The ultimate guide to understanding all about affiliate link hijacking for beginners

The ultimate guide to understanding all about affiliate link hijacking for beginners - go big with affiliate marketing

You joined in some affiliate programs. You brought in your first affiliate sale. Yay! As a beginner, it’s an exciting thing. Right?

Well, think about this.

  • Have you ever heard about affiliate link hijacking?
  • Did you know that it’s possible to hijack your affiliate links?

I can hear you saying, feels dreadful to even ponder about it.

Unfortunately,  if you are careless with your affiliate links or if you are just getting started in affiliate marketing, you can be an easy target for those pesky hijackers.

No worries, I have a complete solution for you!

In this post, you’ll learn about:

  • What are cookies?
  • What is affiliate link hijacking?
  • how affiliate links are hijacked?
  • Different types of affiliate link hijacking
  • How to identify whether your affiliate links are hijacked?
  • how to safeguard your affiliate links from hijackers?
  • What is affiliate link cloaking?
  • What’s the difference between affiliate link cloaking and link shortening?
  • How to protect your affiliate links from hijackers using pretty links.
  • do you need to cloak your affiliate links?
  • Does link cloaking is bad in Amazon associates program?
  • And much more!

This is gonna be a long read, so pick up your favorite beverage and get ready.

Let’s jump in!

What are cookies?

Before getting into the details of affiliate link hijacking, let’s have a basic understanding of cookies and their functionalities.

Cookies are simple text files that download to your computer automatically when you browse through the internet. Although there are various types of cookies, they are used to track your internet usage, and to give you a personalized experience.

Affiliate vendors and product owners use cookies to determine which of their affiliates directed you to the offer. Usually, these cookies will have certain time limitations (24 hours for Amazon associates). If you purchase anything from the vendor within the cookie validity period, the affiliate that redirected you to this offer gets credited for the sale, and he/she will get their commission.

What is affiliate link hijacking?

As a beginner affiliate marketer, you may not have heard about affiliate link hijacking. It’s basically someone steeling your affiliate commission by changing your affiliate id to theirs.

Also, it is entirely possible for a clever hacker to hijack your cookie and get the sale that should have been credited to you. This is also known as session hijacking.

Did cookie hijacking happened before? Oh yes!

This article from business insider explains in detail about cookie hijacking, who did it, and what are the consequences for the perpetrator.

This guy, Shawn Hogan was able to acquire 28 million dollars from rightful affiliates to his own account.

I can feel the shivers passing through your spine. In fact, when I came across this post for the first time, it shook me to the core.

how affiliate links are hijacked?

The first time I read about affiliate link hijacking was from Neil Patel.

Here’s his explanation of how it exactly takes place.

Link hijacking does happen. Basically, someone can steal your commission by replacing the ID of the affiliate links with their own ID. For example, if your affiliate link was “,” the hijacker would simply replace your link with something like “newID.” You would see something like “” instead. This can happen if someone hacks into your website or gains access to your social channels where you feature your affiliate links.

Pretty shocking. Isn’t it?

I felt dumbstruck when I read it for the first time.

After recovering from the initial shock, I dug in a little bit and found another method of affiliate link hijacking that is unknown even to the savviest affiliate marketers.

Here’s how it takes place. You place your affiliate link with the brand name hyperlinked in your post. Someone lands in your site and that person is also an affiliate for that same brand. This person finds out that you’ve hyperlinked the same for which he/she is an affiliate.

After finding it out, this person hijacks the session of your site visitor, chops off your affiliate id/cookie/tracking id, and includes his/hers without replacing your domain name, and can fully control what happens from there on.

How is it possible? web professionals have a detailed post for this one.

They recommend the following to avoid this nasty situation.

  • Understanding the importance of cybersecurity, aka, in this case, your site’s security.
  • Learning about what cookies are, how they are related to affiliate marketing, how they are hijacked, and what you can do to avoid this from happening to you.

Before proceeding further with this post, I request you to go and read that article. It has so much valuable information geared towards beginner affiliate marketers.

Did you read it? I hope so and let’s move on to the next section.

Different types of affiliate link hijacking

There are several types of affiliate link hijacking, which we’ll get to it in detail in a little bit. But those different types can be classified into two major categories.

They are: reader based affiliate link hijacking and criminal affiliate link hijacking.

These two major categories are divided in to various sub-categories.

Reader based affiliate link hijacking: cookie avoidance and browser switching methods.

Criminal affiliate link hijacking: link swapping, malware based affiliate link hijacking, and poor quality vendors hijacking affiliate commissions.

There is a lot to cover, but I’ll give you all the info you need to prevent your affiliate links from hijackers. Let’s start with the reader based affiliate link hijacking methods.

Reader based affiliate link hijacking methods

These methods are also called soft link hijacking. As I’ve mentioned earlier, there are two sub-categories in this.

  1. Cookie avoidance method. This is an affiliate link hijacking method employed by the users of a website knowingly or unknowingly. Let’s say that you drive traffic to a post in your blog or to your landing page, where you promote a product. You include your full affiliate link. A new visitor comes to your site and sees your affiliate link. They can see the domain name of the product as well. Example your affiliate link: So instead of clicking on your affiliate link, he/she opens a new tab or a new browser window and types the original URL and removes everything after the domain name. Example link:

Why do a visitor act like this? Well, there are three major reasons to it.

  • Some hate others making money.
  • Some believe that when they go directly to the product vendor’s site, they may get a better deal, and this may not be true. Most good affiliates include quality bonuses.
  • And for others, they get the product information and search if any of your competitors offer better bonuses than you.
  1. Browser switching method. This is a simple concept to understand. We’ll look at an everyday example. Let’s say I want a pair of volleyball shoe. I search in Google using the Firefox browser and find your site and you have a post dedicated to volleyball shoes. I love one of the products listed in your post. I click through one of your affiliate link ( and land on the vendor’s site. Now, a cookie is automatically downloaded and stored in my Firefox browser’s settings. Unfortunately, I didn’t buy anything at that time. Later, I directly go to the vendor’s URL ( using a different browser (Chrome.)

What happens is that the cookie isn’t detected and you lose your commission, because it is stored in the Firefox browser where I initially visited the vendor’s site.

Also, if I deliberately clear the cache and cookies from my browser settings, you may lose your commission even if I use the Firefox browser for purchasing after that.

Like I said earlier, there are several reasons why a visitor acts like this. The three points I’ve mentioned earlier in the cookie avoidance section can be fully attributed to this type of user behavior. Apart from that, some users think that any code after the original domain name is a trap and they simply cutoff everything after that. For example: ( will be slashed like this. (

These practices are known in the affiliate circles as soft linkjacking.

I seriously believe that soft linkjacking has reduced drastically after the FTC issued the guidelines for affiliate marketing. Nowadays, if you disclose your affiliation properly and if your visitors trust you, they are indeed happy to use your affiliate link and help you make money.

Link swapping

When it comes to the criminal side of affiliate link hijacking, link swapping is a very basic method. It means that someone clicking on your affiliate link, getting all the information about the product, signing up as an affiliate, and using their link to purchase.

But these days, more and more affiliate networks, companies, and product owners won’t allow affiliates to purchase products from their affiliate link. Also, this method is a little outdated, yet you should be aware of it to avoid this from happening to you.

Malware based affiliate link hijacking

I believe that this is the more common and cruel way to affiliate link hijacking. There are many ways a criminal can implement this.

First up, you should understand that malware is a small piece of software that is designed to trick, cheat, or directly to rob you. It is generally known as a kind of virus that comes in more forms, and it has more disguises than you can think of.

We all know about the computer virus, but you should always aware of how hijackers are stealing your commissions using malware.

As an affiliate marketer, let’s imagine that you send traffic to a particular offer. One of your visitors is Cary. Now, Cary’s PC has malware that contains an affiliate link hijacking script. Cary loves your offer and she clicks on your affiliate link.

Here’s when the malware starts functioning. It identifies your affiliate link and the script changes your tracking id, and places the one provided by its owner. This happens normally and seamlessly, and you won’t have a chance to notice it.

In the end, the sale is credited to the malware owner and not yours. What’s even more shocking is that the popular hiding places for this type of malware are either in a browser toolbar or in a browser add-on.

The biggest problem that all affiliate marketers face till date is that it is near impossible to protect your affiliate link with this type of hijacking, as it is Cary’s responsibility to keep her computer with up to date anti-virus and malware protection program.

So, if the malware identifies and includes your raw affiliate link in its script, you’ll lose your commission from that moment onwards.

Poor quality vendors hijacking affiliate commissions

this section is not going to be applicable for most of the genuine affiliate vendors. Kudos to you wonderful people!

Now, consider this matter seriously. Not every affiliate vendor is honest and has a good reputation in the blogging community. Hence, I request you to do your thorough research before signing up for any affiliate program/network.

Trust me. It’ll save you from a lot of headaches and frustration.

These are the possible consequences of not doing your homework on an affiliate vendor/program/network.

  • They may indulge in link swapping.
  • They may drop your link completely after some time.
  • They may use their own malware script on your affiliate link.

You see, rotten apples are everywhere. I am not saying that every single one is going to use these insidious tactics. These things can happen to anybody in any niche. So please, please do your research before signing up for any affiliate program.

How to identify whether your affiliate links are hijacked?

In my knowledge, there is no software/plugin currently available to detect and inform you whether or not your affiliate links are hijacked. If you know anything, please let me know! You have to check every affiliate link manually which isn’t going to be feasible as your blog grows.

As I’ve mentioned earlier, beginner affiliate marketers/bloggers are an easy target for hijackers. In this technological age, bots and these pesky hijackers are constantly looking for ways to hijack blogs and affiliate links.

To give you some context, I got 18 spam comments to this blog and a couple of ridiculous emails from bots to my blog email address. Those spam comments and emails may have had malicious code, malware scripts, and so on. Thankfully, I’ve found every single one of them and deleted it without giving a second thought.

This spam count may not look big for some bloggers, but if you have just started your blog, it becomes that much challenging to identify spammers. I am fully aware that as this blog grows, I am going to get a lot of spam comments and spam emails. If it doesn’t happen that way, That’s awesome!

You can’t just flip a switch and stop that from happening. This is how it works. Also, I am not saying that every blogger in the universe is going to get spam stuff sent to them. Some will get, and some won’t.

Having said that, how am I protecting my blog?

Well, with the help of Antispam Bee.

For those of you who don’t know what it is, Antispam bee is a WordPress plugin that protects your blog/website from spam comments. As of now, it does an excellent job!

How to safeguard your affiliate links from hijackers?

The simplest way to protect your affiliate links from hijackers is to use an easiest, non-technical method called affiliate link cloaking. The basic motive behind cloaking is to protect you from affiliate commission theft.

When you cloak your affiliate link, you’ll get 100 percent of the reward for your efforts as an affiliate marketer.

What is affiliate link cloaking?

Before I get into the definition of affiliate link cloaking, you have to understand that it isn’t a shady or a nefarious practice. As a beginner, you may hear varying opinions on this, but as I said earlier, it is an effective strategy to fight against affiliate commission theft.

So, what exactly is affiliate link cloaking?

It is to simply put your affiliate link behind a redirect. In other words, placing an easy to remember URL that points your website visitor’s browser to another location.

Here’s an example.

Raw affiliate link:

Cloaked link:

What’s the difference between link cloaking and link shortening?

As a beginner affiliate marketer, you need to understand the difference between affiliate link cloaking and link shortening. Although these terms sound similar, but they aren’t the same.

Link shortening is taking a link and trimming it short. The reason behind link shortening is make URLS that are easy to share.

On the other hand, cloaking links means taking your original affiliate link and branding it to protect all the critical information such as your tracking id/cookie. The reason behind link cloaking is to make your URLS look professional and on point with your brand.

Example for link shortening:

Original link: /product/2498.htm

Shortened URL:

Example for cloaked affiliate link:

Original link:

Cloaked URL:

Now, I am sure that you can understand the difference between link shortening and affiliate link cloaking.

How to protect your affiliate links from hijackers using pretty links

If you are using wordpress as your blog platform, all you need is an easy to use plugin called pretty links. Here’s how you cloak your affiliate link using this plugin.

do you need to cloak your affiliate links?

Yes, you should. Apart from protecting your hard earned affiliate commissions from link hijackers, here are 6 reasons you must cloak your affiliate links.

  • It’s more appealing to your blog visitors to click through.
  • You’ll be able to track your affiliate link’s performance.
  • It has the potential to drive higher click-through rate.
  • Your affiliate link looks professional.
  • You’ll have clean URLS.
  • You can manage your links pretty easily.

From all the reasons above, tracking your affiliate link’s performance is a key indicator of whether the product you are promoting is a success or not.

Read more: 8 important metrics you need to track as a beginner affiliate marketer.

Does link cloaking is bad in Amazon associates program?

A. Big. Fat. Yes. Amazon doesn’t allow its affiliates to cloak their affiliate links. So much has changed in the world of Amazon associates program, but the one thing they stubbornly stick to is not allowing affiliate link cloaking.


Thank you so much for staying with me till the end.

The reason behind writing this post is to educate you (beginner affiliate marketers and bloggers) about the potential dangers of posting your raw affiliate links online.

Not everybody is going to allow affiliate link cloaking, and you should read the terms of the affiliate program before Implementing this strategy.

So, what if an affiliate program/network doesn’t allow cloaking? In my opinion, I’ll reconsider applying to that particular vendor, simply because I don’t want anybody to steal my affiliate commissions.

What are your thoughts? Share them in the comments section below!

Related posts

An introduction to ethical affiliate marketing for beginners

10 things you can achieve when you become a successful affiliate marketer

A comprehensive guide on do’s and don’ts of affiliate marketing for beginners

About Hari:

Hari loves writing about affiliate marketing, email marketing, and blogging for beginners. When he is not writing, you can find him actively watching tennis, or searching for the next recipe that’ll fulfill his heart.



94 thoughts on “The ultimate guide to understanding all about affiliate link hijacking for beginners”

  1. I think Amazon is a part of the problem. In fact, I think some of the companies who run Affiliate programs could be the culprit, themselves. I have not gotten credit for purchases that readers informed me that they made and I found products in my link click history that I did not link to. Plus they opened a store in my name before I completed the application. The part I hadn’t completed yet was adding my financial institution information. I had to open an entire new application because it would not allow me to go in and add it to the store that I had already opened. Then when I inquired about my missing earnings, they said they had no history of links being clicked on the store with the completed information. Instead, they were providing links for the store that they opened before I added my financial institution information. When I reported them to the Attorney General, they responded that they had no record of my account with them when they had actually closed my account for reporting them. We need better regulation of these Affiliate programs, for sure.

    1. hey Robyn Jones,
      thank you very much for your insightful comment.
      I’ve heard that some of the affiliate programs steel commissions from their rightful affiliates.
      what’s even shocking to know is that the affiliate managers will stay behind the scenes and help the affiliate program owners to do this illegal activity.
      but, it’s terrifying to know that amazon itself participates in such unhealthy activities.
      I 200 percent agree that these affiliate programs need proper regulation.
      do you still monetize your site with amazon associates?
      what’s your experience after that incident?
      please let me know!

  2. I know it’s Halloween an’ all, but your post really got me thinking… I’m not even there, but I realise I have to do serious homework even before I’ll choose to join some affiliate programs. Thank you for giving the solution to potential problems as well.

    1. hey Mihaela,
      thank you very much for your comment.
      glad you’ve found this post helpful!
      all the very best in your affiliate marketing journey!

    1. hey Amara Uche,
      thanks for your comment.
      glad you’ve found this post helpful!
      unfortunately, this is how some people are, and many bloggers don’t know about this issue.

  3. Wow, the length that people will go through to make money in a criminal way… I had no idea this was a thing. Thank you for sharing this 😱

    1. hey Valerie,
      thanks for your comment.
      glad you’ve learned something through this post!
      yes, this is possible, and unfortunately some people function that way.

    1. hey Lisa,
      thanks for your comment.
      glad you’ve found this post helpful!
      yes, it is a scary thing and thursty affiliates plugin is also a good choice to protect your affiliate links from getting hijacked.
      all the very best in your affiliate marketing journey!

  4. Wow this is some awesome info. I’ve never really read a lot on the subject and thankfully I cloak my links. I love that you told us about affiliate link hijacking and then taught us how to protect our links!

    1. hey Heather Ritchie,
      thank you so much for your wonderful comment.
      glad to hear that you cloke your affiliate links.
      teaching all about affiliate link hijacking and how to protect from affiliate commission theft is probably the reason for the success of this post!

    1. hey Katherine,
      thank you so much for your appreciative comment.
      yes, there are these pesky people looking to take advantage of others.
      that’s the reason for me writing this post.
      my dear readers,
      if you have some time, please read through the case that I’ve mentioned in this post.
      I believe every blogger must have some knowledge about it and protect their hard earned affiliate commissions.

  5. I read this and almost cried, someone hijacked my links and the feeling of devastation is hard to explain. Work I had done in over 4 years was wiped out in minutes as they changed every single link I had.
    Luckily, as quick as they were stealing my links, so quick I discovered it because I had to find out why out of nowhere my traffic and income were gone.
    It’s taken me time to replace my links and re-do most of the work, will get there some day but as said, this was a 4 years work so I can’t correct everything overnight.

    1. hey roamy,
      I feel really sad that you have to go through this horrific moment in your blogging journey.
      I also feel relieved that you have found it out really quickly.
      my dear bloggers,
      we should all be aware of this.
      affiliate link hijacking is a serious issue.
      4 years of blogging is a lot of work.
      it is so sad to see my fellow blogger go through this unwanted event.
      please take the necessary steps to protect your affiliate links and your hard earned affiliate commissions.
      roamy, our prayers are with you.
      surely, you’ll come out of this much stronger, and you will achieve your blogging goals.

      1. Thanks Hari
        It’s a horrible, horrible feeling, helplessness, frustration, anger, and just confusion.
        And, this person found where the loop was (Amazon links). For a while, they knocked the wind out of me, I felt physically unable to do anything on my website and to be honest, the energy is not back to where it used to be.
        It’s something that should not happen to anyone, but having said that, if it could happen to me, it can sure happen to anyone and I`m sure it’s happening everyday without people knowing it.
        Once more, thanks so much and I really hope anyone lucky enough to land on this site will take the time to read the whole post.

        1. hey roamy,
          I really, really understand your feelings.
          I could see the frustration in your words.
          I totally agree that many bloggers doesn’t know about this issue.
          as I said in my earlier comment, we are all with you.
          please don’t mistake me.
          they can takeaway your affiliate commission and your traffic, but you can recover them with your effort.
          what they can’t takeaway from you is your talent, knowledge, and your strategies.
          I am sure that you’ll become a rock star blogger.
          all the very best and god will give you abundance of great things!

  6. thanks for the information! I thought I know well about affiliate link but this is seriously the most detailed blog post I’ve read by far, thank you!

    1. hey Eboni,
      thanks for your comment.
      glad you’ve found this post helpful!
      yes, there is a lot to know when you are running an online business.

      1. hey charmaine macdonald,
        thanks for your comment.
        glad you’ve found this post useful!
        now that you’ve learned about it, please protect your affiliate links!

    1. hey Morgan,
      thanks for your comment.
      this is the case with so many bloggers.
      it is a real thing.
      glad you’ve found valuable information in this post!

  7. thanks for giving us this information worth the read. Just like the others no idea this is happening.

    1. hey Erin,
      thanks for commenting.
      this is the case with so many beginner affiliate marketers and beginner bloggers.
      hope you’ve found helpful information!

  8. Lots of great information here! Thank you! It’s sad to think this could be a problem! But good we can protect ourselves. Thank you for sharing! 🙂

    1. This article is extremely important and on time. I never new affiliate marketing was susceptible to hijacking. I know nothing about affiliate marketing and I definitely need to learn more.

  9. Wow, yikes! I have never heard of this, but I am so glad I found your post. Thank you for educating me with a thorough explanation. I really appreciate it!

    1. hey STACY BOSWELL,
      thank you so much for your comment.
      glad you’ve found valuable information in this post!

  10. Hari! I commented after recovering from the initial shock (your words!). I had no idea about this, so thank you for sharing the knowledge!

  11. I’ve heard of this and use Pretty Links. I guess I should be upgrading to the pro version to cloak my links. Sad that this is even an issue. Thanks for an informative and super helpful post.