[waynewalter]

I searched through hundreds of posts about blocking and preventing parasiteware.

Most of them make a comment, "best way is to work with merchants who block parasiteware" or something like that.

Well, I'm a merchant and I want to block parasiteware.

I'm also extremely technical and basically understand how parasiteware on consumers PCs steal cookies.

But how can I prevent it? It seems fairly safe that I don't use SAS's cookies but have our own. SAS would probably be a first target sooner than our company.

But that's weak. I want to actually block or stop it.

Could encrypting the Affiliate ID do the trick? Right now I put the actuall SSAID from SAS into the cookie. I sort of hide it by using the Cookie name of CouponID=214555

It seems if the cookie name was 4b768afe7=47f89c89e instead, that might thwart cookie stealers because they never know what the cookie means or how to encode a different affiliate id to work.

Please any idea, references, or suggestions to some down and dirty technical information would help.

Perhaps something that shows the specific technical ways the cheaters steal, then I and come up with ways to prevent it.

Sincerely,
Wayne

[Donuts]

Quote:

Originally Posted by waynewalter

I searched through hundreds of posts about blocking and preventing parasiteware.
Most of them make a comment, "best way is to work with merchants who block parasiteware" or something like that.
Well, I'm a merchant and I want to block parasiteware.
I'm also extremely technical and basically understand how parasiteware on consumers PCs steal cookies.

You can't block parasiteware as a merchant, it's an application installed on the consumer's computer. What you can "block" is partnering with affiliates that you discover use parasiteware to set cookies and steal from you (and from your other affiliates).

Quote:

Originally Posted by waynewalter

But how can I prevent it? It seems fairly safe that I don't use SAS's cookies but have our own. SAS would probably be a first target sooner than our company.

But that's weak. I want to actually block or stop it.

Nope, SAS has detection mechanisms, years of experience, a partnership with professional service that detects cheating affiliates and the leverage of seeing behaviors in many programs (versus your limited in-house experience). Parasite affiliates love in-house programs because they know you're unlikely to catch them (your assumptions posted here give them warm thoughts).

Quote:

Originally Posted by waynewalter

Could encrypting the Affiliate ID do the trick? Right now I put the actuall SSAID from SAS into the cookie. I sort of hide it by using the Cookie name of CouponID=214555

It seems if the cookie name was 4b768afe7=47f89c89e instead, that might thwart cookie stealers because they never know what the cookie means or how to encode a different affiliate id to work.

Nope, the parasites have to join your program to get paid - so their links will also be encrypted. You have to monitor your affiliates behavior and understand their traffic and its details to learn which ones are cheating you.

Quote:

Originally Posted by waynewalter

Please any idea, references, or suggestions to some down and dirty technical information would help.

Perhaps something that shows the specific technical ways the cheaters steal, then I and come up with ways to prevent it.

Start your learning journey here:
http://www.affiliatefairplay.com/adware_tutorial.html

[Donuts]

you may want to read this thread too:

Understanding How Affiliates Use Adware (like Zango)
http://forum.abestweb.com/showthread.php?t=89073

[realitystate]

Hi,

[I posted this in the wrong forum]
I've been doing some tests on blocking adware user agents from my affiliate
site and have noticed that my sales have actually picked up and are back to
their 'normal' level. I really don't know if blocking them is the cause of this
or what. Its been about a week or so and my sales have gone back to where
they once were while my click-through rate hasn't changed at all. I noticed
a significant change the next day.

All I did was simply block user agents with the word 'zango' and other known
adware words using .htacess.

Code:

setenvifnocase User-Agent "ZangoToolbar|Zango|FunWebProducts|Hotbar|ImageShack|PeoplePal|HTTrack" adware

<FilesMatch "(.*)">
Order Allow,Deny
Allow from all
Deny from env=adware
</FilesMatch>

Any ideas on the possible down side of doing this?

I've noticed quite a number of browsers with the 'Zango' toolbar going to
google and yahoo's cache which leads me to believe they need to be able
to access my site for some reason.

[loxly]

zango needs to be blocked from the merchant site, not your site. If it were that simple everyone would be doing it.