click fraud

Malware And Malvertising via @adexchanger

The online advertising world continues to be challenged by ne'er-do-wells as Click Forensics released results from its latest quarterly, deep-dive into the company's fraud detection data. The Company identified challenges with display advertising where "a pop-up or pop-under (...) rotates brand advertisers' banner ads every 10-15 min in an effort to seemingly boost impression figures." Read the release.
Click Forensics

CEO Paul Pellman discussed the latest on malware and malvertising. How is the malware scheme you describe reaching websites - through display ads from exchanges, specific ad networks? Any ideas on how it can be prevented?

PP: The Click Forensics Malware Lab has been finding two generic types of malware.  The first, more common version, is actually installed on the visitor's machine as a result of some other seemingly innocent download.  It can be spread via e-mail attachments or through lots of "freeware" that people install on their machines.  Once installed, these Botnets can take control of browser functions or simply open pop-unders to display ads for nefarious ad networks.  The best way to prevent these is for visitors to be diligent and use updated antivirus software from Symantec, McAfee, and others.

The second type is not really malware at all, but is the one more commonly talked about in AdExchanger circles.  Namely, visitors to ad supported sites get served all sorts of ads that they never see, whether in pop-unders, zero-by-zero iFrames, or invisible pages.  The generic term for these schemes is "ad stuffing."  Advertisers can protect themselves from both types of fraud by employing ad verification and/or audience verification platforms.

What IS the malware? Any trends there?

Much of the malware we found recently came from different types of toolbars.  These are browser plug-ins that purport to assist with search or provide some other value for the visitor (weather, sports scores, etc.), but in reality are also hijacking browser activity for the benefit of the author.  One toolbar we found turned organic search results into paid clicks by routing searches to a parked domain site and channelling clicks through several ad networks.  It's very difficult to trace which are complicit in the fraud and which are innocent participants.

From a marketer's perspective, would using frequency caps or buying on a CPC basis might lessen the impact of inflation impression?

Frequency caps might help a display advertiser minimize the impact of these schemes, but it can't defeat them completely.  As far as converting everything to CPC, it might work in the very short term but, as we well know, click fraud becomes an issue.  The best protection is the diligent monitoring of campaigns and the use of an audience/ad verification platform.

I didn't see you mention malvertising versus malware in your release. Do you distinguish between the two?

We use "malvertising" to refer to ads that send visitors to a place that is bad for them.  The ad itself may not be infected, but its intention is to trick the visitor into doing something damaging.  For example, the ad on a little over a year ago warned visitors to click through to a site where they could "update their virus protection."  Of course the download included all sorts of malware, but the ad itself was more accurately described as malvertising.

By John Ebbert


Click Fraud Falls In Q4 2010

The overall click fraud rate in Q4 2010 was 19.1 percent which was lower than the Q3 2010 all-time high of 22.3 percent, but higher than the 15.3 percent rate for Q4 2009, according to the latest report from Click Forensics. 

Click Forensics Malware Lab identified a new malware scheme targeting display banner ads. The program performs a pop-up or pop-under and rotates brand advertisers’ banner ads every 10-15 min in an effort to boost impression figures.



In Q4 2010, the countries outside North America producing the greatest volume of click fraud were Japan, the Netherlands, the Philippines, Sweden and France, respectively. 

“While the overall click fraud rate dropped last quarter for CPC advertising, we saw the emergence of new schemes focused on display advertisements,” said Paul Pellman, CEO of Click Forensics

“We are investigating the malware-driven attacks in more detail, but early evidence points to an impression inflation scheme. It’s something we will examine more closely and report on later this year.”

Tom Cuthbert 


The State of Cybercrime via @mashable

via @mashable

by Jolie O'Dell

How much does it cost to buy a stolen credit card number on the black market? What about renting a botnet or setting up a fake online store designed to steal user identities?

Cybercrime involving stolen credit card numbers, money laundering, botnets and other black-hat activities is a huge business online. A new report [PDF] from PandaLabs uncovers the going price for some of the most popular kinds of cybercrime, and most InternetInternet users would be surprised at the numbers behind common forms of online crime.

For example, you can purchase bank details for accounts with confirmed six-figure balances for $80 to $700. You can find someone to design and publish a fake online store for between $30 and $300. A credit card-cloning machine costs $200 to $1,000, and an actual fake ATM, which steals valuable credentials from anyone who uses it, can be bought for a mere $3,500.

According to a statement from PandaLabs, “This cyber-criminal black market caters to buyers’ needs just like any other business and functions in similar ways.”

“Since there is a great deal of competition in this industry, the rule of supply and demand ensures that prices are competitive, and operators even offer bulk discounts to higher-volume buyers,” the report continues. “They will offer free ‘trial’ access to stolen bank or credit card details, as well as money back guarantees and free exchanges.”

Most sellers and buyers remain relatively anonymous in these transactions, however, conducting transactions over IM apps and making and accepting payment through services like Western Union, Liberty Reserve and WebMoney.

The report also states that, while exact metrics are lacking, the business of cybercrime appears to be more prolific than ever.

“Although we don’t have precise data,” the report reads, “we believe that this nefarious business has expanded with the economic crisis. Previously it was in no way easy to locate sites or individuals dedicated to this type of business, yet now it’s relatively simple to come across these types of offers on underground forums.”

Stains of malware are also on the rise, particularly ones designed to steal bank details. Currently, trojans account for 71% of all new malware, up from 49% in 2005. And 99% of the time, malware is intended to targetWindowsWindows operating systems.

“Five years ago,” the report states, “there were only 92,000 strains of malware cataloged throughout the company’s 15-year history. This figure rose to 14 million by 2008 and 60 million by 2010.”

For consumers who wish to protect themselves from this kind of cybercrime, take the following common-sense precautions:

  • - Sign your credit and debit cards as soon as you receive them.
  • - When paying by card in a brick-and-mortar store, make sure your card is always in view.
  • - Destroy any physical correspondence that includes your name, address, Social Security details or account numbers; and don’t let mail sit in your mailbox for too long.
  • - Save and destroy all your ATM receipts or destroy them.
  • - Clear browsing data, including cookies and temporary files, after making an online purchase.
  • - And of course, never save or write down your passwords, keep your antivirus software up to date and only shop online at trusted sites.

Image courtesy of FlickrFlickrarenamontanus


Click Fraud Climbs With Mobile Gear

New York Times

Over the last year, the rate of click fraud has risen drastically, reaching the highest rate since measurement began in 2006, according to Click Forensics, a firm that analyzes traffic on behalf of advertisers and ad networks.

Tony Cenicola/The New York Times

Click fraud is the practice of creating dummy Web sites to host online ads, peppering those ads with computer generated-clicks, and then collecting money from unwitting advertisers for those clicks. The clicking is often carried out by “botnets,” or networks of hijacked personal computers, harnessed together by a virus.

Paul Pellman, the chief executive of Click Forensics, said that the firm had begun seeing fraudulent clicks routed through mobile devices, like wireless Internet cards. Such clicks are harder to detect than those coming from wired computers because the wireless card effectively disguises the origin, lumping them in with legitimate mobile users under a single originating address.

“The mobile traffic is getting to be large enough that they can hide within that traffic,” Mr. Pellman said.