Cookie Stuffing

Also known as: Stuffing Clicks

Cookie Stuffing refers to the various web-based, or server-side, methods non-compliant affiliates or partners use to place ‘commissions/payout tracking cookies’ on the computer of an end-user, without that end-user actually clicking on any advertisements. This differentiates them from Forced Clicks, which are initiated by software installed on a users computer. The purpose of this activity is to put the affiliate/partner in a position to earn a commission/payout on the traffic that an advertiser would, ultimately, receive naturally (free) via direct visit, from a search engine, etc. For example:

1. Potential-Customer visits a web page that Cookie Stuffs commission/payout tracking cookies for 25 different online advertisers.
2. Potential-Customer finishes with whatever content that brought them to the Cookie Stuffing web page, and continues browsing across the web.
3. 8 days later, Potential-Customer naturally/organically browses to the website of a well-known merchant, which was one of the 25 merchants/programs that were Cookie Stuffed in Step 1.
4. Potential-Customer purchases an item from from the merchant, an item completely unrelated to the content from Step 1. The merchant, however, will pays a commission to the affiliate or partner who is Cookie Stuffing, in spite of the fact that the affiliate or partner did nothing to deliver a customer to the merchant.

The above example is an unsophisticated, “shotgun” method of Cookie Stuffing. It is untargeted and relies on potential-customers becoming customers at some point in the future. However, in practice, and done on a certain scale, it can be very profitable. Sophisticated Cookie Stuffing will involved highly-targeted traffic that may actually generate legitimate click-through traffic to an advertiser, but will also be Cookie Stuffing on those that do not click-through, to maximize return for the affiliate or partner.

There are a myriad of was to Cookie Stuff. The HTML Tags, IMG, FRAME, IFRAME, META, etc, can all be misused to Stuff Cookies. Basically, any function, or tag, for every programming language used to make web pages (HTML, Javascript, ASP, JSP, PHP, CGI, etc), that requests information or data from a resource other that the page itself, can be used for the purposes of Stuffing Cookies. Truly sophisticated Cookie Stuffers will work beyond web page programming languages. They will acquire skills which enable them to administer, configure and manage their own web servers, placing them in the position to create complex redirection and misdirection schemes to launder and cover-up the Cookie Stuffing.

If you need help defending your online advertising program against Cookie Stuffing, please review our Services, or contact us.