Could this be click fraud?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Earlier this year I had my first attempt at promoting an affiliate program
and within the first few months I'm pleased to say that it seemed to be
profitable in a very small way so I started to build on what I'd done to
attract more referrals.

All seemed to be progressing well, I could reasonably predict about 10+ hits
a day, and it reached the point at which approximately 1 in 10 would make a
purchase. For a short period $1 a day on Google adwords brought in a return
of $10. Not enough to retire on but still worth having.

Inexplicably it stopped a couple of months back. The click thru's were being
recorded but no sales conversions so I began looking into it and discovered
2 things.

First the javascript code which recorded my affiliate activity did so by
building an <IMG> tag within the sign on page of the service I was
promoting, this tag was obviously being used to pass the detail of the
referal to a third party PPC monitoring service on a separate domain.

Then I discovered this:

So I copied the code from the logon page and did a test of my own, as
anticipated it didn't work but I noticed two other things. The <script> tag
was immediately preceded by the warning that attempting to modify the
following code would immediately block the account and the <IMG> tag was
followed immediately by an almost identical hardcoded <IMG> tag pointing to
the same third party domain without the referrer information..

Before any attempt to look at the code, I'd already filed a complaint with
the Better Business Bureau and upon my discovery. I contacted the company
pointing out my observation, that as this Microsoft patch circulated around
the world, the number of referrals attributed to me had diminished to zero.
Specifically, my 10% rate of conversion became zero in over 300 referral and
I knew several of the people that had made a purchase in this period.

The very next day after my pointing out this flaw, the site was off line all
day and though it may have been a coincidence, I have the feeling that they
may have panicked at this revelation. Nevertheless they are now back and
nothing has changed. They have not responded to me since.

Recently I've been reading one or two of the web guru's opinions on click
fraud but they don't seem to include the scenario I've just described.

My question is this:-

Could it be merely incompetence when a site includes code which fails due to
tightened browser security? If they continue to operate their scheme having
been informed of the deficency, does this then cross into being plainly

Thanks in advance for any pearls of wisdom.


Jeff Mowatt

Site Timeline