Skip to content

Zombie computers and affiliate fraud

Join our mailing list

Signifyd regularly publishes free reports packed with business insights, commerce trends and data from our massive Commerce Network. We’ll only email when we have something meaningful to share, no more than once per week. And of course you can unsubscribe any time.

Welcome back for another entry into our series, the top 10 phrases used in the fraud industry (and an explanation of what they really mean!). Today we are going to talk about a more business related fraud scheme, but still one with severe consumer and commercial implications. Affiliate fraud, alternately known as click fraud, is the act of fraudulently simulating web traffic to a web site.

What is affiliate marketing?

Affiliate marketing is a term that many people have at the very least heard in passing, but is still not the most widely understood term. For most people, the breadth of their online ad knowledge might be that they noticed their Facebook ads are now displaying advertisements for wedding venues now that they changed their status to ‘engaged’ or that the side panel ads on a random website are suddenly showing more ads for sports gear after their latest visit to But behind these ads are sophisticated ad networks such as Google Adwords or Yahoo! Search marketing who track the viewing habits of web users and use complicated algorithms to drop the timeliest placed ads for users to click on so they can generate money from a subsequent sale. And for the webmasters (the owners of the websites), clicks can mean dollars so the more clicks the better.

Subscription video companies are a perfect example of the type of company that might be at risk for affiliate fraud. Netflix and Hulu drop ads all over the web on countless websites, where they frequently advertise free trials to incentive users to click on the ad and sign up. Once a user signs up, a ‘cookie’ is placed in that persons browser and lasts for a certain duration of time but usually no longer than 6 months. The owner of the website gets a few cents for each click on the advertisement, but they can get relatively large payouts ($30 to $40) from Hulu and Netflix if during the duration of the cookie which was placed after the user first clicked on the advertisement that same user went back and became a paying user.

How do fraudsters abuse affiliate marketing?

For fraudsters, this is an obvious gold mine. Depending on the greed of the criminal, they might simply be content to create a ‘bot’ ( a computer program designed to click on ads ) to generate phony traffic to a website so they can get revenue from clicks all the way to using stolen personal information to get larger payouts from advertisers. In both of these situations, not only do the advertisers lose money but the consumers lose as well.

Businessman Earning Lots Of Cash In Internet

I always knew would rake in the big bucks!

At first glance it might not be readily apparent to say a school teacher how some advertiser suffering from click fraud could affect him in any way. But keep in mind that to create the sense of authenticity these clicks have to originate from different sources. If 2,000,000 clicks were shown in the ad analytics to have originated from one computer even the most rookie of online detectives could tell you that something looks seriously off.

To solve this problem, fraudsters utilize what is known as ‘zombie computers’. In this recent article by The Wall Street Journal, ‘zombie computers’ are computers that have been infected with a program that allows an outside user to manipulate it. Fraudsters write malicious programs and release them to computers all over the world, infecting millions of devices. With a zombie army so to speak now at a fraudsters command, they can set up fake websites and command millions of remotely controlled computers to click on these ads.

Even worse, compromised computers can offer up valuable personal information that fraudsters can use to fill out web forms, trials and anything else that they please to rake in more cash from advertisers.

How do companies protect themselves from affiliate fraud?

Much like a government agency investigating a hidden wire transfer, the core mystery is finding out where ultimately the command is given to click on these ads or fill out these forms. The FBI and other law agencies use their power to arrest hackers and other criminals the world over to shut down these online criminal syndicates, but business can have to rely on software and services to protect themselves.

This is where a company like Signifyd can fit in. Signifyd finds patterns in the mountains of data that exist online and point them out to our customers. If a company receives a suspect web form, Signifyd can tell that company instantly if say a foreign number was listed or if that email is real or not. Signifyd can show if a proxy IP was used in an attempt to disclose the originating location of a device, and if a device currently used has a fingerprint. With over 120 different data points, including velocity checks and reverse address look ups Signifyd is the ultimate fraud investigation tool. Even the best criminals leave their mark, and making sense out of raw data is where Signifyd succeeds.

Final Thoughts

So if you are a company who advertises on the web and you want to learn more about why countries on the other side of the globe have suddenly decided to click on your ads, or if your business has received lots of phony free trial signups and your affiliate marketing is paying out for dead end leads, Signifyd can help you determine the authenticity of your data. Reach out to us at [email protected] and we would love to chat! Thanks for reading.



Signifyd, the leading commerce protection provider to Digital Commerce 360's top 1,000 merchants, provides an end-to-end Commerce Protection Platform that leverages its Commerce Network to maximize conversion, automate customer experience and eliminate fraud and customer abuse for retailers.