Web attribution fraud

Sneaky redirects

Redirecting is the act of sending a visitor to a different URL than the one they initially requested. While not all redirects are malicious, a bad actor can purchase a domain name that is a misspelled version of an advertiser’s domain. The malicious publisher will then redirect users who accidentally navigate to the misspelled domain to the advertiser’s site, effectively generating an illegitimate click. In this scenario, the user was actually organic and the advertiser should not have paid any affiliate for the click. Watch this video to see a sneaky redirect in action.

How they do it

Malicious publisher owns a domain that is a common misspelling of an advertiser’s domain name and registers for that advertiser’s affiliate program
User intends to visit that advertiser’s website but mistypes and enters the misspelled URL instead
User goes to malicious publisher’s misspelled domain, which drops a cookie on user’s browser
Malicious publisher promptly sends user to advertiser’s website with a 302 redirect
User makes the purchase he originally set out to make
Advertiser attributes credit to malicious publisher, even though user was going to make the purchase organically, and pays them a percentage of revenue

Web attribution fraud

Sneaky redirects

How they do it

Get in touch

Yes, I would like to receive marketing communications regarding impact.com products, services, and events. I can unsubscribe at a later time. By registering, you confirm that you agree to the storing and processing of your personal data by impact.com as described in the Privacy Policy.