For the more complicated cookie commission theft, yes, some technical knowledge is required, but there's an even easier way to do it.
If the visitor accepts third party cookies (i.e. cookies not from the site they're actually on), all the webmaster needs to do is call the page that drops a cookie to load within their site -- cookie dropped.
Luckily, most modern browsers ship with third party cookies disabled, so it shouldn't be a huge concern. One downside to the spyware removers, though, is that it cleans *all* advertising/affiliate cookies, so people may actually be wiping out your cookies when it does a clean up.
~ Teli
|