JFK

Fitty Scammers

__________________

FUBAR Webmasters - The FUBAR Times - FUBAR Webmasters Mobile - FUBARTV.XXX
For promo opps contact jfk at fubarwebmasters dot com

alexg

I get your id, but damn, you gotta pay me some comission for seeing this gay gallery

__________________

Find fuck buddies in your area!

kenny

This is really bad news.

the real magoo

nastyking

Biskoppen:

Setup a 301/302 Redirection to the Nastydollars site and check if it still rewrites the affiliate URL.

Put this in a .htaccess File:

Redirect /sponsor.html http://www.nastydollars.com/bla

Maybe a year ago a similiar scumware was bundled with Kazaa that re-wrote affiliate URLs for Mainstream Programs.
With HTTP Redirections I was able to prevent the alteration of my affiliate ID.

__________________

kenny

I dont understand how this can work if it is hijacked at the browser level

kenny

It shouldnt effect conversion ratios. If the affilate link is hijacked then you shouldnt get the hit either.

Unless of course I am wrong

nastyking

In case of that Mainstream Scumware the re-writing was done with a BHO (Browser Helper Object).

IE "alerts" the BHO every time the surfer visits a site and the scumware then alters the URL. However, IE does not alert the BHO on redirections or the mainstream scumware wasn't catching those events.

__________________

angelsofporn

Everyone promoting toolbars and media tickets type bullshit...please stop promoting this garbage

AgentCash

Well one way sponsors with multiple sites could help ward off the url rewritng is by generating unique linking codes, and run them all through one URL.

For example:
Old link
http://www.boysfirsttime.com/main.htm?id=biskoppen

Spyware just has to match "http://www.boysfirsttime.com/" in the url and rewrite with the authors affiliate code.


New link
http://www.nastydollars.com/JGG483gfeTGUE834754

Spyware author has no idea what site it goes to unless he visits each and every unique URL. Any rewriting done after the surfer visits the unique URL will be easy to catch.


What this would do is discourage the authors from doing simple affiliate code replacement since they have no idea which site to target, someone may even want to get together with a lot of sponsors and start a centralized linking repository, because the more sites you have listed the less inclined they would be to try. They could still hijack the traffic no doubt, but at least they couldn't easily target the same niche.

Matt 26z

Can anyone confirm that these encryption methods actually work? They only way to know is to test them on an infected computer.

Bisk, if you are still infected you could do this for us using ND affiliate codes.

crockett

guys I think you are missing the point... Sure he needs to and can probably clean his system and fix it on his end. But the surfers are getting infected and they are the ones that count because they are the one's signing up.

The program owners really need to start looking into ways to stop this. They may get the same sign up amounts now, but if affiliates stop promoting them the sales will drop because the high jacker isn't sending traffic but is stealing it.

__________________
In November, you can vote for America's next president or its first dictator.

kenny

They need to ban the guy with refer URLs coming from 10,000 different domains..

They should be able to tell from the URLs where the traffic is coming from and then notice the affilate IDs dont match

Or am I wrong?

tolik

work for me too

__________________
LONGBUCKS-Teen, Mature, Reality, Gay sites.
Free hosting (cgi/php/mysql/cron etc). FHGs. Free content.Great rebills. Support icq - 313-882-945

Webmaster friendly high recommended programs to promote (personal experience):
RoyalCash-Teen ProfitX -Video SmokinCash-Amateur,Lesbo,Squirting

AgentCash

Smart spyware rewrites the referrer. And I know a few legit guys with many domains.

Matt 26z

There are a few potential sponsor level fixes.

One being to check the referral URL of each and every affiliate hit. If the surfer didn't come from a domain that matches up with the affiliate ID, then deny credit. Only allow a domain to be associated with one ID.

darnit

dead on the money, the affiliate doesnt even win on this.

tolik

alot of sponsors now able to track affiliates traffic via referers
it dont need id at linking at all for this

__________________
LONGBUCKS-Teen, Mature, Reality, Gay sites.
Free hosting (cgi/php/mysql/cron etc). FHGs. Free content.Great rebills. Support icq - 313-882-945

Webmaster friendly high recommended programs to promote (personal experience):
RoyalCash-Teen ProfitX -Video SmokinCash-Amateur,Lesbo,Squirting

AgentCash

And what about firewalls that block the referrer, or spyware that rewrites it?

kenny

I didnt know spyware could rewrite the ref URL.

I was implying on the sponsor looking into the accounts with many domain referrers and checking to see if the affilate IDs match. Investigate it a little whois and what not.

But since spyware can rewrite the URLs that blows my idea out of the water

SmokeyTheBear

ok someone who has the spyware installed test this link and see if the code changes, I have cloaked the url

http://gfyhelp.blogspot.com

__________________
hatisblack at yahoo.com

The Bootyologist

One of the major players changed the script after I stopped promoting them to my non-foreign traffic. A couple of days later I caught that they had installed a homepage hijacker along with the search bar. There was no hijacker when they were getting the good traffic. . .

Keep an eye on your shit..

TheSwed

http://cumfiesta.com/main.htm?id=nd5000

__________________

Cheap Viagra and Cialis Erectionpills

SmokeyTheBear

do you have the spyware on your computer or not. ?? or did you even read the post ?

__________________
hatisblack at yahoo.com

TheSwed

No i don't have any spyware...but that was the url your link give me

__________________

Cheap Viagra and Cialis Erectionpills

SmokeyTheBear

it was supposed to , if you didnt have the spyware installed then it shouldn't have changed anything.. thats why i specified that " SOMEONE WHO HAS THE SPYWARE INSTALLED" click the link, not you.

__________________
hatisblack at yahoo.com