ClickJacking - Idea on hiding refferal traffic through another website.. can it work?

Aug 17, 2011
34
2
Guys maybe cuz I am new to this and this idea has already been discussed ... but I had this IDEA of sending Purchased or Adult Traffic through/TO a whitehatsite/directory/-> that redirects that traffic from that URL to a Clickjacking domain for example... so the REFERRAL will be from whitehatsite and not from the purchased-traffic website.???

what you guys think about that? can it work so that google doesn't see the Purchased traffic referral??
 
i dont know if its possible but why dont you send the paid traffic to a anonymized link for example create one at http://anonym.to/ if you create a anonymous link at anonym.to then the reffer will be hidden and it will redirect to your landing page
 
From wikipedia

Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function.

You might want to define what exactly you mean by clickjacking.

Adult visitors barely convert for adult websites, they certainly aren't going to buy anything or convert after being redirected several times. I can only imagine you're wanting to do this to up your traffic numbers to look more legitimate to support some other fraud system (like balancing out traffic to make clicking on your own links a more legitimate clickthrough rate)?

Blackhat means you're using clever methods to outsmart Google's ranking algorithms, not to commit fraud. I can't imagine any reason to up your traffic with non-converting visits for any other reason than fraud (except maybe to up your alexa numbers on a website you're going to flip) ... even then it'll be fraud for whoever buys the site.
 
Not sure how clickjacking works into it. I would suggest you fake or blank referrer :)
 
Yes, this idea is used all the time to act as a buffer referrer (to hide original referrer). There are many ways to do this, some people use custom scripts, others user WP plugins that offer this option. It can help with anything, not just for the purpose of having a click jacking destination.
 
Yeah but its very shady, take note blanking,faking the referrer isn't 100% efficient, I've tested this already.
 
Blackhat means you're using clever methods to outsmart Google's ranking algorithms, not to commit fraud. I can't imagine any reason to up your traffic with non-converting visits for any other reason than fraud (except maybe to up your alexa numbers on a website you're going to flip) ... even then it'll be fraud for whoever buys the site.

Actually it doesn't...I think you may have to brush up on your dictionary. Whitehat SEO is a means of using clever methods to outsmart Google Rankings. Google ranking are meant to be organically created...so anything that you do in attempt to change this original intention is "cleverly using methods to outsmart Google's Rankings".

With that said, here is Wikipedia's excerpt on Blackhat:
...especially in computing slang, where it refers to a computer security hacker who breaks into networks or computers, or creates computer viruses.[2] It may also refer to the act of spamming the internet with personal/social messages where the main intention of spamming is monetization or Black Hat SEO. Some of the blackhat[3] SEO tactics include: keyword stuffing, hidden text and links, doorway and cloaked pages, link farming and blog comment spam.

Clickjacking isn't fraud...it's just cleverly redirecting or changing the action of a user's "click" when they are on your web property.

** Use caution next time you try to decide that you want to call someone out for "comitting fraud". - just a thought
 
But BH does include fraud. BH includes a ton of illegal shit, thus why it's called BH.

Just to clarify, I'm not condoning fraud, just that there is always this debate about "what is BH," because a lot of people enjoy the title to feel edgy and cool, but rarely cross into the GH area, let alone BH.
 
Clickjacking isn't fraud...it's just cleverly redirecting or changing the action of a user's "click" when they are on your web property.

Thanks for clearing that up for me. Except name one reason anyone would do this that isn't based on fraud.

Actually it doesn't...I think you may have to brush up on your dictionary. Whitehat SEO is a means of using clever methods to outsmart Google Rankings. Google ranking are meant to be organically created...so anything that you do in attempt to change this original intention is "cleverly using methods to outsmart Google's Rankings".

Whitehat SEO is ranking in Google using methods that Google condones, which are legal. Blackhat SEO is ranking in Google using methods that Google does not condone, which is still legal. Google cannot dictate how someone builds their website or structures their links, there is nothing illegal about buying links or building a network of websites to exploit Google's algorithm. Google's only course of action is to remove them from their index if they desire -- but never is it a question of legal or not legal.

Fraud = go to jail if you're caught doing something like forcing clicks through an affiliate system that the user didn't originate. And if you disagree with me, look up BHW terms of service, I'm certain you'll find that you aren't to discuss methods on this website which are illegal.

You have your own definitions of clickjacking and blackhat, and that's fine. I'll stick with the wikipedia definition, and the fact that every other thread on BHW that has the OP asking about clickjacking has everyone going "what are you talking about".
 
Fraud = go to jail if you're caught doing something like forcing clicks through an affiliate system that the user didn't originate. And if you disagree with me, look up BHW terms of service, I'm certain you'll find that you aren't to discuss methods on this website which are illegal
Lol, you're not going to jail for click-jacking, believe me. I'm highly conscious of what I do and don't do, and click-jacking is far from "illegal." You might face some civil liabilities against the network you're trying to game, but nothing like Wire Fraud, etc.

BH is by definition malicious in intent and does encompass illegal activity. That doesn't mean illegal activity is a necessary condition.

Even if you don't do anything that can get you sent to prison, if you haven't done anything that can put you in a court room up against some private entity, you're not BH.
 
Yeah I guess that's the reason why Shawn Hogan, owner of DP forums, was arrested by the FBI for cookie stuffing amazon affiliates and now has his passport held so he doesn't flee the country while awaiting trial.

Cookie stuffing is nothing more than a URL redirect not authorized by the web surfer, done in an iframe, which made amazon think that Shawn had sent a visitor to them when he hadn't. Then later on if that person ever did go directly to amazon to purchase something, he would get the commission.

So you think that is entirely civil only and nothing illegal huh? Why did the FBI get involved? Why was he arrested? Why did he have his passport confiscated awaiting trial?

You think its not illegal, thats fine you keep doing it. Meanwhile, every dollar that gets sucked out of systems through fraud is all that much less money for the affiliate program, and that money has to come from somewhere ... i.e. for everyone who is not frauding ... less commissions, harder to sign up, parent company goes out of business from fraud and affiliates never receive their commissions.

BH is not by definition malicious in intent. I can buy 20 websites, is that evil? No. I can buy hosting on 20 different IP addresses, is that malicious? No. I can stick up 20 websites, anything wrong with that? No. I can point links from those 20 websites to my own website, is that illegal? No. Who has been harmed by this so far? No one. Google sees my linking structure and gives me a bonus in their SERPs, has Google been harmed? No. Is that blackhat? Yes. Why? Because Google doesn't want you manipulating their algorithm like that, but there's nothing harmful or malicious associated with it.
 
I was actually referring to buy traffic say from LinkTrackers and send it to one BH site where a clickjacking script is installed ... to clickjack say FB LIKE button or Twitter Subscribe button, etc. (can be many purposes).
However, some people use it to ClickJack an adsense code and ask me how to fake their purchased traffic Referrer in a CJ site. So I thought of the idea of sending through a whitehat domain Purchased or Adult traffic.

So can someone answer if this can be done or not?
I don't care if you call it BH or not. just need to know what referrer will be shown.
 
BH is not by definition malicious in intent.

I think you got lost and are in the wrong forum...

Proxies: Used to purposefully hide your location
Content Generators: Used to purposefully trick the user and google into thinking you have real content
Comment Spam tools: Maliciously spamming 3rd party blogs
Forum Posting Software: Maliciously spamming 3rd part forums

Just to name a few blackhat items on this forum.

Now..let's look at recent posts....

- Be careful with this IP for your google adsense!!
- Bulk Yahoo answers level 2 Accounts Required
- Video View Increasing Bots??
- Case Study - Beating Panda With An Autoblog
- What is the best link cloaking solution for wprobot in wordpress subdomain multisite?
- Removing Negative Competition from top 10

...Just to name a few...about 90% of these threads could be taken down and OP's taken to court over "Loss of Revenue Actions" among other things.

The point is, your in a forum that revolves around the basis of finding, locating, and sharing ideas on how to increase both SEO ranks and Money Making.

Don't sit here and call FOUL.

It's like going into a strip club and then complaining that women are taking off their shirts!

************************************

By the way...

Hacking = Malicious
Blackhat = Exploitation
 
The difference between manipulating G's algo and stuff like clickfraud & rogue CPA e-mail submits is that the former is a terms of service violation and the latter is wire fraud. (Ironically, a lot of blackhats think defrauding CPA companies is OK, but burn to the ground anyone involved in click fraud.)

Wire fraud:

Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire, radio, or television communication in interstate or foreign commerce, any writings, signs, signals, pictures, or sounds for the purpose of executing such scheme or artifice, shall be fined under this title or imprisoned not more than 20 years, or both. If the violation affects a financial institution, such person shall be fined not more than $1,000,000 or imprisoned not more than 30 years, or both.

I don't know the details of the Amazon cookie stuffer, but I wouldn't be surprised if he's being charged with wire fraud. Blackhat is not a synonym for criminally illegal, but rather operates between the very border and within it. Blackhats risk their rankings, their earnings and their reputations; Not jail time. Having said that, I'm definitely not without sin. You won't ever see me cast the first stone.
 
Last edited:
From wikipedia



You might want to define what exactly you mean by clickjacking.

Adult visitors barely convert for adult websites, they certainly aren't going to buy anything or convert after being redirected several times. I can only imagine you're wanting to do this to up your traffic numbers to look more legitimate to support some other fraud system (like balancing out traffic to make clicking on your own links a more legitimate clickthrough rate)?

Blackhat means you're using clever methods to outsmart Google's ranking algorithms, not to commit fraud. I can't imagine any reason to up your traffic with non-converting visits for any other reason than fraud (except maybe to up your alexa numbers on a website you're going to flip) ... even then it'll be fraud for whoever buys the site.
Dude I'm pretty sure that google considers blackhat tactics to be fraud. There is a fine line here, there may be a few levels of separation between what you are talking about and what he is talking about but lets not ride a "I'm better than that" horse. If you doubt me just look at this community and the information we provide.
 
I think you got lost and are in the wrong forum...

Proxies: Used to purposefully hide your location

There is nothing illegal about hiding your location. Legitimate reasons for hiding location would be to create multiple accounts at Google, blogger, yahoo, facebook. It may be against the terms of use of these websites to create multiple accounts with them. It is certainly not illegal.

Content Generators: Used to purposefully trick the user and google into thinking you have real content

You got to be kidding me. If I write an article and spin it into 100 versions, put it onto 100 websites that I own ... exactly how is that illegal? Just because Google doesn't like being tricked like this does not make it illegal. Their only option if they don't like it is to discover it and remove you from their search engine, but it never was a question of legality.

Comment Spam tools: Maliciously spamming 3rd party blogs
Forum Posting Software: Maliciously spamming 3rd part forums

3rd party blogs make the availability to post on their blog public. It was their option to allow other people to post on their blog. They may not like the fact that their blog receives automated links on it, but that is an issue of terms of service if anything (not even that because how many blog websites have you seen with a terms of service that say please do not automate comments to my website -- none). Again, nothing illegal here.

Just to name a few blackhat items on this forum.
Now..let's look at recent posts....
- Be careful with this IP for your google adsense!!

Google doesn't have an absolute right to profile anyone who uses their service. There are 100s of anonymity websites out there and none of them are illegal. If anything this would be a terms of service violation, although I'm fairly certain that Google does not have in their TOS "do not hide your IP from us". Again, never a question of legality.

- Bulk Yahoo answers level 2 Accounts Required

So what? Yahoo doesn't like someone creating multiple accounts at their service, but it isn't illegal. It is not illegal to go against the terms of service of a website. I repeat just in case you haven't let that set in ... and don't make me go google up the actual lawsuits that prove my case (because it has been proven in courts) it is not illegal to go against the terms of service of a website.

- Video View Increasing Bots??

TOS violation, not illegal.

- Case Study - Beating Panda With An Autoblog

Trying to overcome a google algorithm is not illegal. Automatically generating blog posts is a terms of service violation, not illegal.

- What is the best link cloaking solution for wprobot in wordpress subdomain multisite?

Hiding links from Google because their algorithm penalizes links to affiliate websites ... how in the world can any sane person think this is illegal.

- Removing Negative Competition from top 10
If Google's algorithm can be manipulated to take a website down, that is Google's problem. The person who was moved down in ranks and lost money could theoretically have a civil suit -- but that's assuming they were entitled to the Google SERPs they originally had. I'm not particularly in favor of Google bowling, but that being said -- its not illegal to build backlinks to a website you don't own.

...Just to name a few...about 90% of these threads could be taken down and OP's taken to court over "Loss of Revenue Actions" among other things.

Don't sit here and call FOUL.

It's like going into a strip club and then complaining that women are taking off their shirts!

The OP clarified what they were looking for. They want to cookie stuff CJ. It's illegal, fraud -- the FBI would be just as justified knocking on the OPs door as they were knocking on Shawn's door.
 
The biggest point I'm trying to make -- is that everything you just quoted as being malicious -- has no one suffering financial harm through wire fraud.

If someone has a blog they want comments on, but get some that are automated comments that they have to delete -- they're not being scammed out of hundreds or thousands of dollars.

If someone creates 100 accounts with yahoo and sells them, yahoo might (accumulated) have to hire an employee to handle 100s of millions of spam account deletion ... but they're not losing a penny over someone creating 100 accounts on their service.

If google's algorithm is manipulated to show one website at the top of the SERPs over another, that website might be higher quality ... Google may even end up benefitting from it.

Cookie stuffing, however, is real theft. Any affiliates that were due a commission before a client was clickjacked lost real money out of their pockets. If there wasn't a cookie already set for commission, the parent company lost real cash by paying a commission when they really didn't have to. That is real money being taken, real theft, real fraud, real damages, its illegal.

Why do I care? Because for every idiot that hatches up a fraud campaign, everyone else suffers. Its not particularly easy to sign up with CPA because of all the frauds. I used to take funds from my paypal account and forward it to myself using a site called xoom.com ... they disabled that service because they were frauded too much.

All the money lost from fraud has to come from somewhere, it comes out of the parent company profits, other affiliates pockets -- in general it just screws up opportunities for people who are not trying to steal. If you're working this hard trying to commit fraud, why not take all those energies and start trying to rank websites and get money legitimately.
 
It's late...and maybe my thinking is off but let's look at the following scenarios...

Scenario #1: Website owner pays for traffic (PPC or whatever). Site owner directs this traffic to a URL with his/her affiliate ID that is set to "forward" to the affiliate site. If those visitors buy anything site owner gets paid.

Anything wrong with this? The web visitors were NOT defrauded in any way.

Scenario #2: Same as above, but instead of a "forwarded URL" the traffic was sent to a site with a CJ script installed that sent the user to the affiliate site.

NOTE: The outcome of both scenarios was the SAME.

Which if any are considered "Fraud?" What is the real difference between this and paying a PPC company to send those clicks directly to an affiliate site?

I understand why CS is illegal. But I cannot wrap my mind around why using a CJ script on your OWN site to send traffic you PAID for to an offer is illegal. Against TOS probably, but illegal?

Thoughts?
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock