« September 2004 | Main | November 2004 »
October 28, 2004
Pay-Per-Trick: Half Of All Ad Clicks Deemed Fraud
PAY-PER-CLICK (PPC) ADVERTISING MODELS, WHICH compensate networks or their affiliates each time a user clicks on a link, were always considered to be something of an honor system. But new data coming to light this week reveals that PPC fraud is far more significant than many industry observers would have imagined. According to research released by Web analytics provider Clicklab, fraudulent clicks can account for more than 50 percent of all advertising fees attributable to certain categories.
The data provides a rare public snapshot into a segment of the industry that is controlled and rarely disclosed by companies that manage their own proprietary databases. And while a big player like Google, for example, does not disclose its fraud rates, the problem is significant enough that Google underlined it in its IPO filing with the Securities and Exchanges Commission as a potential risk that investors should worry about.
PPC fraud essentially breaks down into two primary areas: Competitor fraud, in which competitors run programs that repeatedly click on competing advertisers' sponsored links in order to deplete their daily ad budget, or affiliate fraud, in which affiliates utilize similar programs that repeatedly click on a link in order to increase their compensation.
Dmitri Eroshenko, Clicklab chief executive, declined to mention specific categories, citing potential client conflicts, but noted that fraud has been "much more than 50 percent" in some instances.
Click fraud is more prevalent in the B2B space, Eroshenko said, where keyword bid prices can approach $100 per click. Higher PPC rates often mean higher click fraud rates, he said, adding that the trend will likely continue in categories that garner expensive PPC rates.
"Fraudsters," as Eroshenko calls them, create automated programs that repeatedly go to Google or Yahoo! and click on the same sponsored link. These programs will click through to the landing pages, triggering the advertiser or affiliate fee, abandon the session, and then repeat.
Competitors will also run programs that repeatedly click on competing advertisers' sponsored links in order to deplete their daily ad budget. Eroshenko said some of these programs also adversely affect ranking criteria by abandoning user sessions after clicking through to a landing page, which results in a blank impression.
Affiliates, which receive commissions for referring users to merchant pages via links, write computer programs that repeatedly click on merchants' paid listings, thereby generating incremental, but illegal referral revenues for each click.
According to Eroshenko, the best way to combat the growing problem of click fraud is by monitoring analytics programs, many of which are equipped to stamp out some of these problems.
JupiterResearch Senior Analyst Gary Stein noted that "most analytics packages have some kind of fraud detection function, using IP addresses, timestamps, and so on. But it's an arms-race," he said. "Just like viruses."
Stein opined that the search categories in question probably included the affiliate-heavy pharma and health sectors. He said the results were not all that surprising, as "certain categories are loaded with scammers."
"I think click fraud is a problem," he added, "but one that's being watched. I'd be surprised if, over the enter category, you can say that [PPC fraud penetration] is anywhere near 50 percent."
Spyware research guru Ben Edelman seemed to think the problem needed closer attention, but noted the difficulty in obtaining the necessary data to conduct click fraud research. "I think the problem of click fraud is very real -- much bigger than Google et al ever want to admit," Edelman said.
However, Web analytics providers like Clicklab are the gatekeepers to the client data that researchers need to flush out these problems.
Edelman called Clicklab's methodologies "interesting," but "inadequate." He said Clicklab "will detect some, but by no means all" attempts at click fraud. "That said," Edelman added, "it's not immediately obvious how to do a better job here. It's a truly hard problem."
Staff Writer
by Ross Fadner, Tuesday, Sep 28, 2004 12:00 AM EST
http://publications.mediapost.com/index.cfm?fuseaction=Articles.showArticle&art_aid=20525
Posted by Hans A. Koch at 12:00 PM | Comments (0)
October 22, 2004
Google Sues Alleged Click Fraudsters
SearchEngineLowdown: Google Sues AdSense Fraudsters
Google cracked down on alleged click fraudsters today, suing Texas-based Auction Experts for allegedly clicking on their own AdSense links in order to generate more per-click income. Google's complaint said that the firm "flagrantly abused the AdSense Online service by artificially and/or fraudulently generating ad clicks." Click fraud has become an increasing problem for pay-per-click advertisers, especially among categories that command very high click prices.
22 Nov 2004
http://www.marketingvox.com/archives/2004/11/22/google_sues_alleged_click_fraudsters/index.php
Posted by Hans A. Koch at 08:31 AM | Comments (0)
October 21, 2004
New Attacks and Defenses In Click-Fraud War
Just as antivirus and antispam vendors must constantly
upgrade their products to detect new kinds of attacks, an escalating battle of
software is raging against the scourge of online advertising — click fraud.
I reported in this space on Aug. 17 that some experts believe fraudulent pay-per-click schemes represent about 10% of billings in the rapidly growing field of paid search-engine marketing. I also found that spokespersons for the largest PPC advertising channels, Google.com's AdWords and Yahoo.com's Overture, were reluctant to say much on the record about these schemes and counter-measures that the sites are taking against them.
However bad the situation may be, it appears to be worsening.
The Anatomy Of Click Fraudclick fraud occurs when the people behind Web sites that display PPC ads — and receive a portion of the revenue — start self-clicking the ads repeatedly, either manually or using software to automate the clicks. To evade attempts by the major advertising channels to detect clicks coming from a single Internet Protocol (IP) address, such software uses techniques that generate fake but plausible IP addresses.
Vincent Granville, Ph.D., president of Data Shaping Solutions, a statistical consulting firm in Pittsburgh, Calif., says he's found lists of thousands of "anonymous proxy servers" on the Web. These servers can have legitimate uses, such as making one's Web surfing anonymous. But Granville points out that many proxies allow almost all identification of a visitor, including the country the visitor is in, to be faked.
Here's how this technique works:
• Find Anonymous Proxies. One of the proxy lists is SamAir.ru/proxy, a service based in Moscow, Russia. About 2,000 anonymous proxy servers are listed, sorted by the country where each server is located. About half of the servers are on IP addresses assigned to the United States.
• Find Elite Proxies. Many of the listed servers are described as "elite" proxies. These servers can not only give a person an anonymous IP address, they allow you to mask the fact that a proxy server is being used, among other things.
• Click Away. After an unscrupulous operator has set up numerous Web sites that feature PPC advertising, he or she can program software to click revenue-generating links via the proxies. These clicks can appear to be coming from the U.S. or any other country that may be an advertiser's target market. If the click-throughs are randomly timed and are buried within a mass of other click activity, the fake charges that are generated can be extremely difficult for an advertiser to detect.
Granville says he's currently consulting with several clients, including InfoSpace, which powers several meta-search engines, although he wouldn't be specific about how his statistical skills would be employed in the battle against click fraud.
The Robots Race Ahead
The sophistication of click-automation software is hinted at by sites such as ClickingAgent.com. This site, which also is based in Russia but is apparently unrelated to the SamAir site, sells both proxy-finding and click-automation software.
Here's how the site describes the steps in the process:
• Set Realistic Goals. "All banner clicks should come from unique IP addresses in reasonable time intervals," explains the More Info page. Also, "There must be reasonable show/click ratio for banners. It would be highly suspicious if every other visitor to your page would click a banner."
• Find Anonymous Proxies. The site offers a program called ProXYZ for $35. This software "checks every found proxy server against existing ones and adds a new proxy to the list," according to the site's SoftProXYZ page.
• Configure Clicking Agent. ClickingAgent, the heart of the technique, which the site also calls "CACA," is sold for $100 for use on up to two computers simultaneously. The program allows you to "define how many clicks it should do, what show/click ratio should be, how many simultaneous connections to use, and more," the site's SoftCACA page says.
When I wrote to the contact e-mail address provided by the site, I received a reply from a person who identified himself as Anatoly Smelkov. I called the phone number in Moscow that he provided and e-mailed him a list of questions.
"Ad companies are actively fighting such artifically generated banner clicks, but it's not a very simple task," Smelkov wrote in his response. "New ways of cheat protection are constantly developed, but the Web robots are also growing in power and features," he added. "I guess the only 100% working way to stop such activity is to close access to all public proxy servers."
The Advertisers Start To Fight Back
Jessie Stricchiola is president of Alchemist Media, a Los Angeles-based firm that develops click-fraud detection software and negotiates refunds from PPC channels on behalf of clients. She feels that online advertisers and high-tech thieves are locked into an endless race to outsmart each other.
"I don't see any point at which this issue will ever be resolved for either side with a total victory," Stricchiola says. "It'll be a constant battle as long as the current CPC [cost-per-click] model is maintained and isn't changed in some significant way."
Search engines that offer pay-per-click advertising aren't feeling enough pressure from advertisers to completely eliminate fraud, in her opinion. "For them to tweak or tighten down their click-fraud protection, it represents a significant reduction in their revenue," Stricchiola says. "They have no reason to do more than they're doing."
Click fraud looms as the biggest threat to online advertising, which generated $7.3 billion in 2003 and is once again rapidly growing, according to the Interactive Advertising Bureau and PricewaterhouseCoopers. More than one-third of that total was PPC search-engine advertising — double the market share of one year earlier — but few corporations will continue throwing money at the medium if click-fraud techniques grow fast enough to eat away at the advertising's cost-effectiveness.
By Brian Livingston
http://www.itmanagement.earthweb.com/columns/executive_tech/article.php/3410931
Posted by Hans A. Koch at 10:15 AM | Comments (0)
October 13, 2004
Clickfraud: Whose Problem, FTC, Search Engines Or Advertisers?
Adam Penenberg takes the US Federal Trade Commission to task for not doing more to prevent clickfraud in his Wired commentary, Click Fraud Threatens Web. It's not clear whether the FTC has actually had many complaints about this. The agency itself does comment in the article that it is more concerned with actions that directly impact consumers, rather than advertisers.
Clickfraudexists, no doubt about that. We've had panels discussing it at our SES shows since August 2002 and even started a dedicated session on the topic last year. Interest in that session has been growing. Here's a write-up of the most recent one held last August: Auditing Paid Listings & Click-fraud Issues.
The major search engines already do things internally to combat clickfraud. However, they could likely do more. A good start might be to actually participate in panels discussing the issue.
I've invited both Overture and Google each time we do one, and they always decline. Reason? They don't feel they can discuss the issue without giving away stuff that might help fraudsters. In reality, there's a lot they can and should say on the subject to better help advertisers protect themselves.
Heck, Overture provides some of this information on its site already: Advertiser Security. So does Google: AdWords click quality. Interestingly, neither make use of the word "fraud" in relation to clickfraud activity, preferring the more euphemistic "invalid click," as far as I can tell.
Penenberg's article makes mention of a recent report suggesting that 50 percent of paid clicks might be fraudulent. MediaPost has a write-up from last month about this: Pay-Per-Trick: Half Of All Ad Clicks Deemed Fraud.
It's a scary stat, but that's also for certain industry categories, which remain unnamed by the source of the data, Clicklab. That firm also specializes in clickfraud detection, so it's obviously in its interest for the stats to sound as scary as possible. But despite those qualifiers, as said above, there's no doubt clickfraudhappens.
This issue is one that will only grow, as more money is spent on search and contextual advertising. If the FTC doesn't step in, if the search engines are unable to police better, rest assured the advertisers themselves will take action. Indeed, a rumor that I and others have heard over the past few months is that one or more advertisers may be considering filing a lawsuit against the search companies for failure to do more to stop clickfraud.
Another good article on this topic came out from News.com in July: Exposing click fraud. Also in July, SearchDay ran Advertising & Click Fraud by Jessie Stricchiola, who's spoken on the topic at our SES shows since 2002. Jessie also provides further tips on her own site: Click Fraud - An Overview.
Finally, complete your reading list with India's secret army of online ad 'clickers'. This article that came out in May is probably most responsible for raising new awareness of this preexisting problem.
Want to discuss this post or topic? Visit our forum thread: Click-Fraud said to be 50% of clicks
Posted by Danny Sullivan on Oct. 13, 2004
http://blog.searchenginewatch.com/blog/041013-114457
Posted by Hans A. Koch at 08:21 PM | Comments (0)
October 02, 2004
Click Fraud Threatens Web
The Federal Trade Commission believes that no place is more fraud-friendly than the web. The agency estimates that more than one in 10 Americans (perhaps as many as 30 million people in this country) have fallen victim to fraud. Last year, internet-related fraud complaints surpassed all others, comprising 55 percent of all digital malfeasance, and for the first time the net supplanted the telephone as the most popular initial point of contact for dupers to meet dupees.
An almost endless array of clever schemes exists to separate consumers from their money. There are cross-border scams that consist of fake foreign lotteries, phony prize promotions, advance-fee loan cons and the infamous Nigerian scam. Charity scams take advantage of consumers' generosity while so-called home-opportunity scams zero in on people looking for an easy way to make a few extra bucks. Identity thieves "phish" for personal information, like account numbers and PINs, which they use to sink your good credit (while sucking every penny out of your bank account). Pop-up spammers rely on nefarious methods to secretly wrest control of your PC desktop so they can pummel you with ads. Auction fraud accounts for half of the complaints the agency receives.
It's no wonder the FTC believes it's crucial to take action. According to Howard Beales, director of the agency's consumer-protection bureau, who last spring testified (.pdf) before a Senate subcommittee, these types of fraud cause "significant injury to consumers and harms public confidence in the internet as an emerging marketplace."
There is one type of fraud, however, that could potentially be more damaging to the internet than any of these, yet the FTC hasn't done a thing about it.
I'm talking about click fraud -- the practice of skewing pay-per-click advertising data by generating illegitimate hits. Click fraud takes advantage of the increasing popularity of performance-based ad arrangements on the net, and the dramatic rise in the cost of online advertising. Those that stand to benefit most are search networks' content partners, which receive commissions on these fraudulent clicks, and competitors intent on playing dirty by inflating a rival's pay-per-click spending to stretch their advertising budget.
But in the end, it's the Googles of the world that are particularly vulnerable, something the company is well aware of. In its pre-public offering documents, Google flagged "fraudulent clicks" as a risk worth noting: "We have regularly paid refunds related to fraudulent clicks and expect to do so in the future," it said. "If we are unable to stop this fraudulent activity, these refunds may increase." At stake is nothing less than the integrity of the company's entire ad revenue model. "If we are unable to remain competitive and provide value to our advertisers, they may stop placing ads with us, which would negatively affect our net revenues and business."
The net revenues generated from the fees advertisers pay Google when users click on ads delivered to Google Network members' websites made up 21 percent of the company's net revenues for the first quarter of 2004 . Google is counting on the percentage to grow dramatically in the future, which it hopes will convince Wall Street that the company has a viable long-term plan for growth.
Of course, Google is not the only company that is vulnerable. So are FindWhat.com, Kanoodle and Overture, all of which have pay-per-click revenue models.
Click fraud can be carried out in several ways. The simplest: Hire a legion of low-wage workers to click manually on web ads. For instance, The Times of India reported on a new type of gray-market outsourcing: A growing number of Indian housewives, urban professionals and college grads are hired to sit around and click on ads for hours on end. They make between 18 and 25 cents per click and earn up to $200 a month.
In places where labor costs are significantly higher, would-be defrauders rely on computer scripts to mimic human behavior. In March, the Secret Service arrested Michael Anthony Bradley, a 32-year-old programmer from California, for extortion, and in June the Department of Justice charged him with one count of interference with commerce by threats and 10 counts of wire fraud. Bradley had threatened to release software he dubbed Google Clique -- designed to defeat Google's AdSense program -- to spammers unless the company paid him $100,000.
How prevalent is click fraud? Dmitri Eroshenko, chief executive and founder of Clicklab, a web analytics firm, likens it to spam and claims that as much as 50 percent of pay-per-click advertising in some competitive categories could be the product of bogus clicker syndrome. Of course, Eroshenko has a vested interest in hyping the problem: His company markets a tool to identify it. But that doesn't mean he's wrong. The truth is, nobody knows for sure.
So where is the FTC? In recent months, the agency has found the resources to take on funeral homes in New York and Massachusetts, settle a price-fixing case with a New Mexico physicians group and handle a $1.6 million judgment against a porn operator that billed Americans for multinational internet access without their consent. But it hasn't done anything about click fraud.
Although Eileen Harrington, director of marketing practices for the FTC, says the agency is always interested in the integrity of advertising, click fraud "isn't the most direct form of consumer fraud," since "consumers aren't directly affected."
But consumers do have a stake in the integrity of the internet. That's why the FTC should take action.
- - -
Adam L. Penenberg is an assistant professor at New York University and the assistant director of the business and economic reporting program in the department of journalism.
By Adam L. Penenberg
02:00 AM Oct. 13, 2004 PT
http://www.wired.com/news/culture/0,1284,65324,00.html
Posted by Hans A. Koch at 02:00 AM | Comments (0)
