Protect Your Program From These Black Hat Tactics and Affiliate Fraud

Becky Doles

2019 Update: HasOffers has rebranded to TUNE! TUNE is the same great technology behind HasOffers, now enhanced with new tools and features for performance advertisers and affiliate networks. Check out our new platform features page, sign up for a free trial, or read the rebrand announcement.

In any economic system there are bound to be a few bad actors who look for opportunities to exploit the system to their advantage. While there are plenty of amazing affiliates out there, affiliate marketing is no stranger to black hat tactics and fraudulent behavior. Sometimes these tactics are the result of overzealous affiliates who simply need some guidance, but all too frequently, the perpetrators are legitimate bad guys looking to make a quick buck at your expense. At Affiliate Management Days, David Naffziger of BrandVerity shared some of the tactics his company sees on regular basis.

Fraudulent Tactic: Form Submit Test

While Amazon has attempted to clamp down on this type of behavior, you can still find affiliate fraudsters who use Mechanical Turk to generate revenue from lead generation offers. This type of affiliate fraud is most frequently done by running some variation of a request for form submission testing. If you’re not familiar with Mechanical Turk, it’s a pretty awesome site for source piecemeal projects at affordable rates. Unfortunately this occasionally translates to work that’s less than legitimate.

Form submit tests are pretty straight forward. An affiliate signs up for a lead gen offer and places a form on a website. The affiliate then creates a job at Mechanical Turk with requirements that look something like:

  • Go to the following URL
  • Click the button on the side of the page
  • Fill in all fields on the form
  • Click Submit
  • Take a screenshot and upload it to verify you completed the task

In most cases the scammer can get his form “tested” for under $0.25, including payment to the Turker (which is how people who accept Mechanical Turk jobs refer to themselves) and the associated Amazon expenses.

Obviously for more expensive leads, this type of fraud is outed fairly quickly. When you call the lead on the phone to verify their information, you will quickly learn they have no interest in your product. For leads where no phone call is involved, it might take awhile before you realize these bogus leads are piling up, unless you are keeping a close eye on affiliate behavior.

Fraudulent Tactic: Social Media Hijacking

Social media sites present many opportunities for affiliate fraud and brand misrepresentation. I have seen numerous instances where a Twitter accounts pose as a specific brand. Facebook works at keeping the fakers at bay, but there are still plenty of fakes on Facebook too.

The most common tactic I see is more like spamming than misrepresentation. If you’ve ever visited a brand page on Facebook and seen random wall posts offering coupon codes, you’ll know what I mean. The coupon codes themselves aren’t necessarily a problem, but if you’ve already got someone at your brand page, it doesn’t really make any sense to pay out an affiliate commission.

The best way to deal with either type of social media hijacking is to clearly spell out rules in your affiliate program terms and conditions. Make it clear that affiliates aren’t allowed to post affiliate links on official social media brand pages. Make it clear that affiliates aren’t allowed to pose as your brand. The other piece of the puzzle is providing enough education to your social media team, so they know what to look for. Performing a regular google search with something like [your company name] coupons should turn up any offenders who are publicly abusing your brand.

Fraudulent Tactic: URL Hijacking

If you’ve ever done a Google search and clicked on a link to a site, only to arrive at a completely different site, you’ve seen URL hijacking in action. The problem with these URL hijackers is they’ve subverted the user’s intent of arriving at one site and sent them somewhere else completely. In most cases, you probably don’t want your affiliate program associated with this sort of behavior. URL hijackers often monetize their sites with affiliate links, but more importantly, they have some clever strategies for avoiding detection.

URL hijackers tend to layer domains inorder to avoid detection. They typically put a disposable domain in front of the real domain where the affiliate link is placed. These disposable domains aren’t easy to trace back to the associated affiliate. They can generally be dumped and replaced with something else if the hijacker needs to change tactics. In most cases these disposable domains are used to validate traffic.

To reduce their chances of getting caught, URL hijackers look at where the traffic came from and show different content to different traffic sources. If you type in the domain, there’s a good chance you will either see nothing or what you do see will likely be very different than anything related to your affiliate program. Hijackers also check IP addresses and change traffic based on who you are. There are also instances where user agent matching takes place. If you are the wrong type of visitor (like someone who could get the URL hijacker banned from the program) the link may pass you directly to a real merchant site, instead of a page with affiliate links.

In most cases, URL hijackers are using multiple affiliate accounts, possibly sourcing links from multiple networks in order to reduce the likelihood of getting caught. It can be tough to track down the fraudsters in these cases, but looking for affiliates who fail to pass the referring domain to your program can be a good indicator. Not being able to access the referring domain is another good indicator. If you suspect a particular affiliate of URL hijacking, contact them and ask how they are bringing in business. For suspicious domains, try accessing them when you are traveling to see if you get different results than what you see when you are at your office or in your own town.

Fraudulent Tactic: Typo Domains

Using domain name typos as a source of revenue is nothing new. Typo squatting has been around for almost as long as we’ve been able to buy domains. What’s changed more recently is the methods being employed to avoid getting caught.

If you aren’t familiar with typo domain squatting, here’s what typically happens. Someone registers a domain name that’s a common misspelling of your brand name. They place some imagery that looks the same as or very similar to your branding and then include affiliate links that direct visitors to your brand. When a visitor arrives at the misspelled domain, they click on the affiliate links to your brand. These sites used to be fairly easy to detect, but some of the sneakier ones are attempting to avoid detection using tactics similar to those of URL hijackers.

You can assume that if someone is using a typo of your brand, they will attempt to block your company’s IP address to avoid detection. Because they are relying on mistyped traffic, it’s harder to completely dodge detection, but they may opt to block traffic from any IP address in your company’s region, so that they remain invisible to your company.

Typos aren’t a problem unique to affiliate marketing, they impact all aspects of your company’s trademark ownership and brand protection. To track down typos, work with your search marketing team to identify the most common misspellings. DomainTools can be a handy way to track down typo domains. Services like MarkMonitor and CitizenHawk are also handy for staying on top of who is profiting from your brand.

Cookie stuffing also remains a common method for unscrupulous affiliates to profit from your program. These four fraudulent tactics are likely the tip of the iceberg. What other type of black hat affiliate tactics have you seen? What are you doing to prevent them?

Learn more about fraud in the TUNE Fraud Series, or start fighting it yourself when you request a demo of the TUNE Partner Marketing Platform.

Becky Doles

Becky is the Senior Content Marketing Manager at TUNE. Before TUNE, she led a variety of marketing and communications projects at San Francisco startups. Becky received her bachelor's degree in English from Wake Forest University. After living nearly a decade in San Francisco and Seattle, she has returned to her home of Charleston, SC, where you can find her enjoying the sun and salt water with her family.

7 responses to “Protect Your Program From These Black Hat Tactics and Affiliate Fraud”

  1. […] Protect Your Program From These Black Hat Tactics and Affiliate Fraud, […]

  2. […] Ludington summarizes a BrandVerity Affiliate Management Days presentation on the tactics  employed by black hat […]

  3. Blackhatters says:

    Old school black hat affiliate stuff.

  4. Andrew DFlip says:

    Being a flipper myself, I have to disagree with your last point (Typo Domain)…. If the website have a similar theme or a clone of your website, then yeah that is something to look at…. But if say, Mr. ABC (an affiliate) got a domain name which is a typo of your company and post affiliate links leading to your site using a different website theme, not stating that they are you guys but simply giving out reviews on your product with affiliate links attached, etc, then what’s so unethical about that?? But then, I do know for a fact that many looks at the domain business (domain flipping, acquiring typo domains, etc) may seem “unethical” too….

Leave a Reply