Web attribution fraud
Hidden landing pages
Bad actors steal attribution by loading hidden landing pages, invisible to the user, either at random or specifically targeting users likely to convert. This can be accomplished through techniques such as pixel stuffing or ad stacking. When the user does convert of her own volition, the malicious publisher that loaded an advertiser’s landing page without the user’s knowledge claims credit and gets paid.
How they do it
- Malicious publisher (really a torrent or streaming site) registers for an advertiser’s affiliate program
- User navigates to this streaming site to watch a bootleg movie
- Malicious publisher embeds its video player’s “play” button with its affiliate link
- When user clicks “play,” malicious publisher loads advertiser’s website in the background, unseen by user, who continues to watch the movie
- User eventually closes out of the pop-under window containing advertiser’s landing page
- User organically returns to advertiser’s site at a later time
- User completes purchase
- Advertiser attributes credit to malicious publisher — even though they did not influence the sale — and pays them a percentage of revenue