Web attribution fraud
Toolbar injection
A malicious browser extension (think toolbar plug-in) injects cookies into the browser as a user navigates, feigning credit for an organically occurring event.
How they do it
- Malicious publisher has previously registered for advertiser’s affiliate program
- User downloads a malicious publisher’s toolbar plug-in
- User goes to advertiser’s website to shop
- User starts adding things to their shopping cart
- Before completing checkout, the toolbar drops a cookie in user’s browser, claiming credit for driving the sale
- User completes their purchase
- Advertiser attributes credit to malicious publisher, even though they provided no value in driving the sale, and pays them a percentage of revenue
![Toolbar injection](/wp-content/pf-assets/static/web-toolbar-injection-79b7eb885a3afa75871e91894c55a54c.gif)