What happens when you offer up money to anyone who can drive traffic to your website? Hackers, scammers, spammers and fraudsters come to your aid. That’s the case with online movie site zml.com, which offers 30% of each sale and 5% of rebills paid via anonymous means to anyone who refers paying customers to the site. And zml.com is just one of many.
In general, it works like this: a person signs up as an affiliate and is given a code. If someone goes to the website with the proper code embedded in the URL, then a cookie is set and if that person later buys something on the site, the affiliate gets a piece of the transaction. Outside of the shadows this means others are encouraged to setup ads or to refer friends to the site. But on bigger scales, this can be big money, so the established cyber criminal community gets in on the action – not always by breaking the law, but certainly using shady means to drive customers to these websites.
Among the techniques being used by these shadow affiliates are blackhat SEO, fake blogs, spam campaigns and more. These will frequently redirect through servers managed by the shadow affiliate and, in eSoft’s investigations, frequently used for other purposes such as malware distribution and phishing campaigns.
Windows Live Spaces is again being abused
with a slew of fake blog pages covering hundreds of popular movies available for download. The download links redirect the user to a number of different movie sites that offer high paying affiliate programs.