5x on dining you tell me? Hell yeah! But wait.. why is the email you sent me a giant image that hyperlinks to the application?
I’ve recently noticed a bunch of scam like emails coming through, and initially thought that they were phishing scams. In the interest of journalism I clicked the link, and discovered it was an affiliate spam gig instead. The link never actually loaded, but it has all the components of affiliate tracking, though you have to strip off the shortcode first (by clicking it…) note I don’t recommend clicking such links as they can get you right into malware and other things.
Anatomy of an affiliate link
Not all links are the same, but this pattern is quite common. 1 or more component is used to track the source of the link, and therefore attribute the revenue to the right person. This link had 3 components, this is often used to identify different things such as:
- Channel (what global account is linked on the Vendor side, eg Chase)
- End user (who is pimping the card)
- Campaign/Offer (many banks offer the same card with different versions of an offer to see who bites, eg 40K vs 50K CSP offers)
The gig
This gig is one of several things, you buy a list of emails and:
- Send them genuine affiliate links to profit from the kickback.
- Send them a trojan horse and under the guise of a credit card offer, do something nefarious like install malware
- A combination of the above.
One thing I’ve noticed from the people who seek points and miles is that they are often happy to send out applications for things to test them out, and break into the next big thing. Additionally, they are happy to use their SSN to apply for things because they know it rebounds nicely.. so this might well make churners/gamers of the system more receptive to such spam/phishing techniques, or signing up for cash back portals that have little to no track record.
Be careful out there – and don’t click all image emails!
What’s the difference between affiliate spam for a bank card, spam for a bank card direct fro mthe bank, and an “opportunity” for churners/MSers? I think the lines are hazy and often intersect.
Unfortunately (or fortunately for some) for me, I’ve signed up for several do-not-spam do-not-snailmail lists before I really got into credit cards and now I regret not having some of these solicitations because I miss out on a lot of increased signup bonuses. But yes, at the same time, you should certainly be savvy and learn to spot “normal” ad links from malicious ones.
Well in this case it looks like it might be full on phishing! It is funny the things we do for free points though, including making our lives more complicated and wanting junk mail 🙂
Thanks for the heads up.
Matt, that’s a real Indian credit card, I have its cousin. I think its just affiliate spam.
Yep I think it is also, interesting approach.