website hacking and the exploitation of browser vulnerabilities. URL shorteners have also been used to drop cookies in the background. There are no limits to the variety of ideas. The analysis of cookie dropping is made more difficult by the obfuscation of the traffic by IP blockers, referrer queries, mouse actions, browser recognition and fingerprinting.

"Cookie dropping is as old as affiliate marketing itself."

You can protect yourself against cookie dropping above all with a cookie switch, which you should always use, v. a. also to regulate the setting of cookies across multiple networks. This also includes regular account monitoring and checking particularly high-turnover affiliates who have a poor click-through rate or poor conversion rates and are found to be abnormal compared to the statistics of normal affiliates. An experienced affiliate manager usually recognizes such differences and can therefore act quickly against the fraudsters.
For example, if a publisher generates 1,000 views and 1,000 clicks or has an unusually high click-through rate, then you should take a closer look at this partner. Even if certain partners rise very quickly in the ranking of the top publishers, one should carefully control their advertising types.

Affiliates from the software and toolbar sector usually do not use view tracking either. If, therefore, a very rapid click growth can be seen with these partners, you should also seek contact with the partner here.

In addition, professional agencies such as For example, explido also uses tools to identify precisely such abnormalities in the statistics via defined threshold values ​​and to be able to analyze cases of fraud.

You also have the option of performing an IP or referrer check via most affiliate networks, on the one hand to check on which page the advertising material is integrated and on the other hand to also check the intervals between the clicks check. If these are set within a few seconds, there is a suspicion of legal violations.

There are also specialized tools to detect cookie dropping. Search results, keyword advertising, media campaigns and domains are analyzed from various regional locations and cookie droppers are identified. For this purpose, a database with over 30 million websites and 200,000 keywords is searched for automatically placed clicks.

In this context, it is important not to confuse the cookie dropping methods with the postview technology, which is used to set a view cookie via a display banner campaign. There are now well-developed rules for this, which are defined in a code of conduct adopted by the BVDW and which are intended to guarantee the advertising service.

2. Brand hijacking

A method that is still popular with SEA publishers is trademark infringement via brand hijacking. The advertiser's SEA ad is copied one-to-one and the affiliate link is integrated. Although the advertiser or his agency has usually also placed an advertisement himself, this is overwritten by the copied advertisement of the partner and thus commissions are stolen that the advertiser would not otherwise have to pay.

At first glance, the advertiser does not even recognize the ad hijacking ads and often mistake them for the original. However, the fact that this is a third-party advertisement by an affiliate can only be recognized by checking the target URL. In addition, the SEA bookings are often made outside of regular office hours and controlled regionally in such a way that violations of the rules remain undetected by manual checks at the company headquarters of the advertisers or their advertising agencies.

Special fire protection tools can be used to detect such cases of fraud. These use servers in the regions with the greatest reach to permanently monitor the adverts placed for brands locally. In addition, screenshots of the display URL and the tracking URL are created, with which the delivered advertisements can be archived and documented. This then gives you the option of filtering out the partner using the publisher ID and taking legal action. The best-known brand protection tools on the German market are Xamine, Sistrix and AdPolice. A rapid increase in orders, a disproportionate place in the sales statistics or a very good conversion rate can also be a signal that a publisher is booking the brand.

According to the software provider Xamine, brand hijacking in 2011 caused over 13 million euros in damage. It is therefore important that the advertiser always validates the sales / leads in order to cancel commissions generated through fraudulent brand hijacking measures at an early stage. This definitely reduces the damage.

"It is important that the advertiser always validates the sales / leads."

It is also necessary that the partners prohibit SEA measures in the conditions of participation of the partner program so that there is a uniform regulation in the event of legal disputes.

3. Mistyped domains

So-called typo or typo domains are always a controversial topic. For some advertisers, it is an additional source of income when the affiliate uses typo domains to direct customers to the advertiser who might otherwise have bought from a competitor. But especially in the case of clear mix-ups, the advertiser can also suffer a great deal of commission damage.

People like to use v. a. Typo to intercept direct entry via URL. So z. For example, instead of the URL, the classic typo is used. Twisted letters like "ei" or "ie" are also very popular. And with letters, too, there are many creative ways to use new domains. Instead of "i" one could also use "I" or the small "L" ("l") can easily be confused with the capital "i" ("I"). The number "0" is also often used for the letter "O". The fake domains are then often forwarded directly to the correct advertiser page, imperceptibly to the Internet user. One or more cookies are then set, which leads to commission damage for the advertiser, since the customer would also have made the same purchase.

Typo affiliates usually do not register such domains with the affiliate networks, but work with bogus companies such as domain marketing or English Ltd companies. It is therefore technically very difficult to clearly identify such cases of fraud.

So how should you go about it? A well-trained affiliate manager should actually be familiar with trading domains, especially expired domains trading. In addition, the account manager should know from the top affiliates how they generate their traffic and on which pages the approved advertising material is correctly integrated. The continuous monitoring of the statistics is also part of the detection of fraud cases. If no views are generated for the clicks of a partner, this can be an indication that the users are automatically forwarded and clicks are only simulated.

"A well-trained affiliate manager should be familiar with trading domains."

Typo domains, as they are called there, are also a big problem in the USA. The provider has therefore specialized in finding such domains via online brand monitoring. The provider also works in the USA with the major affiliate networks such as Google Affiliate Network, LinkShare, ShareASale and Commission Junction to put an end to the scammers.

4. Software and toolbars

In Germany it is currently a rather unknown problem, in the USA, however, predatory software and toolbars cause several million euros in damage in affiliate marketing. The portal therefore publicly denounces toolbars and adware that have already become conspicuous.

The most popular types of adware and software scams are:

a) Browser Redirect Applications
The installed apps take over complete control of the Internet user's browser and carry out a forwarding to the advertiser's online shop in the background. Since these applications do not contain any pop-ups or advertisements, the normal user cannot recognize the redirect. This type of fraud is particularly popular with 404 error pages or redirect pages. Apps that use type-in ​​traffic (i.e. web addresses typed directly into the address line) or the official SEA ad to set an affiliate cookie and forward it directly to the advertiser page are also very bold.

b) Contextual Advertising Applications
Pop-ups or browser redirects are often used here in order to directly influence the user's surfing behavior via contextual adware. For example, discounts or voucher codes are displayed to the user via the browser in order to induce him to visit certain websites. It is also possible that existing affiliate cookies from reputable partners are overwritten by the adware and the fraudster overwrites the last cookie with his own. The affiliate would thus be credited with a commission, which he is not entitled to because he has not provided any advertising service.

c) Rebate Applications
Rebate Applications are applications that z. B. influence the Google search results and display discount codes in connection with the advertiser website in order to generate a click that costs the advertiser both the discount value and the commission and can thus lead to damage.

d) toolbars
There are plenty of helpful toolbars on the Internet, but there are also affiliates in this area who think they have to take advantage of unsuspecting users in order to steal commissions. So there are z. B. Toolbars that automatically set bookmarks in the user's browser in order to influence surfing behavior. Others change the results of search engines and place artificial affiliate ads there. Here, too, the fraudsters aim to generate clicks on partner programs that the normal user would not actually have called up at all.

Detecting fraud using software and toolbar publishers is relatively cumbersome. In order to detect fraudulent sales in this area, v. a. the experience of the affiliate manager and the proactive exchange with the affiliate networks. In addition, there is the detailed evaluation of statistics, which of course can also be automated using tools. Here, too, rule violations are usually only worthwhile for the affiliates from a certain sales volume. If you know the publisher and if a new publisher is at the top of the top publisher ranking, then you should follow up on the activities of the new partner. In addition, a regular referrer check is also recommended here, which allows the affiliate manager to track the origin of the traffic. If the referrer is not properly transferred or if the origin is obscured, a discussion with the publisher should be sought.

In this context, it is of course important to note that there are also serious affiliates in this area who can offer added value with advertising-financed software and generate additional sales for affiliate marketing.

5. Fraud with fake customer data

Another popular means among fraudsters is generating sales with fake customer data. Either the network tracking pixel is activated automatically or real orders are created, albeit with incorrect address data. The fraudster speculates that there is no validation of sales in the partner program, which is unfortunately still the case today. In addition, the customer data should always be checked for plausibility and a data comparison should be carried out.

In Germany there are already software providers such as Datras or Prodata who check the names and addresses entered to see whether they actually exist or whether the customer data was only taken from the phone book.

In the USA in particular, software providers have specialized purely on the comparison of customer data in affiliate marketing. Providers such as use their solution to identify fraudulent orders and thus create an index that should enable advertisers to protect themselves against fraud in advance on the basis of 150 variables.


Of course, it is important not to give the impression that affiliate marketing only consists of cases of fraud, because 99 percent of affiliates work cleanly and suffer from the damage to their image caused by the fraudsters. But everyone should know by now that, like in every other industry, there are also black sheep. Therefore, if in doubt, it is best to always contact the affiliate network or hire a specialized affiliate agency to oversee the affiliate program.

"99 percent of the affiliates work cleanly and suffer from the damage to their image by the fraudsters themselves."

Affiliate marketing should generally be seen as a serious business area. For this, of course, the company itself also needs the knowledge to classify the affiliate channel in the marketing mix accordingly and to pay it the necessary attention. Therefore, affiliate marketing should also be looked after professionally. If you don't have the resources to provide an experienced affiliate manager, then you should turn to a specialized affiliate agency that has the experience to look after and optimize an affiliate program accordingly.

It should also not be forgotten that fraud in affiliate marketing is not a trivial offense, but should also be legally prosecuted. So if you notice a fraudster in affiliate marketing, then don't be afraid to call in a lawyer and examine the possibilities of a claim for damages. Even if you were able to validate the sales and cancel the sales, you have incurred an effort. And only if the industry manages to set an example will you have the opportunity to ban the crooks from affiliate marketing in the long term. The "clean" affiliates will thank you.

It is therefore important that you define clear conditions of participation for your affiliate program and that you communicate these clearly to every affiliate. Only if you have set out clear rules which SEA activities an affiliate is allowed to carry out or which publisher models you want to work with do you have good opportunities in court to put an end to the fraudster.