Affiliate commission hijacking

Spyware is stealing commission from affiliates

Probably every affiliate knows that he/she can lose commission due to spyware/adware/parasite activity. Marketing is not fair game, it has been not and it will be not fair game. Like anything other where money and greed are involved.

Many of affiliates are thinking that adware/spyware software and company/individual who programmed that software are responsible for commission hijacking. Not only them. Somebody must use that software to steal commission, overwriting affiliate cookies.

Let's take for example, well known n-case/zango/zanu from 180Solutions. That spyware (like many others) is installed from many sites to visitor's PC often using security holes in operating system. Owners of those sites maybe don't know that the same software could (and it will) steal their commission from other affiliate programs? Or they are that greedy?

Same spyware is bundled with screensavers and games, and can be dowloaded from official Zango site (targeted population for free games and screensavers, guess, kids). Sneaky.

There is one website where owner of that site is giving instructions to readers how to bundle zango with sceensavers, to get affiliate commission for downloads of that spyware. No word about what that spyware is doing with affiliate cookies.
Some people will never learn.

Also, recent threads in one popular webmaster forum. One affiliate of this adware is giving detailed instructions to the others, how to join and how to force visitors to download that adware. Now, or that "affiliate" is working for that company, masked as forum member, or he/she is generating competition, what is looking like very bad move in his/her affiliate tactic. Sadly, in both ways.

Some Affiliate networks are involved in this business, too. There is only one CPA affiliate network what offers Zango, paying per install. Sure, not mentioned that free screensavers and games are containing spyware / adware. A few more affiliate networks are promoting adware toolbars.

And when spyware is installed, who is using that software to steal commission from merchants and affiliates?

In most cases, other affiliates, maybe some of them you know personally. Maybe just today you were talking with some of them about good product you are promoting, and tomorrow you could see your affiliate sales are dropping, and traffic is steady?

And you don't know why?

Because you told him about good product, and he is now bidding on url (domain) of your merchant landing page.

When visitor, infected with zango or any other similar spyware, reach that landing page using your affiliate link, after short delay, new window is opened with the same landing page, now using affiliate link of your "friend". It is not important if that window is closed, damage done, your affiliate cookie is overwritten. If visitor buys, commission goes to your "friend", not to you. End of story.

How to test affiliate links

If you don't want to infect your main PC, one old hard disk with OS installed will be good for this purpose. Install some screenscrapper or something to take screenshoots.
Actually, Zango is not dangerous as you may think. It has nothing with trojans and viruses, it is simply piece of s... , adware residing on visitor's PC, and overwriting cookies of hard working affiliates.

Anyway, go to http://www.zango.com . Download
and install any game or screensaver from there.

After happy installation (you don't need toolbar if offered),
prepare your browser. Your PC and internet connection will slow down until Zango keyword file is updated (~10mb). And that will happen during every refresh of that file (once in a few days).

Browser preparation:

Use Internet Explorer and delete browser cookies
- Edit Tools=>Internet options=>Privacy,
- Click on "Advanced".
- Check "override automatic cookie handling"
- Check "prompt" on both button groups

This setup allows you to accept or refuse cookies, i.e. you need to confirm to accept cookie. This is necessary to see when cookie overwriting is in action.

Click on any of your affiliate link to check (use most popular). After landing to merchant site, wait a little. First, you will get request for a new cookie (from your affiliate network again?), and shortly after, new window will be opened. Zango window is clearly tagged on bottom, so take screenshoot now.

If affiliate ID in url is visible on both windows and they are
different (same affiliate network), you have a proof.

Send this screenshoot to affiliate network, give them a little thinking.

To disable zango, Ctr-Alt-Del, and stop zango.exe (or zanu.exe) process
or remove it from starting programs list. If removed from starting programs list, Zango will not be active until started manually. To remove Zango (delete), free version of Ad-Aware could be used.

Additionally, you can install ethereal network analyzer (free software) to track network threads and spot spyware urls and keywords used.

How to protect affiliate commission from spyware

Everything what you can do as affiliate is to protect your affiliate links using some kind of cloaking/redirection (described in affiliate links cloaking) That cannot save your cookies, but it can be useful against various protection software (deleting affiliate links), spyware (replacing affiliate ID) and other affiliates (replacing affiliate ID to get discount)

Also:
- You can educate your visitors about spyware and how to remove them.

- You can add small JavaScript to your site
(can be downloaded here spyware detection script)
and offer free online scan for spyware

- You can recommend good antispyware software to them, and
earn commission from purchase

There is possible problem connected with anty-spyware software. To boost their results (spyware "found" on clean PC), they are tagging affiliate cookies like they are spyware. Although spyware rating for affiliate cookies is very low, since they are tagged as spyware, user will probably delete those cookies.

One popular free anti-spyware software is tagging linkshare, commission junction, clickbank, even AffiliateFuel affiliate cookies like they are spyware (and all in red letters). Not only that. Using "immunize" option, it ads some affiliate networks to restricted sites in IE.

You will not see that program promoted from affiliate marketers. Even when it is free and effective. It is playing with (targeting affiliate cookies) affiliate commission and effort. Without reason. Cookies are not "spyware" and they are not "dangerous". But, Average Joe don't know that. He thinks that program is good, because it could find so many "spyware" on his new PC.

When selling anti-spyware products, first you need to check if that software is offering your affiliate cookie for deletion too. Usually, they can't be deleted before purchase. In case that user can delete cookies and your tracking cookie is tagged, do not promote that software. If your tracking cookie is deleted, commission byebye.

How to disable spyware - from your site

If you know how particular spyware is working, you can try to disable it on your site. In Zango case, popup is opened on merchant site, and it can't be blocked, because it is opened from software on visitor's PC. In that case, classic popup blockers can't block that window.

Anyway, some spyware fingerprints (user agent) in web site log could show how many visitors have spyware installed. Say, name of adware toolbars are usually added to User Agent string. Using that info, you can redirect visitor to the page with spyware removal instructions. Anyway, that visitor is almost worthless for you, since most of your affiliate cookies will be overwritten or commission stolen on an other way, from installed spyware / adware. That visitor could be blocked too. With good explanation, of course.

There is a way to cheat spyware url "scanner". It is explained on CovertAffiliate product page. Anyway, if product (script) is doing what is described there, and your merchant is attacked from spyware, it is worth to try that script and maybe get that 20%-30% stolen commission back.

to top