Part of the agenda of an affiliate hijacker is to always stay one step ahead of merchants by continuously exploiting new methods of hiding fraudulent ads and avoiding detection.  Here at BrandVerity, our goal is to stay one step ahead of them, providing increasingly sophisticated forms of monitoring and management to our clients. A recent [...]

In the last week, Google removed approximately 11,000,000 websites from their organic search results: all websites with co.cc domains.  This decision on the part of Google to remove all websites with that domain name has received a fair amount of press from news outlets like the SF Chronicle and the Register, as well as much [...]

One of the challenges for affiliate managers is recognizing when an affiliate account has changed hands. This will usually accompany a change in tactics and usually for the worse. The same can be said for new accounts or newly active accounts. There is actually a very developed market for the sale of affiliate accounts. One [...]

Be careful this Affiliate Summit when using WiFi. The affiliate accounts at many major networks vulnerable to being hijacked by Firesheep, which means your account could be quite easily compromised. This vulnerability was recently demonstrated on popular sites such as Twitter and Facebook, but we have tested and found several affiliate networks vulnerable as well. [...]

In a recent, controversial blog post Shawn Hogan has alleged that eBay program managers manipulated him into employing “grey area” techniques by assuring him there wouldn’t be consequences for breaking their terms of service. After agreeing, he says managers then began suggesting different fraudulent methods he could employ, and even ways to hide from internal compliance [...]

Sophisticated URL hijackers seem to have settled on a set of tactics designed to minimize the discoverability of their affiliate ID. They’ve learned that their ads are discoverable and have been investing in steps to prevent detection of their affiliate ID. While we have seen a wide range of skills, the use of disposable URLs [...]

I had a fun video chat with Jamie Birch of JEB Commerce a few weeks back. We touch on a number of the challenges facing affiliate managers and discuss the details associated with the CSS History Hack and referrer laundering. You can see the full video on the JEB Commerce blog.

Recently we’ve seen affiliates exploit a hole common to web browsers to evade detection from affiliate managers. The hack is known as the CSS History Hack and it exposes information about what sites you visited before. Affiliates use this technique to determine if a web visitor is an affiliate manager (or network representative), and then [...]

I’ll be speaking at Affiliate Summit West on the Monday 2 PM Panel: Affiliate Program Compliance: Working with the Networks. My co-panelists include Rachel Corcoran, Director of Compliance at Hydra, Graham MacRobie, CEO of Alias Encore and Jamie Birch, CEO of JEBCommerce. Stop by and say hi!

We recently discovered a Cross Site Request Forgery (CSRF) vulnerability in Bit.ly that is being used by affiliates to insert affiliate links into bit.ly accounts. A quick primer on CSRF attacks (from wikipedia): The attack works by including a link or script in a page that accesses a site to which the user is known [...]