Cookie stuffing
Encyclopedia
Cookie stuffing is a blackhat online marketing technique used to generate illegitimate affiliate
sales. Cookie stuffing occurs when a user visits a website
, and as a result of that visit receives a third-party cookie
from an entirely different website (the target affiliate website), usually without the user being aware of it.
When (if) the user visits the target website and completes a qualifying transaction, the cookie stuffer is paid a commission. Depending on the terms of the affiliate agreement a qualifying transaction may refer to creating an account, making a purchase, completing an application (loan, credit, etc.), or subscribing to a newsletter.
, pay a commission to affiliates for introducing visitors who then complete one or more qualifying transactions. Other website owners often join affiliate programs to earn the commission, usually by simply sending visitors to the site running the affiliate program via a special link or advertisement. When the user clicks this special link, a single cookie is usually placed on a user's computer; this is not cookie stuffing. This is considered normal practice and is how affiliate marketers
generate genuine income. By definition, cookies can only be considered to be stuffed when one or more is placed on a user's computer purely as a result of viewing a page or more than one is added at a time as a result of a single click. Taken to the extreme dozens of cookies can be stuffed in a scattergun approach in the hope that the user will visit one of the several target affiliate sites and complete a qualifying transaction.
Cookie stuffing is often referred to as a blackhat online marketing technique. This not only has the potential to generate fraudulent affiliate income for the cookie stuffer, but may also overwrite legitimate affiliate cookies, essentially stealing the commission from another affiliate. It is perfectly normal for a user to visit a website, click on a link and be directed to a target affiliate site but not complete a qualifying transaction at that time. That user may revisit the target affiliate website at some later time and complete a qualifying transaction. The original referring affiliate would be credited with the transaction and make a commission.
The problem occurs when a cookie stuffing site stuffs all its visitors with a batch of cookies in a scattergun approach. The genuine affiliate cookie may get overwritten and when the user visits the target affiliate site and completes a qualifying transaction, the cookie stuffer gets the credit instead of the original affiliate who had brought about the first genuine visit to the target site.
, such as forums
that allow users to post content, should be aware of the various cookie stuffing techniques, and how to combat them, in order to protect their visitors from this type of activity. Cookie stuffing can be accomplished with something as simple as including an image in a forum post or signature. The image link is compromised on purpose by the cookie stuffer and made to simulate a click by forum visitors on an affiliate link.
(CSRF) attacks.
s are a way of embedding a page within a page. A webmaster embeds a web page with one simple line of code. The affiliate embeds an I-Frame onto their page that loads their affiliate URL. Frames work in a similar fashion.
. This is how affiliates cookie stuff user content
can be used to force a user to visit any URL where the end result is visiting the affiliate URL.
define how a web page will be displayed. They are retrieved just like an image would be – the browser is instructed to visit a URL. The affiliate could put the direct affiliate URL into the style sheet as an image and have it loaded that way. This is one of the harder methods to detect.
is commonly used to create interactive media on the web, and contains functionality which allows developers to force a website user to visit an affiliate link while removing or spoofing
the referrer information so that the affiliate network won't know where the traffic came from. A common tactic is to have the spoofed referring site be a legitimate or white hat affiliate site to mask the fact that cookie stuffing is being carried out.
Affiliate marketing
Affiliate marketing is a marketing practice in which a business rewards one or more affiliates for each visitor or customer brought about by the affiliate's own marketing efforts...
sales. Cookie stuffing occurs when a user visits a website
Website
A website, also written as Web site, web site, or simply site, is a collection of related web pages containing images, videos or other digital assets. A website is hosted on at least one web server, accessible via a network such as the Internet or a private local area network through an Internet...
, and as a result of that visit receives a third-party cookie
HTTP cookie
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site...
from an entirely different website (the target affiliate website), usually without the user being aware of it.
When (if) the user visits the target website and completes a qualifying transaction, the cookie stuffer is paid a commission. Depending on the terms of the affiliate agreement a qualifying transaction may refer to creating an account, making a purchase, completing an application (loan, credit, etc.), or subscribing to a newsletter.
Process
Websites that run an affiliate programAffiliate marketing
Affiliate marketing is a marketing practice in which a business rewards one or more affiliates for each visitor or customer brought about by the affiliate's own marketing efforts...
, pay a commission to affiliates for introducing visitors who then complete one or more qualifying transactions. Other website owners often join affiliate programs to earn the commission, usually by simply sending visitors to the site running the affiliate program via a special link or advertisement. When the user clicks this special link, a single cookie is usually placed on a user's computer; this is not cookie stuffing. This is considered normal practice and is how affiliate marketers
Affiliate marketing
Affiliate marketing is a marketing practice in which a business rewards one or more affiliates for each visitor or customer brought about by the affiliate's own marketing efforts...
generate genuine income. By definition, cookies can only be considered to be stuffed when one or more is placed on a user's computer purely as a result of viewing a page or more than one is added at a time as a result of a single click. Taken to the extreme dozens of cookies can be stuffed in a scattergun approach in the hope that the user will visit one of the several target affiliate sites and complete a qualifying transaction.
Cookie stuffing is often referred to as a blackhat online marketing technique. This not only has the potential to generate fraudulent affiliate income for the cookie stuffer, but may also overwrite legitimate affiliate cookies, essentially stealing the commission from another affiliate. It is perfectly normal for a user to visit a website, click on a link and be directed to a target affiliate site but not complete a qualifying transaction at that time. That user may revisit the target affiliate website at some later time and complete a qualifying transaction. The original referring affiliate would be credited with the transaction and make a commission.
The problem occurs when a cookie stuffing site stuffs all its visitors with a batch of cookies in a scattergun approach. The genuine affiliate cookie may get overwritten and when the user visits the target affiliate site and completes a qualifying transaction, the cookie stuffer gets the credit instead of the original affiliate who had brought about the first genuine visit to the target site.
User-generated content
Operators of websites that allow user-generated contentUser-generated content
User generated content covers a range of media content available in a range of modern communications technologies. It entered mainstream usage during 2005 having arisen in web publishing and new media content production circles...
, such as forums
Internet forum
An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are at least temporarily archived...
that allow users to post content, should be aware of the various cookie stuffing techniques, and how to combat them, in order to protect their visitors from this type of activity. Cookie stuffing can be accomplished with something as simple as including an image in a forum post or signature. The image link is compromised on purpose by the cookie stuffer and made to simulate a click by forum visitors on an affiliate link.
Techniques
Techniques used to accomplish cookie stuffing are very similar to those used in cross-site request forgeryCross-site request forgery
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts...
(CSRF) attacks.
Pop-ups
Pop-ups are actually a method of cookie stuffing accepted by most affiliate networks. The pop-up gets the website visitor to visit your site and of course gives them an affiliate cookie. The most common place to find this happening is on review sites where the affiliate “reviews” a product. Companies pay a commission for customers that were interested in their product, but still wanted more information before purchasing. This is probably the most innocent form of cookie stuffing, but is still stuffing none-the-less. This method can be defeated by utilizing pop-up blocking software.Frames and Iframes
IframeIFrame
iFrame can be:* I-frames, in video compression; see video compression picture types* iFrame * The HTML iframe element....
s are a way of embedding a page within a page. A webmaster embeds a web page with one simple line of code. The affiliate embeds an I-Frame onto their page that loads their affiliate URL. Frames work in a similar fashion.
Images
The "IMG" HTML tag forces a browser to attempt to retrieve an image at any URL. It doesn’t matter if the URL supplied doesn't have an extension like ".jpg", ".gif", or ".png" at the end. For instance, "img src=http://google.com" would actually get anyone that visits that page to send a visit to Google. Affiliate links can be put in directly or by creating a redirect in their .htaccess.htaccess
A .htaccess file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration....
. This is how affiliates cookie stuff user content
Javascript
JavaScriptJavaScript
JavaScript is a prototype-based scripting language that is dynamic, weakly typed and has first-class functions. It is a multi-paradigm language, supporting object-oriented, imperative, and functional programming styles....
can be used to force a user to visit any URL where the end result is visiting the affiliate URL.
Stylesheets
Cascading Style SheetsCascading Style Sheets
Cascading Style Sheets is a style sheet language used to describe the presentation semantics of a document written in a markup language...
define how a web page will be displayed. They are retrieved just like an image would be – the browser is instructed to visit a URL. The affiliate could put the direct affiliate URL into the style sheet as an image and have it loaded that way. This is one of the harder methods to detect.
Flash
Adobe FlashAdobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
is commonly used to create interactive media on the web, and contains functionality which allows developers to force a website user to visit an affiliate link while removing or spoofing
Spoofing attack
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.- Spoofing and TCP/IP :...
the referrer information so that the affiliate network won't know where the traffic came from. A common tactic is to have the spoofed referring site be a legitimate or white hat affiliate site to mask the fact that cookie stuffing is being carried out.