There is a new cybercrime happening and many might not even know if they are victims. Chances are they are unaware they are even being robbed. So that begs the Zen-like question, if an online marketer is robbed and doesn’t know it, did a cybercrime occur? The answer is yes, but according to Benjamin Edelman, spyware researcher, attorney and Harvard assistant professor, online advertising fraud can happen and no one will be the wiser.
In his new report on cost-per-action (CPA) advertising fraud, Edelman says that many online marketers even lack the technical know-how to tell that they’re being robbed. This is most notable with CPA advertising because the advertisers pay for actions such as online purchases rather than clicks, and for this reason it is widely seen as being less susceptible to fraud than the traditional cost-per-click (CPC) advertising.
In CPA advertising the advertiser pays affiliates a commission based on when a customer browses an affiliate’s Web site. A Web link with embedded code is present, and when that link is used and a purchase is made this is considered a completed CPA transaction. Thus the link from the advertising paid off – but a technique called “cookie-stuffing” can actually be used to manipulate the merchants’ affiliate tracking system. This allows unscrupulous affiliates to take credit for purchases they had nothing to do with – and in some cases could even take legitimate credit away from another affiliate.
The problem is that many merchants see sales, believe that the links worked and pay the commissions accordingly. In fact the sales may have had nothing to do with the affiliate links at all. The good news is that unlike click fraud, where users can manipulate the amount of clicks on an ad without any intention of actually making a purchase, CPA fraud is an easier fix. The issue is whether merchants can understand they are being robbed, and whether affiliate networks will do a better job of policing themselves. Until then the fraud may continue and merchants none the wiser.