Affiliate marketing is one of the most legitimate ways to earn income online. It’s also one of the most impersonated. As more people apply to affiliate programs, scammers have found a reliable way to intercept them – and the emails they send look almost identical to the real thing.
This article is based on a real experience. Here’s exactly what happened, what we almost got wrong, and the verification process that should protect you every time.
What Happened – The Real Story
After publishing an article about making money on Fiverr, we applied to the Fiverr Affiliate Program through their official website. A few days later, an email arrived.
The subject line: “Your Application – Confirmation!”
The sender: Xxxx Xxxxxx at Fiverr Affiliate Team.
The email was professional. It referenced our exact article URL. It mentioned our email address. It confirmed they had received our application and asked us to verify website ownership by sharing a screenshot of our WordPress backend or domain registration access.
There was one problem. The sending domain wasn’t fiverr.com.
It was 5rr5.co.
Why This Triggered Every Red Flag
Look at that domain again: 5rr5.co
Say it out loud. Five – arr – arr – five. Now say Fiverr. The resemblance is intentional. This is called a lookalike domain – a domain registered specifically to impersonate a legitimate company by mimicking the visual or phonetic appearance of the real domain.
The email was CC’d to affiliates@fiverr.com – the real Fiverr affiliate email address. This is a tactic designed to create the illusion of legitimacy. Anyone can CC any email address on any email. Being CC’d doesn’t mean Fiverr sent it or approved it.
The request itself was the biggest red flag: a screenshot of your WordPress backend or domain registration access.
Legitimate affiliate programs verify website ownership through:
- Meta tags inserted into your site’s HTML
- DNS record verification
- A tracking pixel or code snippet
- Simply checking that the site exists and has relevant content
They never need to see your WordPress admin panel. That request, from any source, should stop you cold.
What We Did Right
We didn’t send anything. Instead we offered alternatives:
“I am willing to prove the ownership, but with all due respect, I will not give access to my site to anyone. I am willing to insert a meta tag in the page or display an image of your choosing.”
That response was exactly right. It offered legitimate verification while protecting access to sensitive systems. A genuine affiliate program would have accepted that immediately.
We also independently verified the sender domain before responding further – and the 5rr5.co domain is not registered to Fiverr International Ltd.
The Plot Twist – It Was Actually Fiverr
Here’s where the story gets more useful than a simple scam warning.
After we flagged the email as suspicious and reported it to Fiverr support, Fiverr’s official support team followed up to confirm: the email was authentic. Xxxxx was a real member of their affiliate team. The unusual domain was his actual work email – not a spoofed address.
So the email was legitimate. But our response was still correct.
This is the most important lesson: the right verification process protects you regardless of whether the email turns out to be real or fake. We didn’t accuse anyone of fraud. We simply declined to share sensitive access and offered a legitimate alternative. That’s not paranoia – that’s standard practice.
If the email had been from a scammer, we’d have protected ourselves. Since it was legitimate, we lost nothing by being careful. Fiverr confirmed our application was still under review and the process continued normally.
The Red Flags Checklist
When you receive any email claiming to be from an affiliate program, check these before doing anything:
1. Check the sending domain – not the display name. Your email client shows a display name (“Fiverr Affiliate Team”) and a sending address. Click on the sender name to expand the full address. The domain after the @ symbol is what matters. fiverr.com is legitimate. 5rr5.co, fivverr.com, fiverr-affiliates.co – all red flags.
2. Common lookalike tactics to watch for:
- Replacing letters with numbers (fiverr → 5rr5, paypa1 → paypal)
- Adding words (fiverr-affiliates.co, amazon-partners.net)
- Changing the TLD (fiverr.co instead of fiverr.com)
- Subtle misspellings (fiverrr.com, fivver.com)
3. Check the CC field carefully. A scammer CCing the real company’s email doesn’t make the email legitimate. It’s a common trick to create false credibility.
4. What they’re asking for. Legitimate programs verify ownership through:
- Meta tags you add to your site
- DNS TXT records
- A code snippet installed on your site
- Google Search Console integration
They never need your admin password, a screenshot of your backend, or access to your hosting account.
5. When in doubt – verify through official channels independently. Don’t reply to the suspicious email asking if it’s real. Go directly to the company’s official website, find their support contact, and ask them separately whether they sent the communication.
Affiliate Program Scams – What They’re Actually After
Understanding the goal helps you spot the pattern. Scammers targeting affiliate applicants are typically after one of three things:
WordPress backend access – once they have your admin login or a screenshot showing your admin URL and user list, they can attempt to compromise your site, inject malware, or use it to host phishing pages.
Domain registration access – access to your registrar account lets them transfer your domain away from you. A domain with traffic and established SEO value is worth real money.
Personal information – name, address, tax information. Affiliate programs legitimately collect some of this for payment purposes. Scammers collect it for identity theft.
The Broader Pattern – It’s Not Just Fiverr
Affiliate program impersonation happens across the industry. Amazon Associates, ShareASale, Impact, and major individual programs have all been impersonated. The pattern is always the same:
- You apply to a legitimate program
- Scammer monitors newly published content or affiliate directories for fresh applicants
- Scammer sends a convincing verification email from a lookalike domain
- Email requests sensitive access under the guise of “verifying ownership”
The timing is what makes it convincing – you applied recently, so an email about your application feels expected.
What to Do If You Receive a Suspicious Email
- Don’t click any links in the email. Navigate to the company’s site directly.
- Check the sending domain – expand the full address.
- Offer alternative verification – meta tag, Google Search Console, or DNS record.
- Report to the real company – forward the suspicious email to their official support address so they’re aware their brand is being impersonated.
- Don’t accuse – just decline and verify. As our story shows, the email might turn out to be legitimate. A polite “I’ll verify through alternative means” protects you without burning a bridge.
Being cautious costs you nothing if the email is real. Being careless costs you everything if it isn’t.