Affiliate Fraud: How to Identify It in Your Program

Lyndsey Fish

Affiliate fraud may be lurking in your program. Do you know how to spot it?
Affiliate fraud may be lurking in your program. Do you know how to spot it? Photo by Markus Spiske on Unsplash

Affiliate marketing is a low-risk, high-reward channel that has seen its popularity skyrocket in recent years. However, low risk isn’t the same as no risk. With more than 80% of advertisers and publishers including affiliate partnerships in their marketing strategy, fraud is an unfortunate and unavoidable fact of life. 

As affiliate marketing grew into what it is today, so did bad actors and their numerous technologies to “game the system.” Some of these practices fall into a gray category where they aren’t necessarily illegal, while others are a blatant breach of contract.

Below, we’ve outlined the practices that account for why this channel has historically gained a bad reputation in the marketing industry. Here are the top ways we see publishers break the rules, how they do it, and how you can identify affiliate fraud like it in your own program. 

What Affiliate Fraud Looks Like 


The opposite of a pop-up, a pop-under is an ad that pops open behind (or “under”) a browser window. 

When It’s OK  

A number of publishers still utilize pop-unders as a part of their advertising efforts, and that in itself is relatively benign. However, this practice is considered old school and typically does not add value to the user experience. How often have you seen a pop-under and said, “Oh great, I can’t wait to click on this!” Instead, it’s more like, “Where the hell did this come from?”

Some advertisers may not want this experience to be included as part of their program, while others might not mind, so it’s best the parties involved discuss this practice upfront.   

Pop-unders can be used as one type of affiliate fraud, but they can also be legitimate.
Photo source:

When It’s Bad 

Pop-unders can be set up to assist in cookie stuffing without the user knowing. It’s bad practice if the pop-under is for something completely irrelevant to what the user is searching for, or if the user did not take an action (click) to cause the ad to fire. 

A common practice for very large retailers or campaigns is to force an affiliate click on a pop-under where there is no immediate relevance for the consumer in the hope that they will purchase (think Expedia) or sign up (H&R Block). A red flag for this type of tactic would be an extreme spike in clicks from a masked referring URL with low conversion rates. 

Cookie Stuffing/Cookie Dropping  

Also known as attribution theft, cookie stuffing is always fraudulent. 

When It’s OK 


When It’s Bad 

Cookies are little data bites that capture the parameters we all use in our tracking links. These data bites include important values like your affiliates’ information (name, ID number, etc.), and they track the touchpoints in a consumer journey.

Cookie stuffing happens when a third party, such as a publisher or CPA network, drops multiple cookies on a user’s browser before they take an action so the third party can get continuous credit for a sale. You may be able to tell if one of the partners in your program is doing this if their actions spike but they have very few clicks, behavior that TUNE’s Time-to-Action Report can help you identify. 

TM+ Bidding 

TM+ stands for “trademark plus,” or when a third party bids on your branded name(s) plus additional keywords. 

When It’s OK  

Trademark plus campaigns, when run through the affiliate channel with trusted partners, can help bolster performance and support advertisers by pushing competitors lower in search results. They also offer a means to get supplemental media in exchange for TM+ rights, which can be a win/win depending on the goals of a particular partnership.  

When It’s Bad 

Trademark bidding is part of paid search marketing, which means most brands will have a team that focuses on this and pays search engines to place their ads at the top of relevant pages. When unauthorized parties bid on trademarked terms, it not only drives up costs for your paid search team, but it can also result in completely inaccurate information, stolen sales, and poor user experiences.  

URL Redirection 

This happens when you navigate to a specific URL and instead of ending up there, you are rerouted to a different destination URL. 

When It’s OK 

There are a few reputable auto-redirecting publishers who scrape the web for misspelled domain entries and redirect them to advertisers’ sites. Some notable companies that do this are Resilion, NameSpace, and ProtectedBrand. 

When It’s Bad 

URL redirection is bad if it is set up with the intent to disguise itself and take users away from their intended destination. This can be done in tandem with website cloning, and it is another form of theft in affiliate marketing. Auto-redirecting works by using a protocol that remains hidden and enables click fraud.  

Bots/Web Crawling 

A search engine algorithm that organizes information. 

When It’s OK 

Fun fact: About 42% of internet traffic consists of bots scanning content, interacting with webpages, chatting with users, or looking for suspicious behavior. Some bots are useful, such as search engine bots that index content for search results or customer service bots that help users. A web crawler bot is like someone who goes through all the books in a disorganized library and puts together a card catalog, so that anyone who visits the library can quickly and easily find the information they need. 

Affiliate Fraud chart: distribution of bot and human web traffic worldwide from 2014 to 2021

When It’s Bad 

Like any technology, bots can be built with bad intent. Because it’s automated technology, bots can assist with most of the malevolent practices mentioned in this post. They can be programmed to break into user accounts, scan the web for contact information for sending spam, set up to perform click fraud, or stuff cookies.

If you have access to a tool like TUNE’s Time-to-Action Report and see an unprecedented number of clicks come through in a short period of time, that could indicate a bot is performing click fraud on a partner’s site.  

Website Cloning 

This practice is exactly what it sounds like: duplicating information and visuals from one site to create a copy of it somewhere else. 

When It’s OK 


When It’s Bad 

I’ve seen this happen to brands when a third party purchases similar domain names and replicates the website imagery and content to dupe visitors and get the affiliate payout on those sales. The plagiarized sites abuse the way Google ranks content by sending fake organic traffic to themselves. This is why it’s so important to actually look at potential partner websites and do the research before accepting just anyone into your affiliate program. 

Toolbar Auto-Redirection 

When a toolbar, plugin, or other browser extension takes an action without the user’s knowledge and/or consent.

When It’s OK 


When It’s Bad 

Some browser toolbars, plugins, and extensions automatically drop an affiliate click when a user (who has it installed) visits an advertiser’s website in order to generate an action that will give the user cash back. Many times, the consumer doesn’t know they have the toolbar installed and never get the cash back. See the post we wrote about Chrome extensions caught cookie stuffing for an example of this practice in action. 

We recommend requiring that any toolbar or browser plugin adheres to an “affirmative click” policy, where the user has to opt in to receive cash back (and subsequently allow the affiliate to receive commission). The major toolbars that do this are Shop At Home, BeFrugal, and WeCare. 

Tools to Detect Affiliate Fraud 

As affiliate fraud has expanded, so have tools to help brands and program managers fight back. Some platforms offer fraud protection built in, but most charge an additional fee for their solution or a third-party integration. TUNE provides both, allowing you the freedom to use our built-in proactive fraud prevention suite that’s powered by Fraudlogix, or integrate your preferred third-party solution. 

“TUNE’s customers depend on the platform to help them fight fraud and the data we are providing enables them to block fraudulent actions before they affect campaigns,” Fraudlogix CEO Hagai Shechter said in our post announcing the feature. “This saves TUNE’s customers time and has real implications on ROI.” 

Another TUNE technology partner, TrafficGuard, sees that on average across affiliate programs, between 10-15% of commission payouts go to fraudulent affiliate partners. Here’s how they explain it: 

“When we look at ad fraud in the affiliate channel what we are really looking at is misattribution. Tactics like cookie stuffing are designed to misattribute a conversion away from its real origin to a fraudulent affiliate. That means you are then either paying that affiliate for something that you should have got for free, or are paying the wrong affiliate. When it comes to scaling your affiliate program, this can cause you to actually scale into the bad actor, as it appears they are driving the most growth.” 
—Kalen Bushe, TrafficGuard

Keeping Affiliate Fraud Out of Your Program 

These days, affiliate fraud is just a reality brands must face. With the right platform and tools, however, it becomes a manageable part of any program.  

Visit our blog post on TUNE’s Proactive Fraud Prevention to learn more. 

10 mistakes to avoid when starting an affiliate program

Download our 10 Mistakes to Avoid When Starting an Affiliate Program e-book to get tips from industry experts on what they got wrong — like ignoring the warning signs of affiliate fraud — and how you can get it right in your program.   

Lyndsey Fish

Lyndsey Fish is the Director of Partnerships at TUNE. Before joining TUNE, Lyndsey worked for a leading partner marketing agency, overseeing a diverse portfolio of clients. Her career has focused on growing affiliate partnerships, utilizing data to make strategic decisions for consumer brands, and driving incremental growth.