Affiliate Management

How to police your affiliate program

Unfortunately, if you do not have an adequate affiliate compliance strategy you could fall foul to fraudsters.

No matter the size of your program there is always going to be a small number of affiliates looking to manipulate the system. By following black hat techniques they plan to fraudulently earn commission from you.

They do this in various ways which we will outline below. But, the first step in stopping this activity is making sure your program terms and conditions are ironclad.

Without detailed terms and conditions, you are leaving yourself open to people taking advantage. In this article, we will also highlight some key policies to instil for each dodgy behaviour.

Using software tools can automate a lot of the manual work in uncovering fraudulent activity. Although, some will come down to your team’s daily or weekly manual checks of websites.

Familiarise yourself with the dishonest tactics some affiliates use, police your program regularly and look out for the warning signs such as:

  • High than average conversion rates
  • An abnormal surge in orders
  • A high number of late-night orders


Paid Search

I find this the most common way publishers breach affiliate program terms and conditions. Probably, because it is as simple as launching some paid ads and targeting brand keywords.

An affiliate will launch a paid search campaign and use branded keywords. Those keywords are what a customer is searching for in a search engine. If it includes a brand, there is normally a higher purchase intent. So, the affiliate is looking to redirect potential customers to their site so they can drop a cookie. In my experience, it is nearly always a small coupon site that latches onto this technique using a coupon or offer in the ad headline to increase click-through rates.

To get around your detection and your programs brand terms there are a few clever techniques publishers use:

Subnetworks – By using a subnetwork, they are removing themselves from your program terms. Ensure any subnetwork you use, enforces your program terms.

Late Night Bidding – To avoid detection, some publishers operate out of UK office hours. Make sure you use an ad monitoring tool or check manually at different times.

Obscure Keywords – Every affiliate manager should be checking regularly the most familiar keywords like ‘brand+discount’ or ‘brand+promo’. But, use a software tool to monitor every mention of your brand. That way you don’t miss any obscure terms or purposeful misspellings. 


Paid Search Policy

I would always recommend starting with a zero policy for any paid search activity as standard. That way you cover yourself and your program. 

Then, as the program evolves and I negotiate different coverage, I allow publishers to bid on a select list of terms. This makes everything manageable and ensures I know exactly who should be in the space at any one time.

For a more detailed overview of your PPC space use a brand monitoring tool like Brand Verity. They will notify you of any publisher fraudulently entering this space and it now comes as standard with affiliate tracking company, Partnerize.


Unauthorised Coupons

Alongside paid search compliance, unauthorised coupon management takes up a lot of affiliate managers time.

Coupons and discounts are a great way to drive new customers and increase conversions. But, a lot of affiliates (including the big coupon sites) will try and play the system.

One situation that has exasperated the coupon space is user-generated content (UGC). Allowing subscribers to post offers encourages them to share non-affiliate offers. 

If you have sent your highest order driving customers a thank you offer. It is then frustrating to see that appear on the open market through a coupon site.

Many sites have a team of coupon finders scouring the internet for the latest deals. This could lead to them taking a code from another coupon site. If this is an unauthorised coupon for them your task is made difficult. As there is normally a chain reaction of copying from other sites searching in this way.

Other coupon areas to look out for are expired codes or just plain fake codes. Both will result in a bad user journey and could impact negatively on the brand.


Unauthorised Coupon Policy

There are a few ways to combat the misuse of unauthorised coupons. Some may need technical integration while others might rely on your networks capabilities.

Here are some of the ways I combat it:

Single-Use Codes – Remove generic (SUMMER20) codes and offer unique codes so it isn’t as easy to share the code.

Assign Codes – Lots of the networks have created the ability to assign a voucher to a publisher. That way, they are the only publishers to receive a commission for its use.

Remove Site Offers – If you don’t want publishers to earn commission from some onsite offers, then remove them. Stop them from showing to any traffic from a publisher site to lessen the impact.

Vanity Codes – These are codes given to specific affiliates that might include their name or brand. Actively showing it belongs to that site, can lessen the likelihood of it being stolen and shown elsewhere.

Again, there are software tools to help monitor codes on publisher sites. Although, the above will help to minimise wrongful code usage without it.


Domain Squatting

With this technique, publishers will register a domain name similar to the brands but with misspellings or typos. Hence why it is sometimes also referred to as “typosquatting”.

As we browse the internet, we are often typing quickly and typos can come into play. The customer could land at the publishers wrongly spelt site before being redirected to the correct site. All with a new cookie nestled in their browser.

Alternatively, an affiliate could direct a user to a competitors site. This competing site might have a higher conversion rate or pay more commission.

As the customer is trying to type the brand’s name in, it is likely they have a high purchase intent. So, by either redirecting to the correct brand or a competitor, there is a good chance the affiliate will earn a commission. 


Domain Squatting Policy

Obviously, if the domains don’t exist in the first place, then a publisher can’t buy them. So, a brand should hold in its possession a mix of domains similar to its own.

There is the option to pursue legal action but that could be costly. For this, you would have to prove the domain is similar enough to your own. Plus, that the publisher has only purchased to use it in bad faith.


Forced Cookies / Cookie Stuffing

The affiliate journey on nearly all programs is always the same. Customer visits a publishers site and clicks on a link to the brand’s website. If the customer purchases within the desired cookie window (normally 30 days), the publisher earns a commission.

To give themselves a greater chance of earning commission, some publishers manipulate the system. They drop multiple cookies onto a customers browser. This process is called ‘cookie stuffing’.

The technique of cookie stuffing is sometimes quite obvious. Like forcing a visitor to take multiple actions on site. Others are more secretive and will take some digging.

But, cookie stuffing should not be allowed on any affiliate program. The process is stealing another channel or publishers attribution to earn a commission.

The below cookie stuffing techniques are summarised from a great article by Header Bidding, which you can read here

Javascript – Using Javascript, a publisher might force a redirect of a URL, dropping a cookie in the process. 

Iframes – Iframes are used to load an HTML banner ad separate from the sites main HTML. This banner can be used to hide affiliate links and drop a cookie.

Pop-Ups / Overlays – As we mention, later on, these can be used in incentivisation. Publishers deceive a visitor by dropping an affiliate link when they interact with a non-existent reward.

Stylesheets – Affiliates can use CSS to disguise an affiliate link behind a website image. 


Cookie Stuffing Policy

It can be difficult to assess the full scale of any publisher cookie stuffing. But, your terms and conditions should specifically call out this process as against program terms.

To discover any illegal activity might need some tech know-how, so ensure you have this within your management team.

Brand Verity recommends using a plugin-type HTTP viewer to track any redirects. Some common ones you might like to try include:

Get familiar with the source code of a site as this can uncover clues to any stuffing. But, also clear your browser cookies and visit these publisher sites. It will allow you to see if any cookies were dropped on your browser without your knowledge.



Traditional incentivisation through affiliate marketing is not usually a problem. We are all familiar with cashback or coupon sites that offer users a reward for clicking a link.

But, some may dangle non-existent rewards in front of a customer for them to act. These actions could be forcing a click or a download. Both will result in an affiliate cookie being dropped onto the user’s browser. The customer though, will not receive any reward.

Browser extensions are still a slightly contentious conversation within the affiliate industry. Large publishers like Honey or Piggy show customers the latest offers available at the point of purchase in the checkout flow. This helps conversions and they are typically a healthy contributor to most affiliate programs.

More unscrupulous affiliates will use browser extensions to trick customers. They will show a generic offer or even a valid coupon at the point of entry onto the brand’s site. To remove the overlay, a customer is forced to click to close it. At this point, the cookie is dropped.

What the second browser extension is doing is unashamedly overwriting the traffic of another channel. Without a robust attribution model, this could lead to a brand paying twice (dependent on the channel) for the same traffic.


Incentive Marketing Policy

Firstly, any publisher that uses browser extensions to earn a commission should be registered as a soft cookie in the network. A soft cookie ensures they never overwrite another publishers cookie.

Secondly, pay close attention to the incremental value of any publisher offering a reward to a customer. Are they driving the initial interaction or just redirecting a valid customer through an affiliate link?

Overall, become accustomed to the individual promotion terms of any publisher and any risks that might pose. 

If you have a line of communication with other teams in your company, this could be vital to discovering malpractice. Customer complaints of rewards not received will typically be directed towards your brand and not the publisher.


More Topics