Click fraud glossary
A-C

Cookie stuffing

Cookie stuffing is a deceptive practice where fraudsters force multiple affiliate tracking cookies onto users' browsers without their knowledge or consent. This unethical technique allows scammers to claim commission for sales they didn't actually generate. It's a significant problem in programmatic advertising that costs businesses millions in fraudulent commission payments each year.

How cookie stuffing works

When a user visits a website controlled by a fraudster, malicious code automatically plants multiple third-party cookies from different affiliate programs. These cookies override legitimate affiliate cookies that may already exist on the user's device.

Later, if that user makes a purchase from any of those advertiser merchants, the fraudster gets credited with the commission - even though they did nothing to actually promote or drive the sale.

Common cookie stuffing techniques

  • iFrame stuffing - hiding invisible frames that load affiliate sites
  • Pop-under windows that quickly open and close
  • Image stuffing using 1x1 pixel images loaded from affiliate sites
  • JavaScript injection that forces cookie placement
  • Toolbar and browser extension exploits

Impact on advertisers and legitimate affiliates

Cookie stuffing directly steals revenue from honest affiliate marketers who actually work to promote products. It also wastes advertising budgets by forcing merchants to pay commissions on sales they would have gotten anyway.

The practice can severely skew tracking data and make it difficult to measure true marketing performance. Many businesses unknowingly pay substantial amounts to cookie stuffing fraudsters thinking they're compensating legitimate publishers.

How to protect against cookie stuffing

Companies can implement several measures to detect and prevent cookie stuffing fraud. Using affiliate tracking platforms with built-in fraud detection is essential. Regular auditing of affiliate traffic patterns can help identify suspicious behavior.

Other important protective steps include monitoring for unusual spikes in cookie creation, analyzing user paths for unnatural behavior, and working with reputable affiliate networks that actively police their platforms for fraud.

Other terms

Anti-detect browser
Ad hiding
Competitor click fraud
Click injection
Click flooding

News & insight

Visit blog
Arrow Right Icon
Ad fraud

Why is keyword targeting for Google Display Network not working?

We dig into a recent Reddit post where a user complains that keyword targeting for Google Display should be showing up ONLY on pages that have their specific keywords on them. Other users had some good ideas.
Ad fraud

5 common click fraud myths — busted!

Click fraud is a subject that is only really coming to light in recent years. With CPC bids getting higher every year, click fraud is growing. We've compiled 5 common myths, debunking and exploring each one in detail.
Analytics

Why do my user sessions not match my clicks? [Answered]

This helpful guide is for anyone struggling to match up clicks on ads with sessions recorded in their analytics. Surely they should just MATCH UP? Or maybe not, as we'll discover...
Complete guide to click fraud
Complete guide to browser fingerprinting
Next generation click-fraud protection platform
Get started
Product
Click fraud detectionClick fraud blockingMarketing channelsAnalytics & reportingFor agenciesPricingDocumentation
Compare
Click Guardian
ClickCease
ClickGUARD
ClickPatrol
Clixtell
Fraud Blocker
Lunio
TrafficGuard
More
Bot traffic statistics
Ad fraud statistics
Glossary
Company
Contact usTerms of usePrivacy policyCookie declaration
© Chalkboard Software Limited. Registered in England & Wales number 09192721.