Cookie Stuffing: The Reason Your Next Affiliate Campaign May Crumble
Cookie stuffing. The term may sound like it describes chocolate chips or marshmallows. In the world of affiliate advertising, though, it’s a devious way for fraudsters to siphon away unearned money behind an advertiser’s back.
Affiliate marketing is a marketing channel where publishers earn a commission by promoting another brand’s product or service. Affiliate marketing fraud, or affiliate fraud, is a process where criminals circumvent the system in order to claim unearned sales commissions.
Done correctly, affiliate marketing can be a robust tool for driving traffic to your website. However, fraud from illegitimate schemes means you could be paying commissions on bogus sales. If you work with affiliates, you need to get the scoop on cookie stuffing…before you get burned.
Affiliate Marketing & Cookies
Cookies are small data files that connect a user to a particular site via their traffic pattern. Websites can read from and write data to these cookies for a variety of purposes, like saving a user’s login information. They can also use cookies to track a user’s browser history if they visit your site more than once. You can even have cookies that tell the website not to save cookies!
In affiliate marketing, a third-party website promotes your products, earning a commission if users actually end up buying. As an example, let’s take a major appliance seller (the advertiser), who may place ads connecting their store to the website of an appliance repair outlet (the affiliate, or publisher). If a user clicks through the ad on the affiliate’s site, and then later makes a purchase from the advertiser, the affiliate will get a commission.
It’s a good deal for both parties; the advertiser only pays out when they make a sale, while the affiliate can earn passive income through their online presence. But what does all this have to do with cookies?
Any time a customer clicks on an ad and visits the advertiser’s site, the advertiser attaches a small file, or cookie, to the customer’s browser. The cookie “remembers” that the shopper came to the website at least once via the ad. If that customer leaves, but then comes back and completes a purchase within a predetermined period of time, the advertiser will attribute the sale to the affiliate and pay out a commission.
It’s an effective technique that benefits everyone involved. It’s not surprising, then, that fraudsters found ways to subvert the system.
Cookie Stuffing Is Just One Of Many Threats To Your Affiliate Campaign.
Ensure your next campaign is a success. Click to get started.

How Does Cookie Stuffing Work?
- Cookie Stuffing
Cookie stuffing is a practice by which a fraudster uses web cookies to collect affiliate commissions on goods they did not sell.
[noun]kʊ ● kɪ ● stʌ ● fɪŋ
In contrast to the legitimate use of cookies by affiliate marketers, cookie stuffing—or cookie dropping, as it is sometimes known—is considered a blackhat online marketing technique. It’s a practice by which fraudsters use cookies of their own to collect commissions on goods they did not sell.
The fraudster begins by joining an online affiliate community or developing independent relationships with advertisers. Then, every time someone lands on the fraudster’s site, they attach a number of third-party cookies to the user’s web browser; mostly tied to major retailers like eBay, Amazon, Walmart, etc. Later, if that user happens to visit one of these sites and make a purchase, the cookie would make it appear to the advertiser that the lead was driven by the affiliate.
Consumers have to click through from the affiliate’s site to the advertiser’s site and make a purchase to legitimize a commission. With cookie stuffing, though, the advertiser pays out a commission, even though the fraudster didn’t actually earn it. The fraudulent cookie might even override another cookie placed by a legitimate affiliate, meaning they don’t get the commission they earned.
Common Methods of Cookie Stuffing
For effective prevention, both advertisers and affiliates need to know how cookie stuffing happens. Here are five common methods fraudsters use to sneak cookies onto a site:
Is Cookie Stuffing a Serious Problem?
Yes. Cookie stuffing undermines merchants’ affiliate marketing strategies and siphons unearned commissions from their revenue pool. Plus, top-producing affiliates will see fewer profits, giving them less reason to continue participating.
Cookie stuffing also violates broad data security regulations like the General Data Protection Regulation (GDPR). This European regulation strictly bans data collection without express permission. It also mandates that websites inform users any time they collect data. Cookie stuffing violates both these precepts.
Cookie stuffing is considered a form of wire fraud. Thus, an affiliate engaged in cookie stuffing could be open to criminal charges. In one well-publicized case, a top eBay marketer was sentenced to federal prison for defrauding the auction site of $28 million over the course of several years.
All that said, eliminating cookie stuffing is easier said than done. There are several reasons for this:
- Code Can Go in Anywhere: Any request—even just calling an image—can be used to drop cookies.
- Most Cases Are Smaller-Scale: Fraudulent affiliates using this technique want to avoid getting caught. They typically use it on a smaller scale to avoid attracting attention.
- Advertisers Don’t Have Sufficient Resources: A company like eBay has the resources to pursue some high-profile fraudsters, but most merchants don’t.
- Many Advertisers Lack the Expertise: Cookie stuffers fly under the radar, making it difficult for merchants to identify dangerous behavior.
Cookie stuffing may seem like a minor problem compared to other affiliates' fraud tactics like click fraud or identity theft. These steal millions from advertisers each year. Cookies are sneakier, though, and can be dropped without the user’s knowledge or consent. Those unearned commissions add up and can be much very damaging over time.
How Can I Identify Cookie Stuffing?
Concerned that some of your affiliates may be engaged in cookie stuffing? Here are a few signs to look for that might suggest your partners are up to no good:
Unusually High/Low Conversion Rates
Ensuring that your numbers are realistic is an important part of eCommerce conversion optimization. If conversion rates are high, it may suggest the use of adware to drop cookies in shoppers’ browsers. Low conversion with high traffic, on the other hand, could mean the affiliate is placing cookies everywhere in hopes a customer will randomly end up on an advertiser’s page.
Poor-Quality Site
Be wary of any affiliate whose site seems unimpressive, but who still manages to generate a lot of traffic. Without any reason for customers to visit the affiliate’s website, the most likely explanation for conversion is cookie stuffing.
Reliance on Redirect Pages
HTML redirects are an easy way to hide cookie stuffing activity. Users are sent to a secondary page for a split second before being referred to the advertiser’s page. Fortunately, you can see which referring pages are redirects simply by examining the site analytics.
Suspicious Click Latency
The time between a customer clicking a link and ultimately buying a product is referred to as click latency. Naturally, conversions should decrease as time following a click increases. The lack of an obvious relationship between click latency and conversions should be considered a red flag.
Know Your Affiliates
Implementing manual approval is one of the best—and easiest—methods to ensure that your affiliates are honest. Each applicant to your affiliate program should be screened and reviewed to ensure that it is a reputable and trusted lead source. You can also look into each applicant’s customer service skills to know that they will represent your brand well.
Of course, affiliate cookie stuffing is only one of many potential threats to your next ad campaign. Other malicious forms of affiliate fraud are out there waiting to drain your campaign and flood your business with costly chargebacks.
Chargebacks911® offers products specifically designed to detect, identify, and prevent the most common forms of affiliate fraud. Regardless of the size of your affiliate marketing campaign, we can help optimize your advertising, reduce risk, and turn potential liabilities into profit opportunities. Contact us today to learn more.
FAQs
What is cookie stuffing?
Cookie stuffing is a practice by which a fraudster uses web cookies to collect affiliate commissions on goods they did not sell.
Is cookie stuffing illegal?
Yes. Affiliate cooking stuffing both unethical and also illegal. It uses interstate or international electronic communications to commit fraud, making it a form of wire fraud.
How does cookie stuffing hurt businesses?
Cookie stuffing undermines merchants’ affiliate marketing strategies and siphons unearned commissions from their revenue pool. Plus, top-producing affiliates will see fewer profits, giving them less reason to continue participating.
How do you know if cookie stuffing is happening?
There are several tactics that can help you identify cookie stuffing, including unusually high or low conversion rates, a poor-quality site, reliance on redirects, or suspicious click latency.
Can cookie stuffing be prevented?
Probably not entirely. However, vigilance and careful screening can dramatically decrease instances. Third-party products can also be extremely effective.