Affiliate Marketing Scams

Click spam, or “click flooding,” is an affiliate scam that uses mobile apps or websites to generate fake clicks.

Fraudulent clicks fall into two categories: manual and automated. The former involves human beings clicking a link, while automatic click fraud employs automated tools to work on a larger scale. It can work by generating non-human (i.e. bot) traffic through malware-infected mobile devices. Or, you can have click farms in which humans manually engage with ad links.

Click fraud wastes advertisers’ money and distorts targeting data. It also drives up online advertising costs, causing ongoing damage to the industry.

Also known as “cookie dropping,” cookie stuffing is an affiliate scam through which a fraudster uses web cookies to collect affiliate commissions on goods they did not sell.

Consumers must click through from the affiliate’s site to the advertiser’s site and make a purchase to legitimize a commission. With cookie stuffing, though, the advertiser pays a commission, even though the fraudster didn’t earn it. The fraudulent cookie might even override another cookie placed by a legitimate affiliate, meaning they don’t get the commission they earned.

This affiliate scam is exactly what it sounds like. A fake product scam occurs when a fraudster creates an ad or webpage for a product or service that doesn’t actually exist, then promotes that product under a legitimate company’s branding and credentials.

This is a prevalent form of affiliate fraud because it is so easy for scammers to take advantage of customers’ scrolling habits through social media. Indeed, Facebook Marketplace contains a veritable hive of fake product scams that led to over $117 million in losses in the first half of 2020.

Fake products are such a problem that the FBI received almost 50,000 complaints and reported $3.5 billion in losses last year alone.

Transaction fraud, or “transaction laundering,” happens when a fraudster uses stolen credit card or payment account information (think Venmo or PayPal) to process a transaction from an affiliate partner’s account.

When a retailer is targeted by this affiliate scam, they wind up paying for more than just the initial attack. First, they lose the original transaction value. They then lose any commission paid to the affiliate account, and eventually, the chargeback fees they will fork over when the affiliate files a chargeback for the fraudulent purchase.

This affiliate marketing scam occurs when spammers send false impressions and invalid click data to advertisers to make it look like they are sending legitimate traffic. Inevitably, the impressions they send will include bots and junk data designed to make them look like credible affiliates.

On the retailer’s end, this spoof data will appear like the false affiliate is sending lots of traffic to their site or service. All those impressions originate with bots or click farm traffic, though. Spoof traffic scams are widespread in PPC (pay-per-click) affiliate marketing. They let fraudsters make money from the number of clicks they generate, rather than tractable funds resulting from the affiliate’s actions.

URL hijacking or ‘typosquatting’ happens when a fraudster buys a URL similar to a legitimate retailer’s. The fraudster then redirects traffic to the fake website to claim affiliate commissions. To do so seamlessly, the hacker will insert affiliate links and data into their redirect process to profit from that impression.

For example, if you misspell a letter or phrase in a legitimate company’s URL, you may be redirected to the fraudster’s site without realizing it. The fraudster may even clone the significant details of the original site and use them in various descending scams, hitting the advertiser for an unearned commission while installing malicious software.

Fake lead fraud is an affiliate scam in which fraudsters send fake leads to an advertiser to defraud the company for a commission.

This scam relies on synthetic identities and bot traffic to convince companies that the leads they pay for are genuine and actionable. However, all the leads generated are fake, useless junk that can’t be converted to a sale.

Fake ad hijacking is a form of affiliate marketing fraud that happens when a fraudster creates a phony ad that appears at the top of a Google search. Consumers will be most likely to assume the ad is legitimate, as they trust Google’s due diligence process.

Once the consumer clicks on the false (and sometimes identical) ad, the hacker can hijack a company’s paid ad space and steal their traffic by targeting branded keywords. If the scam succeeds, consumers will assume they’re visiting a legitimate site and make a purchase, for which the fraudster will claim the affiliate commission.

You’d think everyone would be wise to this tactic by now. However, there are still many forms of this tried and true clickbait scam that tend to catch consumers now and again.

Fraudsters use talking points like saying “this one simple trick can save you thousands” or “click here for the secret to losing 20 pounds in one week.” Others will imply that the promised benefit will magically appear if you click into a video provided by the poster’s “partners” or “sponsors.”

In reality, the consumer will be led down a rabbit hole of descending click-in scams designed to generate fake affiliate clicks for the scammer. Even worse, they can parlay this scam into gaining access to the user’s computer and private data.

Lastly, pay-to-join scams are another form of affiliate fraud that asks retailers to pay for memberships with various agencies. The scam is relatively easy to commit, as it might seem rational that you should pay to join an affiliate program.

The fact is that most credible affiliate programs do not feature sign-up fees or up-front membership costs. As the name implies, performance marketing should be based on performance. If a network has faith in their affiliates, they shouldn’t require a big, up-front investment to start using their service.