IDN Forums - Internationalized Domain Names  
Home | Advertise on idnforums | Premium Membership

Go Back   IDN Forums - Internationalized Domain Names > IDN Discussions > General Discussion

General Discussion Feel free to talk about anything and everything in this board.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 26th July 2008, 04:15 AM
IDNer's Avatar
Senior Member
 
Join Date: Sep 2005
Location: IDNs.pro & IDN.club
Posts: 1,584
iTrader: (38)
Rep Power: 1698
IDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enough
Send a message via MSN to IDNer
Click fraud in 2nd quarter of 2008 more sophisticated, botnets to blame

Click fraud in 2nd quarter of 2008
more sophisticated, botnets to blame


Dancho Danchev July 25th, 2008


Quote:
Whereas the overall click fraud rate isn't increasing, it's not decreasing either, remaining flat for the first two quarters of 2008, according to data gathered from the Click Fraud Network, consisting of more than 4,000 online advertisers and agencies. Click Forensics report for the second quarter of 2008, indicates that botnets continue being used for click fraud, the preferred and more efficient approach compared to hiring human clickers on a revenue sharing basis.



Here are some of the key findings from data reported for Q2 2008 :

The overall industry average click fraud rate was 16.2 percent for Q2 2008. That's down slightly from the 16.3 percent rate reported for Q1 2008 and up from the 15.8 percent click fraud rate reported for Q2 2007
The average click fraud rate of PPC advertisements appearing on search engine content networks, including Google AdSense and the Yahoo Publisher Network, was 27.6 percent. That's down from the 27.8 percent rate reported for Q1 2008 and up from the 25.6 percent average click fraud rate reported for Q1 2007
For the first time, traffic from botnets was responsible for more than 25 percent of all click fraud traffic in Q2 2008
In Q2 2008, the greatest percentage of click fraud originating from countries outside North America came from China (4.3 percent), Russia (3.5 percent), and France (3.2 percent)
In previous Zero Day coverage for Q1 2008 (Botnets committing click fraud observed), we've already discussed the most common click fraud scheme in general, consisting of underground traffic exchange networks and renting botnet services, using an sampled activity from a single such affiliate based network showcasing that :

"1,264,204 bots that did 3,095,194 searches and 537,764 clicks made a total revenue of $5, 495, which when deducting percentage for the affiliate coordinating the campaigns, ends up with a profit of $3,605 - this is a great example of greedy affiliate managers taking high commissions."

Let's discuss the dominating click fraud scheme in Q2, consisting of an ugly combination of botnet ownership and a huge portfolio of parked domains serving ads which deliver revenue to the person behind the scheme.

Click fraud in Q2 2008 is said to be getting more sophisticated due to several new developments that greatly contribute to increasing activity on multiple cybercrime fronts. The fact that the greatest percentage of click fraud clicks is coming from China, is the direct result of a growing infrastructure that cannot be properly secured, and with over 4 million new ADSL subscribers in China for the first half of the year, these very same folks shape the threatscape by suffering their first malware infection, whose first-timer always-on Internet experience is a juicy target for even the most obvious types of malware attacks.

The second, and perhaps most important key development leading to the increasing sophistication of click fraud done through botnets, is that the people behind these scams are starting to put more efforts into ensuring that the junk content created at their web sites would increase the probability of having their botnet click on highly popular and consequently very expensive keywords, thereby earning more on a per click basis. Coming up with an approximate price for a keyword is done through third-party services keeping track of popular keywords. In fact, sometimes keywords in the content are irrelevant if they start taking advantage of typosquatted domains so descriptive that they'll attract a great deal of relevant and high priced ad links on hundreds of thousands of parked domains.

The abuse of parked domains is among the main reasons why Google is facing another click fraud lawsuit :

"In the new lawsuit, online retailer RK West, which operates the online store Malibu Wholesale, alleges it purchased ads Google without realizing they would appear on parked domains. Parked domains typically have no content other than ads. RK West alleges that many of the clicks generated by parked domains are "invalid." The company said in its lawsuit that it had been charged for clicks from parked domains "that had little relation to its business."

"Despite indication that some of the clicks from parked domains were invalid, Google failed to disclose to the plaintiff specific domain names in which these ads were clicked on, making detection of invalid clicks difficult and even worse concealing any evidence of invalid clicks," the lawsuit alleges. RK West eventually went through its server logs and discovered the source of the clicks, said Alfredo Torrijos, one of the company's attorneys. "

Botnets are doing what they've always been doing, committing click fraud on behalf of those who've researched and exploited news schemes and tactics. The problem can be at least partly minimized by ensuring that known malware infected hosts who've been spamming, phishing, and generally those who are not to be trusted, and any of their interactions not just on the authentication level in order to prevent them from registering a couple of hundred bogus email addresses, are either challenged, or their clicks flagged as highly suspicious.

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and E-crime incident response. Dancho is also involved in business development, marketing research and competitive intelligence as an independent contractor. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis.
http://blogs.zdnet.com/security/?p=1555
Reply With Quote
  #2 (permalink)  
Old 26th July 2008, 05:17 AM
Rubber Duck's Avatar
Veteran
 
Join Date: Sep 2005
Location: Czech Republic (For those of you from USA = Chechnya)
Posts: 15,929
iTrader: (59)
Rep Power: 4513
Rubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura about
Re: Click fraud in 2nd quarter of 2008 more sophisticated, botnets to blame

Quote:
In Q2 2008, the greatest percentage of click fraud originating from countries outside North America came from China (4.3 percent), Russia (3.5 percent), and France (3.2 percent)
So where does the vast majority of the fraud come from. Since they are happy to acuse everyone else, could we not have been a bit more explicit on this point? :p
__________________
All offers to sell are void.
Reply With Quote
  #3 (permalink)  
Old 28th July 2008, 05:45 AM
Drewbert's Avatar
Administrator
 
Join Date: Feb 2006
Posts: 6,091
iTrader: (20)
Rep Power: 0
Drewbert is a tad dodgyDrewbert is a tad dodgyDrewbert is a tad dodgyDrewbert is a tad dodgyDrewbert is a tad dodgyDrewbert is a tad dodgyDrewbert is a tad dodgy
Re: Click fraud in 2nd quarter of 2008 more sophisticated, botnets to blame

"botnets to blame" = "microsoft to blame"

And still the Feds don't move in with handcuffs.
__________________
It's all jaded style to me.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 11:57 AM.

Site Sponsors
Your ad here
buy t-shirt
מחיר הזהב

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Copyright idnforums.com 2005

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54