Commentary

Affiliate Marketers Can Do More Harm Than Good, Part 1

If affiliate marketing is part of your paid-search strategy, there is a 29% chance that one of your affiliates is stealing valuable Web traffic by hijacking URLs. In this two-part series, you will learn what URL hijacking is, how to identify when it’s happening to you, and how to go about protecting your brand.

What is URL hijacking?

URL hijacking occurs in paid search when hijackers use your brand’s URL as the display URL for their search ads. This is where the problem begins, as search engines only allow for one paid-search advertisement to show with the same display URL. If another advertiser is bidding on your keywords while using your URL, your ad may not show as often. Thus, the hijacker is effectively stealing impressions (and sales) that would have been yours. This occurrence has been coined as being "knocked-out."

In addition, URL hijackers often use your landing pages to capitalize on your site’s authority and are possibly using the exact URL that your current search campaigns are using. If the hijacker is an affiliate, they may use your URL as the final landing page but not before being taken to the affiliate’s site, where they place a cookie containing their affiliate ID in the visitor’s browser. If the affiliate knocks you out and wins the click and conversion, the affiliate will be given credit and thus receive payment for the conversion.

Who are the hijackers?

It’s difficult to determine who is doing the hijacking. It can be a competitor or an information-gathering phishing attack, but the usual suspect is a member from your brand’s affiliate program.

Why it happens

Affiliates have much to gain by hijacking your URL, particularly if they intend to knock you out of auctions on your trademark terms. As mentioned above, they are compensated by driving an agreed-upon action (lead, sale, etc.) at a predetermined cost-per-action (CPA). Therefore, they seek to increase their profit margin by garnering conversions at the lowest cost.

How to determine if it’s happening to you

It can be a tedious and challenging undertaking to discover whether you are being hijacked. There are several methods you can utilize that "might" help you catch a non-compliant affiliate hijacking your traffic. However, no method is as foolproof as to employ a third-party affiliate and trademark monitoring tool.

Hijackers are strategic and tactical about stealing traffic so you are unable to catch them in the act. One method is to eliminate the advertiser and/or agency from seeing their ads through geotargeting (blocking ZIP codes/cities/states) or set dayparts for their ads to show at the hours least likely to be monitored. This is why having a tool, like The Search Monitor, is valuable to protect your brand. The tool allows for your keywords to be monitored at all times of the day, in almost any location and in most any search engine. In addition, you can set up a way to receive an alert from your third-party monitoring tool when it identifies that your ads are being knocked-out of the auction.

You might be thinking there are free tools at your disposal that assist search marketers protecting their brand, most notably from Google AdWords. Google’s Impression Share and Auction Insights reports are valuable and heavily relied upon by the industry’s best search marketing professionals; however, there is an important (and very much surprising) deficiency in relying on these to protect your high-valued keywords from hijackers.

The way Google collects and shares data does not differentiate which AdWords account is capturing the impressions from an auction -- rather, it rolls up all impressions for a keyword by its domain/URL. For example, Google will report that you are achieving 100% IS, even if someone was hijacking your URL part of the time. They could be stealing anywhere from 1% to 99% of your impressions, yet the reports will continue to imply that you are receiving 100% IS, as long as your domain served in 100% of the available impressions (regardless of which account is serving the ad).

There is no measure of how many impressions you could be losing, since the hijacker is using your domain to knock you out. You will also find the same IS measurement statistics within the auction insight reports, since Google relies on the domain IS, not your specific account’s IS.

The proven method to monitor your knock-out percentage is to use The Search Monitor’s Knock-Out Report. The knock-out percentage tells you what percent of the time that YOU win the impression and what percent of the time the Affiliate stole the impressions from you. So while Google IS might show that you are achieving 100% IS, the knock-out percent in The Search Monitor’s reports will break out how the impression share was divvied up between yourself and the hijacking affiliate.

In Part Two, you will discover how to protect your brand.

2 comments about "Affiliate Marketers Can Do More Harm Than Good, Part 1 ".
Check to receive email when comments are posted.
  1. Ryan Fitzgerald from eAccountable, May 11, 2016 at 5:31 p.m.

    Brian, While I agree this can be a problem for a newbie affiliate manager, there are plenty of options and controls to prevent this from happening. We’ve been managing affiliate programs for 16+ years and just don’t allow these kinds of things to happen. Plus, the affiliate channel is a complementary driver in the online sales channel not the key driver like PPC is for most if not all of our clients. As a result, part of our charter is to NOT allow any conflict to arise between the affiliate channel and PPC, or any other channel for that matter.



    The first line of defense is to explicitly detail how affiliates are expected to handle PCC in the terms and conditions agreement, which all affiliates must sign to enter a program. Although that might not stop a rogue affiliate from attempting to steal clicks and earn commissions they don’t deserve via PPC, program managers should be monitoring their programs on a weekly and even daily basis to look for anomalies. That ensures problems can be caught quickly, commissions can be reversed, and action (like kicking the affiliate out of the program) can be taken for the violation. The same agreement can and should pertain to the domain spoofing issues you discussed. The affiliate networks themselves provide any number of management capabilities to assure this is well-managed and there are lots of 3rd party services that can be utilized as well.



    So while what you outline could be an issue for non-wary merchants, most if not all of the issues can be managed in a well-constructed and monitored affiliate program.

  2. Laurent Malka from Trackingdesk, May 18, 2016 at 1 a.m.

    Why you describe here is clearly a fraud and the search engine compliance team should be picking it up either automatically or manually. 
    Here is the simple reason. 
    Your final URL, tracking URL and display URL should be the same domain. 

    So your ad is
    come play with best adultgame
    display URL: bestadultgame.com
    trackinglink:tracking.bestadultgame.com/?affid=123
    Landing page: bestadultgame.com/?affid=123

    affiate programs rarely use the same domain for their tracking links and therefore its close to impossible for an affiliate to be able to build a compliant ad, let alone run it.

     Also you are saying that the affiliate would first redirect his traffic to his site to set the cookie which would again be a problem in term of compliance since it wouldn't be the final URL. 

    I am not saying that what you describe doesn't happen, but if it happens its on a very short time span, until the search engine picks it up or the brand identify the affiliate and bans it forfeiting its commissions for trademark and t&c infringement. 

    Where there is money there is potential fraud, so the Aff program must have the tools and terms in place to prevent this from happening. With the main affiliate software - hasoffers, cake or linktrust- those tools exist out of the box. So hire an experience Aff program manager, get the right software and analytics setup and you will never be caught. 

Next story loading loading..