Stealing Affiliate Links?

[Amsterdam]

I've read quite a few comments about affiliate links being hijacked. How is this done? Is there a way to prevent it?

T

[digitalpoint]

Never heard of that before... You mean people taking your affiliate link and using it as their own? If they do that, then you would get the credit for the sale/lead.

[Amsterdam]

Yes I understand that, but I've seen it suggested that people can somehow substitute your aff id with their own. I can't undersand how that could happen. Hence the question.

T

[Dastar]

Maybe he's talking about spyware on the end users computer that replaces a affiliate URL with it's own (like Gator).

[GRIM]

Quote:

I've read quite a few comments about affiliate links being hijacked. How is this done? Is there a way to prevent it?

The only instance I've read some credible reports on this is from spyware, is this what you're talking about?

Not sure on a way to prevent it though, read alot of posts of people trying to prevent it but from how I understand it there realy is no way to prevent it as the spyware looks for any link or site your visitor is pointed to that they have an affiliate account setup for. It then somehow strips your info and replaces it with the originator of the spywares affiliate code.

Some good preventitive measures however is going with an affiliate company who will not stand for instances such as this, actively tracks cases such as this and removes the offender from the program.

If there is a real prevention method though and someone knows of it I'd like to see it, but when spyware is on the users computer there is no way you can realy bypass it without possible spyware yourself or is there?

[blackbug]

The only reference to link hijacking I've heard of before was in respect to people realising that they're about to click on an affiliate link, and just typing in the url of the site, instead of the whole thing.

e.g.
You link is www.bigfatshop.com/?dave
and they just type in www.bigfatshop.com

Some affiliate processors obfuscate links on your behalf because of this.

If it IS to do with spyware then I'm not too worried, something like this won't get into to many people's PCs and not for long.

[iShopHQ]

Affiliate link stealing/substitution happens client side, so do a server side redirect to the affiliate store using rel="nofollow" so the search engine (legit ones anywaht) won't follow it. Also put the redirect page in it's own directory and exclude the directory and the script in you robots.txt

you build a page where you pass in the link for redirection. If there's more than one variable in the linki, use URLEncode so your script can get them all

ASP Example:

affiliate link: <a href="www.affiliate.com/afid=12345&sid=54321">

becomes
<a href="goto/go.asp?url=<%Server.URLEncode("www.affiliate.com/afid=12345&sid=54321")%>" rel="nofollow">

then in the goto directory with your go.asp page you grab the variable and do a server side redirect

vURL = request.querystring("url")
If vURL <> "" then response.redirect(vURL)

[atonca]

I had Microsoft AntiSpyware software set up in my computer. Should I expect it to get rid of the spywares?

[5starAffiliates]

Yes there a lots of ways people can hijack your affiliate links. I thought this was wide-spread knowledge. Usually people are referring to "parasites" which is typically adware programs that over-write your link and take credit for the sale you generated. But there are different types of affiliate hijacking and different ways it can be done.

One way to protect yourself is to try to only affiliate with programs that don't allow "parasites" in their programs. That's what I specialize in is clean, parasite-free programs. The problem is it's hard for affiliates to know what programs are clean and also hard for even hinest merchants totry to keep them out because they can be very tricky.

There are SO many aspects to this issue and I don't have time to write a book right now which is what it would take to try to explain it all. I would Google affiliate parasites for starters.

If you have affiliate programs on CJ or LinkShare there is a code you can add to your links that tells the parasites in those networks that play by the rules - NOT to overwrite your link because it's an affiliate link. Going to my blog to get you guys the code and more info on it BRB.

[5starAffiliates]

Ok here is a BUNCH of articles from my blog about parasites. I'm well known for my anti-parasite stance and often write news on the subject. There are also tons of links to other articles on the subject.

http://affiliate-blogs.5staraffiliat...m/?s=parasites

This article in particular explains how to use the afsrc=1 Parameter to protect your links from *some of the parasites. (Only the ones that play by the rules.)
Parasite Protection - afsrc=1 Parameter Detailed FAQ
http://affiliate-blogs.5staraffiliat...te-protection/

What pisses me off about the afsrc=1 Parameter is that all the affiliates like you guys - even a big affiliate like Shawn did not seem to know about affiliate hijacking. AND IMHO YOU SHOULD NOT HAVE TO!!! You should not have to know or go to the extra trouble to add something to your links - PERIOD. The networks (trusted 3rd parties) should be protecting you by not letting parasites in. This is a bandaid and one that a lot of affiliates (like some of you) dont even know about.

I feel a big fat anti-parasite rant coming on. So I'll just say I believe HONEST affiliates should get every dime they earn without having to worry about hijacking.

[5starAffiliates]

iShopHQ,

That wont work for most parasites and I would REALLY worry that what you are suggesting could mess up the link, so it would not even track.

Parasites have nothing to do with search engines or spiders or re-directs. Maybe you are talking about some other kind of hijacking i've never heard of, if so please explain in more detail.

Again I would always be very careful of changing links. Some affiliate programs have a TOS that prohibits it so you could get dropped, some changes could cause the link not to track at all (depending ont he changes and the provider).

[asr_guy]

To build on Linda's great posts, here's a site of a prominent e-lawyer who is trying to fight the vendors of adware/spyware etc.

He has screenshots catching some of them in the act.

http://www.benedelman.org/

Cheers,
Peter

[iShopHQ]

Hi Linda

I'm moving a lot of affiliate merchandise through my network of sites using this method... now you have me wondering if I'm actually moving more. My method doesn't cahnge the link - all encoding does is encode it so the parsing script doesn't parse on querystring variables witin the destination URL itself.

The scenario I gave was one where the affiliate link is coded into the page. I actually do the redirect based on the url for the record I pull out of the database.

I mention blocking serach engines from following affiliate links simply because I believe it is good practice and the pervasive rumors taht SEs degrade pages they find affiliate links on. My method masks the affiliate links to the search engines neither see not follow them.

[5starAffiliates]

Hi asr_guy,

Glad you posted that. Ben is one of the leaders in the fight against parasites and his research is really good. Since it's so well documented and laid out, it's especially useful if you are trying to convince one of your merchants to drop a parasite they have let into their program.

Hi iShopHQ,

You seem very technical and I'm not. What you are doing probably works fine for you and for the reasons you are doing it. I was more trying to caution affiliates that weren't that tech savvy. Since we are talking about protecting commissions from hijacking and what you are doing wont protect from that - I just didn't want affiliates that weren't that tech savvy runnning out and trying to do what you do, because it won't protect your links from parasites.

The caution I wanted to throw out there is really anytime you change your affiliate links to mask, redirect or anything else, be sure to test them and be sure they still work. Also be sure what you are doing is not against the TOS of the programs. There are even off the shelf programs that advertise they will make your affiliate links or protect them from hijacking that actually do other things like iframes and auto-cookie setting which are against the rules of many affiliate networks.

[Amsterdam]

Looks like I opened a can of worms with this one! Thanks for all the replies, there's some great advice there.

T

[mcfox]

What about those sites which are set up to force cookies onto the users machine?

[Amsterdam]

Quote:

Originally Posted by mcfox

What about those sites which are set up to force cookies onto the users machine?

Not with you there. Can you elaborate?

T

[mcfox]

I'm not 100% certain on the details but basically, whenever someone lands on one of these sites their computer is flooded with a zillion (read-only?) affiliate cookies. Seems pointless at first until you realise that if you flood enough computers with enough cookies you will begin getting sales accredited to your account even if they were referred by someone else. The read-only part is what takes care of any other affiliate sites trying to write a cookie onto a user's computer.

[5starAffiliates]

Amsterdam, its good you brought it up. Some other affiliate forums talk about stuff like hijacking and parasites far too much. This forum it hardly ever comes up. I think people should be aware and informed - but they don't need to be paranoid and obsessed by these things.

Yes mcfox, that's another way some unethical affiliates get sales they don't really deserve. I call it "cookie-stuffing" and we prohibit it in the TOS of our programs plus it's against the TOS at CJ and most networks. Some of it is done by exit pops but there are other ways too.

Well not sure what you mean by the read only part. But most networks and affiliate programs are set so the last cookie gets the sale. So if a surfer clicks your link legitimately and gets your 30 day cookie and buys in 20 days - but in the meantime visited a site that stuffed a bunch of cookies EVEN THOUGH the surfer never clicked that affiliate link for that product - they could get a sale that should have belonged to you. The chance of this happening is pretty rare but it can happen. You would both need to belong to the same program and the surfer would have had to have visited both your sites.

Don't want people to get paranoid about affiliate marketing. Still tons of money is being made by affiliate marketers. But just like with SEO there are scammers and spammers that do try tricks which make it hard for honest marketers.

[iShopHQ]

Cookie stuff works by people putting a bunkc od 1x1 iframes on a page adn then loading those iframes through their affiliate link. The result when someone goes to a page is dozens of affiliate tracking cookies dropped. Then, if the user goes to one of those stores and eventually buys something before the cookie expires, the person who set the cookie gets credit for the sale, even though he ro she might not have been the one who sent the customer to the store.

AFAIK, mass cookie setting per the scenario above is against the TOS for most affiliate management companies.