May 20th, 2006

Click Fraud Snowballs

by

From Help Net Security comes the astonishing revelation that a botnet comprising more than 34,000 infected computers has been perputrating click fraud against pay-per-click systems like Google AdWords. Let’s do some math:

10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud

100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud

100 clicks/day X $5/click X 34,000 computers X 365 days = $6.2B annual fraud

For the first 3 months of 2006, Google reported $928 million in “network” ad revenue, on track for $4 billion in 2006. What if 5% of that is fraudulent? What if it’s 10% or 25% or 40%?

Google has made an astonishing amount of money on pay-per-click advertising. For Google investors and insiders, it’s almost too good to be true.

What if it is?

Comments (14 Responses so far)

  1. Google, basado casi al 100% en la publicidad. Por ejemplo, en febrero una revista financiera seguraba que las acciones de la compañía deberían cotizar al 50% de su precio en Bolsa si se demostraba que el porcentaje de clicks falsos era del 20%. EnPublishing 2.0 han hecho unos cálculos de lo que podría suponer el fraude con esta red de ‘Clickbot.A’, y sería de 124 millones de dólares anuales si desde cada PC infectado se hacían 10 clicks al día, a un coste

  2. of how to make money on the Web, something I am very interested in. I do now see why so many sites find alternative models to the pay-per-click model. I was told about this bot-net being unravelled early last week, but I had no idea it was this big.Click Fraud Snowballs

  3. The financial impact of the fraud scheme could be tremendous. Depending on the number of clicks and cost per click of each ad, the numbers may reach into the billions. Publishing 2.0 writer Scott Karpprovided some possible figures in his post on the issue: 10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud 100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud

  4. for the creators. According to the data collected so far, the scam is exploiting a global network comprising more than 34,000 zombie computers (those infected by the bot).” Commenting on the story, Publishing2 did an interesting (albeit exaggerated)calculationto predict the extent of the damage. 10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud 100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud 100 clicks/day X $5/click X 34,000 computers X 365 days =

  5. Spitze des Eisbergs? Zum Vergleich: Anfang Mai wurde in den USA der “Betreiber” eines anderen Botnetzes zu fünf Jahren Haft verurteilt. Der hatte zeitweise 400.000 PCs (!) unter seiner Kontrolle. Es ist vermutlich zu früh, den Teufel (oder einenjährlichen Schaden von 6,2 Mrd. US-$, mehr als der 2005er Google-Umsatz) an die Wand zu malen, wie das jetzt einige Blogger tun. Vermutlich geht es im konkreten Fall “nur” um einen niedrigen sechstelligen Betrag, wenn überhaupt. Und doch darf man fragen, was da gerade vor sich geht

  6. This is a real concern for all advertisers, not simply because we keep seeing that such networks exist, but also because Google and Yahoo! refuse to be transparent in how our advertising dollars are spent. What is even more of concern is that PPC engines are rewarded for fraud, so there’s a real conflict of interest in tackling anything but the most superficial and easily detected areas of clickfraud.

  7. [...] The Clickbot.A Trojan installed on 34,000 vulnerable PCs has been exploiting pay-per-click advertising programs, and the amount of money stolen this way could make the legendary robberies of the past pale in comparison. Forget about “The Italian Job”. The Clickbot.A Trojan’s potential haul makes that look like, well, a movie. With antivirus firm Panda Software reporting the Trojan is on 34,000 PCs located in various parts of the world. The bots receive instructions from several web servers, according to Panda’s advisory: This allows the perpetrators to define, for example, the web pages on which the adverts are hosted or the maximum number of clicks from any one IP address in order not to arouse suspicions. Similarly, the number of clicks from the bot can be monitored as well as the computers online at any one time. The system used can evade fraud detection systems by sending click requests from different, unrelated IP addresses. Panda did not name company whose advertisements are being targeted by the Clickbot.A network. The Trojan activates on infected machines whenever a user launches Internet Explorer. The financial impact of the fraud scheme could be tremendous. Depending on the number of clicks and cost per click of each ad, the numbers may reach into the billions. Publishing 2.0 writer Scott Karp provided some possible figures in his post on the issue: 10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud 100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud 100 clicks/day X $5/click X 34,000 computers X 365 days = $6.2B annual fraud For the first 3 months of 2006, Google reported $928 million in “network” ad revenue, on track for $4 billion in 2006. What if 5% of that is fraudulent? What if it’s 10% or 25% or 40%? — Tag: Clickbot.A Add to Del.icio.us | DiggThis | Yahoo! My Web | Furl Bookmark WebProNews: View All Articles by David A. Utter Receive Our Daily Email of Breaking eBusiness News About the Author: David Utter is a staff writer for WebProNews covering technology and business. More top_news_top_news Articles Contact WebProNews [...]

  8. [...] A recently discovered ClickBot virus (actually, a Trojan Horse) reportedly has installed itself on some 34,000 “zombie” PCs running the Internet Explorer browser. While it is impossible to quantify the amount of money defrauded, the possible fraud dimensions have been speculated upon by Publishing 2.0’s Scott Karp, who poses the following scenario: [...]

  9. [...] “Google has some very good reasons for keeping parts of its business secret,” says the LA Times — what if one of those reasons is their knowledge of (and complicity with) rampant click fraud. [...]

  10. [...] Commenting on the story, Publishing2 did an interesting (albeit exaggerated) calculation to predict the extent of the damage. 10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud [...]

  11. [...] El fraude en los clicks (tanto realizado por humanos como por sistemas automatizados) en la amenaza más importante para el actual modelo de negocio de Google, basado casi al 100% en la publicidad. Por ejemplo, en febrero una revista financiera seguraba que las acciones de la compañía deberían cotizar al 50% de su precio en Bolsa si se demostraba que el porcentaje de clicks falsos era del 20%. En Publishing 2.0 han hecho unos cálculos de lo que podría suponer el fraude con esta red de ‘Clickbot.A’, y sería de 124 millones de dólares anuales si desde cada PC infectado se hacían 10 clicks al día, a un coste de 1 dólar por click. [...]

  12. [...] I predicted months ago that click fraud would cause advertisers to lose faith in pay-per-click advertising, and so it is coming to pass, according to a new study by Outsell that estimates click fraud at $800 million (not so far from the middle of my back-of-the-envelope estimates): The perception of pervasive fraud has prompted many advertisers to change their spending. Many are asking why they should fork over money – significant amounts, in some cases — for phantom shoppers. [...]

  13. [...] De beheerder van het netwerk van 34.000 geinfecteerde computers kon zijn virtuele klikleger de opdracht geven naar bepaalde sites te surfen, bijvoorbeeld van die zakelijke vrienden, met de opdracht op die sites tekstadvertenties te klikken. De virusbaas en de bevriende internetuitgever delen de inkomsten. Weblog Publishing 2.0 rekende voor dat dit virtuele leger van maar 34.000 computers een jaarlijkse schade op kan leveren van vele honderden miljoenen dollar per jaar, oplopend tot enkele miljarden. [...]

  14. Click Fraud is an interesting topic – one which both clicktracks and adwatcher will stop, one which will cost you an estimated 20% of your ad budget.
    This is an interesting article with valuable information. I have used both clicktracks and adwatcher to prevent clickfraud. What we and many other webmasters are starting to do is invest our marketing dollars into clicktracks, adwatcher or other ad tracker software.
    If you are looking for more information on adwatcher or clicktracks i recommend you take a look at: http://www.trackingsoftwarereviews.com they have full reviews on both clicktracks and adwatcher!

    Mike Baker

Add Your Comment

Subscribe

Receive new posts by email