A Hackers Guide to Internet
Marketing
By Mark Blaszczyk
marek@marek.co
Skype: Mark_Blaszczyk
Internet Marketing

Advertiser / Merchant



Network



Products
Offers
Broker between Advertiser and Publisher
Adds additional value
Publisher


Has an inventory of visitors
Monetizes inventory with advertisers offer
Ad Delivery
Whitehat Internet Marketing

Search Engine Optimization


relative quality content
Natural Backlinks



Media Buy Models (Paid Traffic)

Pay Per Click




Popups
Videos
List Building



Banners
Search
Pay Per Impression


Press Releases
Blog Articles
Email
Social Media
Result



High visitor retention
High Trust and Authority
High resource overhead
Blackhat Internet Marketing

Search Engine Optimization

garbage content with relative keywords


Automated Backlinks



.gov .mil .edu backlinks
Viral Marketing

Social Media



Spamdexing
Web 2.0 profile creation
Domain Sniping


Spintax {hello|hi|heya|gday|re} {world|planet|earth} {keyword1|keyword2}
Manipulating trends
Self Propagating ads
Result



Poor User Experience
Minimal Resources Required
Extremely Scalable
How to Kung Fu?
How to Kung Fu?


Find an Offer
Generate Traffic



Spamdexing
Viral Marketing
Prevention


How to hide
How to catch
Finding an Offer

What is a CPA offer?



What is an iFrame?


CPA referred to as “Cost Per Action” or “Cost Per
Acquisition”
Pays on an action of the user, generally data input
Frames allow a visual HTML Browser window to be split into
segments, each of which can show a different document
How can we abuse it?




Alter the appearance of an Advertisers offer
Remove Terms and Conditions
Ability to capture the data entered
Keep user on your site
Automation Tools


Finds related targets
Craft path

Break Captcha




Software
Outsourced
Account Activation
Sends Spintax data with link
XRUMER










Forum Poster
Created by Botmaster in Russia
Scans search engines for footprints (Hrefer)
Has its own self learning Captcha breaker
Automatically signs up and creates profile
Link is dropped in the user profile
Ability to create 2000 profiles per minute
Cost is $500 and $10 per month
Considered as the most aggressive in spamdexing
Provides poor quality links
ScrapeBox









Blog Commenter + more
Scan footprints from search engines
Internal Proxy Scraper
Outsourced Captcha breaking
Link is dropped in the Blog Comments
Approximately 250 blogs per minute
Considered as the Swiss Army Knife
Costs $97 for lifetime license
Provides Low to medium quality links
SENuke







Web2.0 Account Creator / Poster
Targets predefined list of Web2.0 properties
Ability to create Linkwheels
Ability to predict Captchas
Can generate 300 good quality posts in hours
Costs $149 per month
Creates medium to high quality links
Typical Process for Spamdexing





Find a Keyword that gets frequently searched
Register a Domain that fits
Create a simple website with keywords
Add advertising for monetization
Spam the link using tools above
Keyword Research
Brand New Domain
Run Spamdexing Tools



SENuke to create Linkwheel
Scrapebox to Web2.0 properties
Xrumer against all Scrapebox links
Blackhat Viral Marketing

A method of product promotion that relies on getting
customers to market an idea – without their consent.
Click Jacking
Click Jacking
http://www.repairservicemanuals.com/marek.html
Cookie Stuffing




Load 3rd Party Cookie with Publisher code
Merchant pays Publisher if referral code matches
Seen with iFrame, Object, javascript etc
User unaware
Cookie Stuffing Examples
Cookie Stuffing Examples
Privacy Invasion


Profile audience
Drive Target relative ads
Stealing Browser History
Who else does this?

youtube.com
technorati.com
charter.net
newsmax.com
namepros.com
yahoo.co.jp
sina.com.cn
microsoft.com
mail.ru
about.com
thesun.co.uk
perezhilton.com
Minimizing Detection

Blackhat


Proxy / TOR when Spamdexing
Browser Referrer Spoofing / Removal


Cloaking




Send visitor to legitimate site and javascript POST
Send Search Engine to content pages
Send visitors to money page
Send Dummy Traffic
Spread the offers amongst multiple Networks
Detection and Prevention

Advertiser / Network


Block all TOR traffic
Monitor leads



Blocked referrers will eventually leak due to browser incompatibilities
Detect if Offer page is in iFrame
Enable Browser Cookies and Flash Cookies

Prevents duplicate entries from same computer
Questions?
Resources






http://www.liesdamnedlies.com/ad_industry_101/
http://en.wikipedia.org/wiki/IFRAME#Frames
http://ghostcpa.com/documentation/
http://www.scrapebox.com/
http://www.benedelman.org/news/100708-1.html
http://cseweb.ucsd.edu/~hovav/dist/history.pdf