In the course of my research on spyware/adware, typosquatting, popups, and other controversial online practices, I have developed the ability to identify practices that overcharge online advertisers. I report my observations to select advertisers and top networks in order to assist them in improving the cost-effectiveness of their advertising including by flagging improper ad placements, rejecting unjustified charges, and avoiding untrustworthy partners. This page summarizes the kinds of practices I uncover and presents representative examples drawn from my publications.
For Display Advertisers and Display Networks
In work for display advertisers and display networks, I catch and report the following problems:
- Advertisements loaded invisibly, including in invisible IFRAMEs, nested IFRAMEs, invisible CSS layers, and similar. (Examples: Sony’s Crackle receiving invisible traffic, Mytoursinfo creating dozens of invisible IFRAMEs, each with 3+ advertisements)
- Advertisements loaded in popups, popunders, and other windows users did not request.
- Advertisements loaded in spyware/adware popups and popunders. (Examples: Vonage advertising through full-screen popups covering competitors’ sites, various video sites buying spyware/adware popup traffic.)
- Advertisements loaded in “injectors” that insert ads into publishers’ sites without publishers’ approval and without payment to publishers. (Example: networks and advertisers funding AddLyrics, PeachFuzz, and Sambreel WebCake, Vonage advertising through Fullcontext injector, Travelocity and Cingular (AT&T) advertising through Fullcontext injector.)
- Automatic/rapid reload of advertisements. (Example: Inqwire reloading advertisements every nine seconds.)
- Publishers presenting multiple ads stacked on top of each other, such that even “above the fold” ads are not actually visible to users. (Example: Global-store covering some advertisements with other advertisements.)
- Publishers and brokers “multi-serving” multiple ads into a space that can hold only one.
- Publishers and brokers making false statement of placement location, i.e. claiming that an ad is placed in one site when it is actually loaded somewhere entirely different.
- Advertisements in typosquatting and parked domains.
For Affiliate Advertisers and Affiliate Networks
In work for affiliate advertisers and affiliate networks, I catch and report the following problems:
- Spyware and adware invoking affiliate links, claiming commission on merchants’ organic/type-in traffic. (Examples: Six rogue affiliates overcharging VistaPrint, ten rogue affiliates overcharging Hydra Media advertisers, rogue Dell affiliate claiming commission on Dell’s organic traffic, Zango/180solutions using multiple visible and invisible methods to claim commission from affiliate merchants, six further Zango examples and four Viraltube Toolbar examples.)
- Spyware and adware invoking affiliate links, covering merchants’ competitors’ sites. (Examples: Rogue Dell affiliate covering competing PC makers’ sites with adware popups, rogue Gateway affiliate presenting popunder for Gateway when users browse the Dell site.)
- Typosquatting domains invoking affiliate links, claiming commission on typographic errors of merchants’ domain names.
- Web pages loading affiliate links invisibly, without an affirmative end-user click on an affiliate link (“cookie-stuffing”). (30+ examples, cookie-stuffing using encoded JavaScript, hack-based cookie-stuffing, cookie-stuffing using display Google’s ad network as a traffic source, further examples.)
- Web pages loading affiliate links in popups and popunders, without an affirmative end-user click on an affiliate link.
- Banner advertisements loading affiliate links invisibly, without an end-user click on an affiliate link. (Example: Allebrands banner invisibly loads three affiliate links.)
- Email messages promoting affiliate links in violation of merchants’ rules.
- Adware, “loyalty programs,” and similar software automatically invoking affiliate links when users request merchants’ sites.
- Adware, “loyalty programs,” and similar software presenting affiliate links, and covering a portion of merchants’ sites with such links, while users browse merchants’ sites.
- ISP network configurations that claim commission on organic/type-in traffic. (Example: Aspira Networks.)
Information and Incentives in Online Affiliate Marketing analyzes patterns in merchants’ vulnerabilities and effective defenses.
For Advertisers in Comparison Shopping Engines
In work for comparison shopping engines (CSEs) and their advertisers, I catch and report the following problems:
- Advertisements loaded, and clicks recorded and billed for, without a user seeing the advertisement link or clicking on it. (CSE click fraud)
- CSE advertisements presented in adware including injections, popups, sliders, and toasts.
Methods
I catch infractions using multiple “crawler” PCs which operate 24 hours per day, continuously checking for improper advertising placements. These crawlers run from multiple locations in the US, along with systems to detect behaviors targeting users outside the US. Some of my reports draw on large-scale automation developed in partnership with Wesley Brandi. I supplement automatic observations with manual testing using methods I have refined over more than a decade.
Each of my reports includes a packet log presenting the specific methods and identifiers (ad tags, affiliate IDs, etc.) associated with the infraction. Where an incident includes notable on-screen appearances (e.g. a popup), I typically include a screen-capture video or screenshot image showing occurrences as they appear to users. Each report includes a customized explanatory memorandum.
Please contact me to learn more about my reports.
Last updated: May 21, 2016