Computer Crime Research Center


Click fraud: a new kind of online fraud

Date: May 12, 2006
By: Brock Ketcham

Ed Cartwright of the Canadian Marketing Association (CMA) says CMA members are beginning to embrace so-called "search advertising" as an effective way to connect with potential purchasers of their online goods and services.

Unfortunately, though, search advertising is beginning to "click" with Internet ne'er-do-wells, as well.

Online businesses must drive people to their websites to prosper, and one way to do this is through search advertising, says Cartwright, senior director of communications for the Toronto-based CMA.

With search advertising, marketers pay search engine companies such as Google Inc. and Yahoo! Inc. to display their text-based ads on Internet surfers' computer screens when these potential customers use specific keywords related to what the business is selling.

Typically, the search engine charges the advertiser per click - a penny per click, for example, or 49 cents, depending on the amount that the advertiser bid for the right to have its ad pop up on the screen when triggered by a search word.

However, "click fraud" is becoming the online scam du jour. Click fraud occurs when a user intentionally clicks on an ad for a reason other than to view the underlying content. The bogus clicks may occur dozens, even hundreds or thousands of times.

In documents filed with the U.S. Securities and Exchange Commission (SEC), Google Inc. acknowledges that this shady practice is a potential threat to the viability of this medium, which has emerged over the past four years.

Cartwright says his association's members are on their toes. "It's on their radar screens," he said. "Search marketing is a very, very growing trend, but some issues have to be resolved."

Members, he added, must "be protected from any unethical practices that are going on out there."

How does click fraud work?

Early on, this mischief was low-tech. Ringleaders in poor countries would hire squadrons of people to fire up their computers and click merrily away on the targeted ads on the Google screen display.

This still goes on today. However, its effectiveness was diminished in 2004 when The Times of India published an exposé, India's Secret Army of Online Ad Clickers, that described how shady middlemen organized click farms.

Since then, the computer world's sociopaths have developed software that creates worthless computer-generated clicks on pay-per-click ads. These clicks can be made to look like they are coming from different computers at different addresses.

The motives are as compelling and numerous as the reasons such miscreants should be condemned to an eternity in a small, windowless cell, stimulated only by the non-stop strains of the Spice Girls and the occasional flush of a toilet.

A competitor might want to drive up the advertiser's bill, quickly depleting the advertiser's budget. Disgruntled employees could be responsible. Or it could be nothing more than a teenager with an overactive pecking finger and the social skills of a turnip.

Click fraud has the potential to bring considerable harm to this promising medium.

"If we fail to detect click fraud or other invalid clicks, we could lose the confidence of our advertisers, thereby causing our business to suffer," Google Inc. says, in its Dec. 31, 2005 annual report to the SEC.

"We are exposed to the risk of fraudulent clicks and other invalid clicks on our ads from a variety of potential sources. We have regularly refunded fees that our advertisers have paid ... If we are unable to stop these invalid clicks, these refunds may increase."

How does search-engine advertising work?

With Google's AdWords program, advertisers use the company's automated tools to create text-based ads, bid on the keywords that will trigger the display of their ads and set daily spending budgets.

AdWords uses an online auction system that allows prospective advertisers to bid on what they are willing to pay for prominence in the ad listings.

Over the past couple of years, advertisers who have twigged to click fraud have successfully demanded partial refunds based on an educated guess on what percentage of the clicks were fraudulent.

Last month, Google announced that it would pay as much as $90 million to settle an Arkansas lawsuit filed on behalf of all Google advertisers. The agreement covers all advertisers who claim to have been charged but not reimbursed for invalid clicks dating from 2002, when the company announced its pay-per-click program.

So what is Google doing to stop click fraud? Shuman Ghosemajumder, Google's business product manager for trust and safety, says in a Google blog that his company ferrets out invalid clicks through such tactics as looking at duplicate IP addresses, user session information, network information, geo-targeting and browser information.

"The technology we use to detect invalid clicks is highly sophisticated and was developed by some of the world's leading experts - PhDs in artificial intelligence, machine learning and statistics," says Ghosemajumder. "By far, most of the invalid clicks we see are detected and discarded by our automatic filters even before they reach advertisers' accounts."

Ghosemajumder says Google occasionally receives click fraud claims from its clients. "When we believe those clicks are invalid, we reimburse advertisers."

Click fraud does not appear to have slowed down search advertising. According to the online magazine eMarketer, search advertising income totalled an estimated $5.4 billion - 42 per cent of all 2005 online advertising dollars in the U.S. The magazine estimates that this figure could increase to $9.6 billion by 2009.

So mischief-makers be warned: Titans such as Google and Yahoo! have a lot at stake. If they catch you messing with their search advertisers, expect them to use the power conferred upon them by their billions of dollars to come after you so hard that your great-grandchildren will still be paying the legal bills.

(Brock Ketcham is an Edmonton-based writer who specializes in consumer and public policy issues. He can be reached at [email protected])
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2007-08-02 17:28:55 - that was stupid. try to show some... adam
2007-01-15 17:11:58 - Great work!... Craig
2007-01-15 17:11:57 - Good design! My homepage | Please visit Tina
2006-12-23 18:06:48 - Nude Busty Tanned Blondes Fucked In... busty adventures
2006-12-23 12:22:31 - Busty Babe Shows Huge Tits & Fingered Cunt busty
2006-12-22 23:53:21 - Brunette With Huge Boobs Titty Fucking &... big tits
2006-12-21 05:00:56 - Throat Gaggers Gonzo
2006-12-20 22:45:29 - Extreme Interracial Gangbang Sexy Fucking... Gang Bang
2006-12-20 16:41:30 - Blond Babe With Big Tits Sucking & Titty... Cumshot
2006-12-20 10:20:54 - Hot Babe Double Penetration Ass-to-mouth... Double Penetration
Total 43 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo