Affiliate marketing has developed into one of the most valuable techniques in acquiring new customers for online businesses… but with this growth comes more risk of criminal activities. 

As the world continues its journey of digitalization, affiliate marketing can be an extremely effective method in discovering specific niches that might have been previously unreachable pre-internet through mediums such as unique blogs or social media influencers.

Businesses have the ability to add tracked links to their content which then leads to a different firm’s store or product page, with the affiliate taking a percentage based on the agreement.

As an example of a successful affiliate model, the British consumer finance information and discussion website Money Saving Expert (MSE) bases its entire business model from affiliated links.

MSE operates entirely on a cost-per-acquisition (CPA) basis and gets paid a commission if a customer purchases the linked product.

As explained by the company’s ‘How this site is financed’ page, the site does not offer any of its own paid products, accept external advertisements or sponsored posts.

It’s an incredibly powerful method and sees huge successes across the world… Yet, according to Juniper’s report Future Digital Advertising: Artificial Intelligence & Advertising Fraud 2019-2023, advertisers’ total loss to fraud will rise to $100 billion by 2023. 

What exactly is affiliate fraud?

Affiliate fraud is when a person/organization unethically utilizes a campaign for their own personal gain or advantage. This includes activities that go directly against the terms and conditions of an affiliate marketing program. 

It comes in several forms, among the most common are:

  1. Traffic diverting 
    • Taking traffic from the legitimate affiliate and misleading the customer to the fraudster’s landing page
  2. Spamming
    • A range of options with this method such as auto-refreshing a page, using software, or spamming directly from a referral link. 
  3. URL hijacking/site cloning
    • Fraudsters take over site domains close to the company’s name or their product(s) to take up a referral from the redirect. Site cloning is similar however the criminal will copy the legitimate affiliate’s sites and content to mislead prospects. 
      • Site cloning brings even higher risk due to the fact the main source is losing relevant traffic as well as income.
  4. Fake clicks or referrals 
    • Utilizing scripts/software to emulate human actions to generate false clicks or transactions
  5. Cookie stuffing 
    • The fraudster deposits multiple affiliate cookies on a user’s browser, in order to claim the commission out of sales happening from that browser.
  6. Illegal transactions and stolen information
    • Most common with fraud, the criminals will make purchases using stolen credit card credentials or register using fake identification which in turn can cause heavy chargeback fees. 

Methbot Arrests

Alexander Zhukov and the ongoing ‘Methbot’ is one of the most notorious affiliate fraud cases in recent years. 

Zhukov, who was arrested in 2018, is alleged to have acquired more than $7 million from merchants by simulating humans viewing ads on fabricated web pages.

The lawyer involved with the case noted: “Before, it was boys and girls in Russia sitting in boiler rooms clicking manual clicks in order to get apparent traffic to defraud affiliates. Now it’s done by bots.”

Defence tools

Despite the potential risks, affiliate fraud detection is more affordable than ever thanks to the many solutions available to the market now, and ensuring you have multiple layers of protection is by far the most important factor in combating affiliate fraud.

For example, monitoring the quality of customer traffic is one sure way to understand whether or not the affiliate is bogus. 

If your fraud detection solution enables you to regulate and track data, you will quickly spot a phony partner through transactions that are approved, reviewed, or declined. These risk rules can analyze variables such as the user’s IP address, connection attempts, and the average time from conversion to checkout. 

If you want to block illegitimate traffic to your site completely, device fingerprinting is perhaps the most effective way to do so. 

This solution is able to scan the end users’ software and hardware configuration and record them as ID numbers/hashes. 

Additional checks can always present a good idea to begin with such as:

  • Does the affiliate have an active website?
  • Does its content match the product(s) being affiliated? 
  • Is the website optimized for SEO etc?

Answering all these questions will help form a holistic profile of your customer at the acquisition stage in real-time.  


Photo by Markus Winkler on Unsplash

Similar Posts