Customers unknowingly download spyware, pop-ups, or other adware programs that secretly install malicious code onto users’ devices, artificially inflating traffic figures reported to an advertiser.

With cookie stuffing, cookies are placed on all visitors’ computers, granting the affiliate a commission for potential future purchases, whether the user clicked the affiliate link or not.

Official-looking domains with URLs that are visually very similar to a successful online retailer like Amazon or Walmart. Users reach the fake site, but are immediately redirected to the true site… just with a cookie that snags a referral from the redirect.

Creating fake IP addresses to hide the sender’s identity. Affiliates secretly click links on their own sites to artificially inflate traffic driven to an advertiser’s site.

A 1-pixel square iframe script — too small for users to see — is added to an online ad. The pixel is used to download a second (hidden) link, giving the affiliate credit for future sales.

Fraudsters obtain the transaction ID and address used for approval, then attempt to bypass the actual advertiser and claim commissions for conversions that never happened.

Sites provide coupons and discount codes for online shoppers … then attach a cookie to the user's browser, and take credit for the sale.