What Is Affiliate Hijacking?

Have you noticed strange fluctuations in the performance of your affiliate marketing program? Are your PPC metrics or impression share for branded terms worse than expected? Is the conversion rate from a branded paid search barely outperforming that of an affiliate (or even underperforming)?

In the absence of increased competition, these are all potential signs of foul play known as affiliate hijacking, direct linking, brand poaching/bidding, or URL jacking.

Most affiliates behave in an ethical manner by driving revenue to your brand and earning qualified commissions, but unfortunately, there are plenty of rogues out there who would rather exploit you, steal your clicks, and abuse your brand.

Ad hijacking can be very harmful to a brand and its bottom line, so let’s discuss what it is and what can be done if you happen to be a target.

What is Affiliate Ad Hijacking?

Ad hijacking is when an affiliate partner “hijacks” a brand’s paid ad space by outbidding for a branded keyword and placing an identical copy of the brand’s ad in the search results with similar descriptions and the same display URL.

It’s a quick and easy way for a rogue affiliate to avoid making a landing page and instead exploit a brand’s paid search campaign to generate seemingly qualified commissions on conversions through the hijacked ad.

Typically the rogue partner will outbid a brand by a few cents. The brand’s ad is then dropped out of the search results because only one paid ad is allowed per display URL (i.e. brand domain) and the hijacker is using the identical display URL as the brand.

Users won’t know the difference when clicking on the ad and they’ll get directed through the hijacker’s channels, causing the brand’s ad impressions to decrease or temporarily disappear.

Because of several factors that determine who wins the ad placement, the rogue partner won’t always win the bid.

But every now and then the brand will lose out and end up incurring unjustified costs such as paying sales commissions to the affiliate, who really just stole the brand’s direct search traffic, instead of paying the cheaper CPC for running its own ad.

Types of Affiliate Ad Hijacking

The most common types of ad hijacking are known as brand bidding techniques. There are also a few other ways that brand bidders and rogue affiliates can harm your brand.

Paid Ad Hijacking

Paid ad hijacking, as previously discussed, is basically when someone places an identical copy of a brand’s ad in the paid search results by outbidding that brand by a few cents.

The brand’s ad disappears and the successful bidder, most likely an affiliate, will mislead customers and collect commission on sales through an affiliate program in the usual way. The brand’s search engine marketing effort has been thwarted which can lead to channel conflict.

If there isn’t a branded keyword restriction, the rogue affiliate will bid on branded keywords and put affiliate cookies on them.

The typical ad hijacking process involves either directing users through an affiliate tracking cookie from the hijacked ad to the brand’s domain or masking the referral through a series of redirects to place a tracking cookie and avoid detection.

Sometimes the rogue affiliate, or some competitor, may just direct customers to their own site and sell different products, display different messages, or ultimately redirect them back to the legitimate brand’s domain for conversion.

Display Ad Hijacking

Display ad hijacking is basically copying a brand’s display ads by using the brand’s URL, brand name, and colors (but not necessarily the same messaging). Multiple ads can be affected. Certain niches like retail are prone to ad fraud.

Traffic Hijacking

Traffic hijacking is when the hijacker copies a brand’s ad to steal its traffic for shady reasons like obtaining personal information on a landing page. This is a common technique associated with fake prize giveaways, for example.

Branded keywords can be hijacked for coupon and price comparison sites whereby customers are misled through the hijacker’s channels and get attached to affiliate cookies. Referral schemes will hijack branded keywords and direct users to the affiliate’s account page for redemption or a custom landing page.

This harms the brand because they knew about the brand beforehand by searching for it with the branded keywords but ended up benefiting the affiliate as well.

Search Arbitrage

Search arbitrage is when brand bidders deliberately outbid a brand’s original ads in order to increase CPC rates.

Quality Score Hijacking

Quality score hijackers will copy a display URL associated with a successful brand in order to boost the quality score points for the hijacker’s Adwords account. Bigger brands will tend to have higher quality scores.

How Can It Harm Me?

Ad hijacking and its various forms have many negative impacts on targeted brands:

Reduction in traffic and sales

When branded keywords in a hijacked ad are used, potential customers may visit a third-party site instead of the original brand’s website. The brand is basically competing with the hijacker and loses clicks, traffic, and revenue.

Increased CPC

A brand suffers when hijackers are bidding up the price of valuable keywords. This makes the cost-per-click rise unnecessarily for the future ad campaigns of a brand that relies on those keywords.

Illegal commission

Paying an unjustified commission to a hijacker who stole a brand’s paid search traffic is very costly, even if the brand ends up receiving sales from the rogue affiliate’s referral.

Messaging conflict

An affiliate’s ad messaging may not look like the brand’s intended messaging or it may display outdated information. The affiliate takes away the brand’s control of its own message.

Channel conflict

The search engines results page will only show one ad per display URL at a time, so problems arise (for search engine marketing efforts and automated ad campaign software) when a brand and an affiliate are competing for the same keywords and ad space.

Brand reputation damage

Brand bidders and hijackers can damage the reputation of a brand if they mislead customers to low-quality alternative destinations instead of the brand’s original high-quality website.

How To Find Out If It’s Happening

It’s very difficult to notice exactly when you’ve become a target of ad hijacking because there are many well-developed tricks in this dark trade (e.g. domain cloaking, dynamic redirecting, geotargeting, dayparting).

The best you can do at the start is to use search monitoring and web analytics tools to look for suspicious patterns or signs of ad hijacking. These are some tell-tale signs of potential foul play:

• Unusual spikes in referral traffic or conversions from one or more affiliates that don’t have a history of high performance or who aren’t trusted by your brand.
• Very similar conversion rates for a branded paid search and an affiliate.
• A decrease in ad impressions and clicks.
• URL mismatches between brand domain and affiliate’s landing page, or suspicious URLs in an ad’s redirect history.

Because hijackers tend to target branded keywords that attract a lot of customers, you can run a brand restrictions test and see if clicks drop and CPC rises when branded keyword restrictions are lifted and hijackers exploit the opportunity.

What You Can Do To Prevent It

The first and easiest step a PPC manager can take to mitigate the risk of affiliate fraud is to choose the best affiliate program that is aware of fraudulent activities and provides restrictions in its affiliate agreement and uses a search monitoring tool for surveillance.

Be clear about your brand-bidding policies and make sure there are consequences for violating the affiliate agreements. Look for affiliate programs that allow brand restrictions. Setup your policies to flag violations of affiliate agreements.

Other than that, it’s going to be almost impossible to consistently detect and prevent fraudulent activity without the help of specialized technology or security professionals. Manual investigation is time-consuming and prone to error if you aren’t sure what to look for.

Browser add-ons like Live HTTP Headers will show you every redirect path after a click so you can look out for an affiliate tracker to show up after clicking on a suspicious ad. You could revoke commissions from an affiliate if you ever detect suspicious activity.

Professional monitoring services know how to find hijackers by looking for signs like incorrect tracking URLs, affiliate links within redirect paths, misspellings, and geo-targeting techniques.

These services provide 24/7 detection during business and off-hours. They are able to find temporarily restricted ad campaigns across the country to identify fraudsters who are trying to cover their tracks.

They also look at internal affiliate databases for track records of fraud, and they query small search engines where affiliates may be abusing your brand as well.

Conclusion

Although it’s usually big and lucrative brands that have to deal with ad hijacking on a constant basis, nobody is 100% safe from brand bidders and ad hijackers all the time.

Affiliates are supposed to drive revenue. Ad hijacking harms a brand’s bottom line because it incurs costs in the form of unjustified commissions, stolen clicks, and brand reputation damage.

Make sure you’re working with a reputable affiliate program that offers you advanced tracking insights and other useful tools to monitor activity.

Sometimes an advertiser doesn’t do anything about affiliate fraud. If they do, they’ll usually hire security professionals to sniff out the ad hijackers. You’ll have to decide whether the benefit of a professional monitoring tool or service outweighs the cost of ad hijacking.

Contributing Author: Brian Kihneman

Related Posts