Affiliate Marketing Scam

Monday, November 21, 2011

Mark Baldwin

6648b1abd4a9b964566c3690613f20a6

Affiliate marketing is a very popular way for people to make money from their websites.

Most websites that charge membership fees have affiliate marketing programs whereby they pay others for driving traffic to their sites.

Usually the affiliate will receive  a certain percentage of the money spent by each person that signs up for a service or buys a product that was referred by the affiliate site.  

For example, Amazon has a huge affiliate program where it will share revenue with affiliates that drive traffic to Amazon that results in a sale.

Affiliate marketing is very widespread in the online adult entertainment industry. Just about every adult website has an affiliate program and it is not uncommon for scammers to look for ways to take advantage of these programs in a effort to make quick money, even if it means committing fraud to do it.  

I was recently informed by a large payment gateway operator of an affiliate scam that is currently in operation in the adult arena.  Here is how it works:

First, the scammers establish affiliate relationships with legitimate websites that have generous affiliate payouts.  Then the scammers create a website of their own with teaser content that is likely to generate interest.  

The site requires a fee of X dollars for full access to the site, which in actuality has little or no content.  Of course viewers won’t discover this until after they have signed up for the site and provided the scammers with their credit card information.  

The scammers then take that credit card information and use it to sign up with one of the websites with which they have an affiliate relationship. The scammers will then collect the affiliate payout from their affiliate partner sites.

Based on the information I have received, the elements listed below have been associated with this latest scam:

  • Billing Phone:+34.933175649
  • Billing Email:  sunny@mediaglow.com
  • Email: info@mediaglow.com
  • Email: mysik@tdcadsl.dk
  • Email: djatrty@djatrty.com
  • Company Name: Anton Dzarty

Additionally, it seems that a payment gateway operating out of Germany called pay2us.biz is associated with this scam and is injecting the harvested details directly into payment pages of merchants.  

I would advise all merchants with affiliate programs to search their databases for any of the above information and to scrutinize traffic coming from thepay2us.biz gateway.  

Currently this scam is focusing on those merchants in the adult space, but it is likely that this will spread to other markets with big affiliate programs as well.

Cross-posted from InfosecStuff

Possibly Related Articles:
20268
Enterprise Security
Service Provider
PCI scam Enterprise Security Alert Merchants Affiliate Marketing Payment Processors
Post Rating I Like this!
Default-avatar
E.J. Hilbert This is not a new scam. It happens everyday and is more complex then above.

Fake sites offering fake content not only collect cards form users. they also drop cookies, cause invisilbe clicks and fake impressions.

The collection of the cards and use is only one piece because the cards are used on CPA (cost per acquistion)also the scammers dont use their own aff accoutns because the bad cards will get flagged and they will be cut from the network if the network is legit and has a anti- abuse/fraud team or a third party like Online Intelligence monitoring the traffic.

Rather what they do is they sell traffic to affiliates for a percentage of the CPA bounty. then they fake traffic to the affiliates link and use the stolen data to sign up. the affialite is paid on net 15, gives his cut to the scammer and moves on. The network is paid net 30 sees the bad traffic and charges back the affiliate for the pay out.

There are a thousand other iterations used to hide the scammers tracks and escape with the money but all can be stopped with the proper group watching the traffic and voiding it prior to it reaching the advertiser
1321903471
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked