20% of ad clicks on average are frauds

Don't pay for clicks generated by bots, competitors
or uninterested clickers

Ad frauds in the CPS model

TrafficWatchdog team

13.12.2020 r.

ad frauds, CPS model, cookie stuffing, cookie dropping

Ad frauds in the CPS model

source: own elaboration

The CPS (Cost Per Sale) model is often considered the most beneficial billing method in affiliate marketing from the point of view of increasing sales. However, this doesn’t mean that it protects advertisers from potential fraud. The rates for generated sales offered in this model (which may take the form of a specific commission, eg CPS = 120 PLN or constitute a certain percentage of the final purchase amount, eg CPS = 2%) are often very high, and this can be a very motivating factor for fraudster. So how can dishonest publishers cheat an advertiser using the CPS model in their campaigns?

The most obvious fraud - purchase using false or someone else's data

The fraud that immediately comes to mind in this case is stealing someone's data and using it to make a purchase. It is a fairly primitive form of ad fraud, which doesn’t require the fraudster to use advanced techniques, but only be in possession of information and to use them in illegal action. It could be a matter of paying with someone else's credit card, bank account, or ordering services through the use of someone else's personal information. While these types of scams usually come to light, it often takes a long time to get detected. The consequences of this type of fraud include not only a commission wrongly paid to the fraudster, but also sometimes interpreting before state authorities, expensive legal consultations, etc. All this can also have a very negative impact on the brand image.

The use of errors in the regulations - canceled purchases

Another very simple form of fraud in the case of the CPS model is purchase cancellation. This type of scam involves the use of mistakes made by the advertiser in creating the campaign's assumptions. It happens that the regulations are copied from previous advertising activities or that changes in the company's policy or consumer rights weren't taken into account when creating them - this may lead to a situation where the commission for the generated sales will already be paid to the publisher and the consumer will still be able to resign from purchase. False publishers can take advantage of this and generate sales that are assumed to be canceled later. This is particularly important for companies selling their products via the Internet and the service industry.

Attribution fraud - cookie stuffing, cookie dropping

A much more advanced form of fraud is attribution fraud, i.e., in this case unlawful appropriation of the actual sale by the fraudster. In this case, the transaction itself is genuine - the user makes a purchase and pays for it. The scam, however, is that the commission will be wrongly credited to the publisher who didn’t actually contribute to the sales. How is this type of fraud done?

First of all, thanks to the use of cookies, i.e., code fragments that are left in the browser on the user's device to collect data about him. It is thanks to them that Internet users can save their logins and passwords to specific websites or use auto-complete forms. In affiliate marketing with CPS campaigns, they are often used to determine the path the consumer has traveled before making a purchase, and thus also to determine who is owed a commission for the conversion. Cookie Stuffing and Cookie Dropping are ad frauds consisting in tossing a fraudulent cookie to the user, thanks to which fraudster can pretend that the sale is his merit, when in fact he didn’t have nothing to do with it. Cookie stuffing is the addition of extra code fragments to the user's cookies, corresponding to advertisers that fraudster wants to cheat. Cookie dropping is "dropping" such cookies on your device while other activities are performed. Both of these techniques are to give the impression that the customer has already been to the given websites, and in a way, on the "recommendation" of the fraudster - thanks to this, if the Internet user visits the advertiser's website in some time and makes a purchase, it will look as if the fraudulent publisher has mediated it. Such a scam has two serious negative consequences - first, the commission is paid to the wrong person and second, it isn't paid to the partner who made the actual sale. Thus, not only is the scammer rewarded, but the aggrieved party may be a good, proven traffic provider, who may therefore resign from further cooperation with the advertiser.

Capturing organic traffic

The biggest treat for fraudsters is organic traffic, i.e., the customer who is looking for information about a given company. Such an internet user will probably generate sales sooner or later. The scam in this case is to add one more stop before the customer goes to the advertiser website. However, there are several methods:

  • creating websites with names that resemble the advertiser's brand, and then redirecting to his website,
  • buying AdWords by a fraud publisher for words associated with a given company or its marketing strategy, clicks from them redirect to the website of a given brand, of course adding a fraudulent traffic source along the way,
  • offering customers additional discounts, promotions or rebate codes of well-known brands that don’t really work.

All these scams result in the advertiser paying a commission for their own customers.

As we have shown above, even the billing model based on generated sales (CPS) is exposed to advertising fraud. Fraudsters keep developing new techniques so that they receive commissions that aren't actually due to them. An advertiser who wants to increase his income should consider protection against this type of fraud. Of course, he can do it on his own, but often using the services of a specialist (such as TrafficWatchdog.pl) will not only be more efficient, but also cheaper.

Recommended articles

Contact us

in order to present me a product offer and for marketing purposes. Spark DigitUP Sp. z o.o. as the Administrator, observing the provisions on the protection of personal data, has informed me of my right to access, delete, forget and transfer information, as well as rectify, supplement and limit the processing of my data in the manner arising from [Privacy Policy].

within the meaning of art. 10 paragraph 2 of the Act of July 18, 2002 on the provision of electronic services (Journal of Laws No. 144, item 1204) to the provided e-mail address and telephone number. Spark DigitUP Sp. z o.o. as the Administrator, observing the provisions on the protection of personal data, has informed me of my right to access, delete, forget and transfer informations, as well as rectify, supplement and limit the processing of my data in the manner arising from [Privacy Policy].

in relation to the phone number and email address I have provided for direct marketing purposes by Spark DigitUP Sp. z o.o., owner of the TrafficWatchdog.pl