Web www.GoodSites.co.uk


Main Menu

Home
Webmaster Stuff
Free Hosting
Free Utilities
Logo Design
Menus
Metatags
Search Engines

Affiliate Stuff

Adsense
Amazon Astores
Clixgalore
Adsense
Profitistic
Tradedoubler

Websites
Cheap Web Sites
Directories
Website Graphics
Business Ideas
Cash From Text Links
Dropshippers
Offline Promos
Ebay
Internet Recession
Security Issues
Shopping Carts
Merchant Accounts
Google Checkout
Paypal

submit a site or article to Goodsites

 

website fraud and security issuesONLINE SECURITY

Fraud is a serious matter for businesses , and there are some clever fraudsters always looking to exploit security gaps in both large and small business and commerce websites .

This extract is based on personal experiences of running web sites , the extract is included as a reality check for GoodSites clients , and site visitors , if you agree or disagee send in your opinions for possible inclusion on these pages

Here there are some discussions on some of the clever ways naughty surfers are using the internet for their unfair advantage , and what can be done to prevent this happening .

No1 Cookie Stuffing

This used to be a BIG problem , but is fast becoming a thing of the past as more technology providers provide anti-stuffing measures to combat this massive fraud potential .

How it works - Fraudster X joins 1 or more affiliate programs (which pay you for referring traffic via their banners which you place on your website). The idea is you legitimately get paid based on the performance of your referals - You advertise the product or service on your website and if some one clicks the offer and buys from the advertiser you get a small reward . Technology wise it works by storing a small file called a cookie on the visitors PC , this identifies them with the advertising provider , and usually has a time limit imposed , so if they click through the banner , the affiliate gets paid if the visitor buys within the time limit (which can be between 1 day to typically several weeks) . Fraudster X however has worked out a clever little way of bypassing the click , so that the visitor simply visiting the page ( ie a web page impression ) results in the cookie firing off , and this can be literally 100s of cookies , this is out right fraud because the visitor has not decided they want the offer being advertised and the cookie could even worse be for an unrelated product(s) or service(s) . Say the bad affiliate adds several high street cookies on a page to fire off as a cookie machine gun ( or cookie bombs as they also know as ), then the visitor is quite likely to visit one of the High St store web sites eventually if not on the same day .

Prevention

Deterrants are usually employed here , any affiliate program should include a clause to say that any affiliate behaving in such a way will be terminated immediately and any commission accrued forfeited . Then the affiliate managers job is to look out for strange click patterns , eg: if you see several clicks happen at the same time or bad conversion rates with high clicks ... Luckily such practices stand out like a sore thumb for anyone reasonably proficient in analysing their website stats reports on UVs impressions clicks and referal pages etc , and few affiliates get away with such prcatices long enough profit . Most are fly by night sites - sites designed to make a quick profit and run ...

No2 Phishing

Phishing is a common practice , where rogue companies or individuals contact you by email pretending to be someone else - usally a trusted website such as a high street bank , or Ebay or Paypal etc... They often create a site with a domain name that is like the copy cat site and with a stolen logo and slogan etc. to make everything legitimate , and then ask you for personal information . If you are a member of Ebay and get an email saying your account is about to be frozen , and to update your details you can be pretty sure it's a hpishing attempt . Also you may get an email saying Paypal has received a fraudulent transaction and asking you to login , (but unknowingly you will be logging on to a different site designed to trick you into entering you logging details).

UPDATE : The latest attempts are emails pretending to be from your bank warning you of phishing attempts , then asking you to logon to help them update their site ! It is sad that some people may fall for these tricks

Prevention - Do not be caught out !

Do not click through to sites from emails unless you are 100% sure it is legitimate - always check the web address of the link corresponds EXACTLY to what the merchant's real site is called . Eg: for Paypal it would be http://www.paypal.com and not http://www.paypal99.com ! If at all unsure do not follow the link , instead open your browser and type the address of the site you are sure about in at the address bar .

Also you can alert the real site to such activity , eg: Ebay has a spoof emails contact , this will help alert others .

Finally if you have an anti spam package make sure you report the email . Some web host providers provide anti spam packages with their pop email accounts as standard 1&1 anti spam is a good example

Another good free email account with a very useful SPAM button is Yahoo! Mail , this has a pretty efficent spam filter , for any new spam emails that get through , simply click the spam button and it goes straight in the Bulk Folder .

Where to find out more ...

Try our webmaster forums , where we discuss security issues and related matters

 

 


Copyright Goodsites.co.uk. All Rights Reserved.