Affiliates Click Phishing in Twitter
The convergence of affiliate marketing and social media is upon us! Social media is no longer just an exploratory channel, and the affiliates who are normally the first ones to the niche marketing exploration party are using social media to drive traffic and clicks for programs they market in droves. Affiliates are driving clicks to their own web presences through social media, and other affiliates are direct linking through their affiliate tracking URL’s directly to the merchant’s website using power cloakers or redirects with shortened URLs.
Affiliates Click Phishing in Twitter
The issue of power cloakers is one issue I see with social media that is a little concerning when it comes to affiliates. Affiliates need to shorten their tracking URLs for direct linking purposes in social media channels such as Twitter which has a character limit for each â€tweetâ€. Many affiliates use linkbrander, or are creating their own redirects, which can be difficult for affiliate managers to monitor, especially when the affiliate is not using branded terms within the post that can be filtered and tracked by social media monitoring tools such as Filtrbox.com, Radian6.com, Trackur.com or TheSearchMonitor.com. Why is this concerning? Imagine an affiliate signing up your company on Twitter without your knowledge, and telling the world that you are giving away free merchandise just to gain the consumer click on the power cloaked URL to set the affiliates cookie. Scary, huh? This is called click phishing.
Merchants who do not have a strong foothold in the social media space are leaving their brands wide open to affiliate marketers who establish a presence within the social media applications.
Example Click Phishing in Twitter
Here’s an example of social media click phishing using a third party affiliate power cloaker. (This is an example we found, and we mean no offense to House of Brides)
An affiliate has taken over the House of Brides brand on Twitter. The web address for this twitter account is a shortened affiliate link via use of the power cloaker Link Brander.
Example Continued:
1. When a consumer clicks on the affiliates power cloaked Link brander link from Twitter,they are cookied by the affiliate.
2. The website is pulled into link brander’s frames even through the consumer’s navigation of the site; proper brand URL’s are not displayed, which could cause confusion to the consumer and loss of brand recall or a poor brand experience.
3. Using a debugging application we can see that the affiliate’s id is there.
4. LinkBrander even allows either the top or footer frame to host ANY type of advertising that the affiliate wishes to publish.
The Twitter posts within this affiliate’s Twitter account are all sporting the following brand issues (per image below). All post links go to the same URL. Bogus press releases naming known news entities in misguided attempts to “phish†for a click are seen including FREE Dress giveaways..
There were many additional instances of other brands I found that had affiliates taking over their brand identities within Twitter and other social media channels. This example stood out because the click phishing text within the Twitter account was so obviously attempting to phish for clicks. The takeaway here is that merchants need to seriously consider the impact of monitoring social media as well as ensuring that they are first to the space before affiliate partners have a chance to intercept it.
There are remedies such as networks including the shorten URL function so that affiliates do not need to use third party power cloakers or create their own redirects for use in the social media space. I would like to congratulate Webgains.com for being the first affiliate network that I know of that has now included the shorten URL function for affiliates in their network, making it easier for the network to monitor the referring URL traffic from that affiliate, as well as allowing affiliates to use the shorten URL function to enter the social media space safely.
Monitoring affiliates can be a large undertaking; if you do not have in-house staff to manage your affiliate relationships consider the assistance from an agency that has experience in monitoring and managing affiliate relationships. If you are interested in finding robust tools for monitoring affiliates see my Top Ten List of Affiliate Monitoring Tools
Happy Tweeting!
I would never hit a shortened URL unless it was TinyURL as I know and use it myself.
The main thing I would advise anyone clicking on shortened URLs is to keep the "Preview Feature" turned on. This means that if I hit a TinyURL shortened web-address, I am directed straight to the TinyURL web-site where I am instantly informed as to where that URL will take me. If I don't know or trust the web-site, I do not proceed to that URL.
Hello,
Great suggestion you have concerning the preview. Thanks for participating in the discussion. 🙂
Heather
Although this is something common, not many people aware of how to detect affiliate links especially when the url is shortened and this really helps to educate people about affiliate links.
Most URL shortening services do not have preview feature.
And i just worry click on a site that has virus.
SUNSS,
It was dubbed "twishing"
http://blog.spywareguide.com/2007/04/first_spoofi…
Hi Wayne!!
Twishing it shall be then! Have a great weekend!
Heather Paulson
Hi Heather!
The odd thing was Chris Boyd and researched and wrote about this over two years ago. (Couldn't find anything so we dubbed it Twishing- I guess we could have said "Pheeting" The mainstream press totally ignored it.
The Japanese press where all over it very next day. Maybe it was a sign on how far ahead Japan is with digital culture. e.g. mobile
http://japan.cnet.com/news/sec/story/0,2000056024…
[…] I guess the solution/question here is how does a brand validate themselves as the legitimate account on twitter, or any social networking platform for that matter? If this all sounds like I’m getting ahead of myself and that this is something that’s not already going to happen then think again. […]