|
View previous topic
::
View next topic
|
| Author |
Message |
Guest
|
Posted: Sat Jan 10, 2004 11:15 pm
Post subject: Parasiteware?
|
 |
|
There is alot of talk on Abest about the apparently massive problems with parasiteware stealing CJ affiliate commissions, and CJ is not taking it seriously; some even suggest it is being encouraged. In support of that, some affiliates are seeing recorded click-throughs of 90% less than the other major networks on the same website. On the basis that that cannot be correct, the assumption must be that the links are being hijacked.
How extensive is this problem, is anything being done about it, and is CJ best avoided?
What, with the comments about BFree in another topic, we are fast running out of networks we can trust. |
|
| Back to top |
|
 |
Gamezing
Joined:
30 Oct 2003
Posts:
66
|
Posted: Sun Jan 11, 2004 12:02 am
Post subject:
|
|
|
How are you saying this link hijacking is taking place?
I think a lot of the problems people have with referring to links being stolen gets a little blown out of proportion sometimes.
click-0000000-000000 I mean the tail end of a CJ link is like that...
What could I do with your affiliate links that would give me money unless I had something running on your hosting server or a file on your computer that scanned every file you had open, parsed it, and changed the links when you saved it?
I don't know I am just getting confused on how anyone can do anything with your CJ link that would adversley affect people?
Could someone enlighten me? |
|
| Back to top |
   |
|
Guest
|
Posted: Sun Jan 11, 2004 12:57 am
Post subject:
|
|
|
I don't entirely understand it myself yet, but as I understand it, parasiteware, which is made by several businesses, is like a trojan. It sits on the PC of the user, and if the click on an affiliate link to buy something, the parasiteware removes the original affiliate link and inserts its own, so the owner of the parasiteware gets the commission for the sale.
Parasiteware gets installed on users PC's like all trojans, through downloads, and by using file sharing software and so on.
There is also "scumware" which is similar.
Regardless, it is happening it seems, and causing alot of concern out there. |
|
| Back to top |
|
|
Debs
Joined:
16 Aug 2003
Posts:
4296
Location:
NY
|
Posted: Sun Jan 11, 2004 2:27 am
Post subject:
|
|
|
If you guys would like some info, check out this page:
http://www.debtsteps.com/spyware-infection.html
I did a writeup and also offer links for more information at the bottom.
If you work with affiliate programs, you definitely want to read it.
Debs
_________________
Learn how to turn keyphrases into quality, well-targeted articles your visitors and SE's will love with Gary Antosh's new ebook "Web Content Made Easy!" |
|
| Back to top |
|
|
Gamezing
Joined:
30 Oct 2003
Posts:
66
|
Posted: Sun Jan 11, 2004 3:44 am
Post subject:
|
|
|
That stuff I knew off...I just wasn't placing that with what he was saying...unless it resided on the server or the client computer...which is apparently what he is talking about.
Thanks.. |
|
| Back to top |
|
|
edburdo
Joined:
14 Jul 2003
Posts:
1760
Location:
Bangor, Maine
|
|
| Back to top |
 |
|
Guest
|
Posted: Sun Jan 11, 2004 10:12 am
Post subject:
|
|
|
| Debs wrote: | If you guys would like some info, check out this page:
http://www.debtsteps.com/spyware-infection.html
I did a writeup and also offer links for more information at the bottom.
If you work with affiliate programs, you definitely want to read it.
Debs |
thanks for the great info Debs!
But will this solve our problem with parasiteware, scumware etc.?
These are installed on the PC of the user clicking on an affiliate link, and is therefore out of our control. |
|
| Back to top |
|
|
Debs
Joined:
16 Aug 2003
Posts:
4296
Location:
NY
|
Posted: Sun Jan 11, 2004 11:22 am
Post subject:
|
|
|
Doxdesk.com offers a script for detection, but if you use his script your visitors leave your site. There is a modification available that allows you to keep them on your site, I am in the process of installing it on my site, it will detect, and refer infected visitors to the page I posted above.
The Doxdesk script is kept within the spyware-infection page itself, to let them know what they are infected with, and how to fix it.
Here is another resource ... this is where the revised script is provided:
http://celtic-one-design.com/amazon_associate_scripts.htm
Debs
_________________
Learn how to turn keyphrases into quality, well-targeted articles your visitors and SE's will love with Gary Antosh's new ebook "Web Content Made Easy!" |
|
| Back to top |
|
|
Guest
|
Posted: Sun Jan 11, 2004 6:21 pm
Post subject:
|
|
|
Thanks again Debs, it looks like a very useful script. I is frightening the number of scumwares it is actually scanning for.
I wonder if there is any way however of preventing the scumware from working altogether? The scumware trojan must presumably parse each web page displayed in the users browser, before doing a switch. If the parsing could be blocked, that would help enormously.
There is a more practical aspect. The scumware owner would actually have to be a member of every affiliate program, in order to have the affiliate tracking code to substitute. |
|
| Back to top |
|
|
Debs
Joined:
16 Aug 2003
Posts:
4296
Location:
NY
|
Posted: Sun Jan 11, 2004 7:28 pm
Post subject:
|
|
|
Well they do 2 things in most cases ... they can sub the tracking code (meaning they also have that merchant), or they can parse the page and pop up related merchants.
Preventing parsing sounds good ... will have to research that  it may already be available, but I never looked for it! Thanks for the tip!
Debs
_________________
Learn how to turn keyphrases into quality, well-targeted articles your visitors and SE's will love with Gary Antosh's new ebook "Web Content Made Easy!" |
|
| Back to top |
|
|
Guest
|
Posted: Sun Jan 11, 2004 7:31 pm
Post subject:
|
|
|
As an aside, I have just ran some anti-spyware across my PC, and I noticed that deletes all of the affiliate network tracking cookies as well.
If people are going to be encouraged to run anti-spyware programs, which they really should, it will remove the scumware, but also our the the tracking cookies for referral periods. Not a good thing! |
|
| Back to top |
|
|
Gamezing
Joined:
30 Oct 2003
Posts:
66
|
Posted: Sun Jan 11, 2004 10:37 pm
Post subject:
|
|
|
The actual parsing of a hyperlink at runtime...I don't really see any spyware that could do much with that...
I tested something similar I made...a few minutes ago to test some of this here...
I was successfully able to parse the html code using windows api..replace part of it and hide my program rather well...
Norton did not pick it up and neither did spybot or adaware...nor the page on Debs site.
So basically the program would have to know the process that was running to stop it.
I better keep my mouth shut though or someone will be making something that works similar...mine was kind of a quick clunky thing...but...it could definately be refined and smooth. So...I am wondering how they plan to stop that...I never looked into XP api enough to see if it could be hidden from the processes...
I guess the only safe thing to do is take note of the processes that should be running on your comp...check em every once in awhile...or write something that will kill any processes but those with a click of a button or something. This was done in VB6 with MSvbvm60.dll contained in the executable instead of being seperate. Meaning it would run on any windows machine stand alone...
I was working on something for ebooks this way...so VB6 would make a successful language for compiled ebooks.
anyway...I dunno just rambling now hehe...later all |
|
| Back to top |
|
|
Debs
Joined:
16 Aug 2003
Posts:
4296
Location:
NY
|
Posted: Sun Jan 11, 2004 11:47 pm
Post subject:
|
|
|
Well you saw the list of programs that js detects on my site. Do you think they got there by themselves? 
Once a program is detected to invade, then the watchguards (be they Doxdesk, Adaware, Spybot whatever) pick up the invader, figure the codes, and add them. Just like definitions on viruses, they have to be updated.
Debs
_________________
Learn how to turn keyphrases into quality, well-targeted articles your visitors and SE's will love with Gary Antosh's new ebook "Web Content Made Easy!" |
|
| Back to top |
|
|
Gamezing
Joined:
30 Oct 2003
Posts:
66
|
Posted: Sun Jan 11, 2004 11:57 pm
Post subject:
|
|
|
hehe...I know that my dear...
I was just saying that I really believe that something the way I made it could be out in so many forms that it would be very hard to detect for quite some time.
Dealing with various viruses from the computer store I owned and reviewing virus source code is a great learning experience believe it or not for programming...
If you are good in a programming language and good with windows api and how it works...and saw this source and it running you would see what I mean.
It basically would be hard to determine it from an actual windows process...it is hard to explain. |
|
| Back to top |
|
|
Debs
Joined:
16 Aug 2003
Posts:
4296
Location:
NY
|
Posted: Mon Jan 12, 2004 1:44 am
Post subject:
|
|
|
Ok, Don, I misunderstood you, sorry. Would your script be considered a BHO (browser helper object)?
However, that's one reason I recommend the Gecko browsers (Netscape and Mozilla) over IE. You can't mess with them as easily and BHO's don't work with them without a side fix ... which means you have to take an extra step in the installation. When this happens, you know the user opted to go that route, as opposed to a driveby download.
Debs
_________________
Learn how to turn keyphrases into quality, well-targeted articles your visitors and SE's will love with Gary Antosh's new ebook "Web Content Made Easy!" |
|
| Back to top |
|
|
| View previous topic :: View next topic |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Private Messages
Log in
