Jumat, 22 Juni 2018

Sponsored Links

Mobile Ad Fraud Detection Tools | Real Time Ad Fraud Detection
src: storage.googleapis.com

Click fraud is a type of fraud that occurs on the internet in pay-per-click (PPC) online advertising. In this type of advertising, website owners who post ads are paid a certain amount of money determined by how many visitors to the site click on the ad. Fraud occurs when someone, automated scripts or computer programs mimic legitimate users of web browsers, clicking on such ads without any actual interest in the target ad links. Click fraud is the subject of some controversy and litigation increases as advertising networks become the main beneficiaries of fraud.

Media entrepreneur and journalist, John Battelle, describes click fraud as a malicious "black hat" practice that deliberately damages paid paid game publishers by using robots or low-paid workers to repeatedly click on each AdSense ad on their site, resulting in money to be paid by advertisers to publishers and to Google.


Video Click fraud



Pay-per-click ads

PPC Advertising is an arrangement in which the webmaster (operator of the website), acts as a publisher, displays clickable links from advertisers in exchange for cost-per-click. As the industry grows, a growing number of advertising networks, acting as an intermediary between these two groups (publishers and advertisers). Whenever a legitimate Web user (who is believed) clicks on an ad, the advertiser pays for the ad network, which in turn pays the publisher a share of this money. This revenue sharing system is seen as an incentive for click fraud.

The largest of the advertising networks, Google AdWords/AdSense and Yahoo! Search Marketing, acting in dual roles, as they are also publishers themselves (in their search engine). According to critics, this complicated relationship can create a conflict of interest. This is because these companies lose money for click fraud that is not detected when paying to publishers but earns more money when collecting fees from advertisers. Due to the spread between what they collect and pay, unfettered click fraud will create short-term profits for these companies.

Maps Click fraud



Non-contractor

The source of secondary click fraud is a non-contracted party, which is not part of a pay per click agreement. This type of fraud is even more difficult for the police, since offenders are generally unable to be sued for breach of contract or criminally charged with fraud. Examples of non-contracting parties are:

  • Advertiser competitors : These parties may want to harm competitors who advertise in the same market by clicking on their ads. The principals do not benefit directly but force advertisers to pay for irrelevant clicks, thus undermining or eliminating the source of competition.
  • Publisher competitors : These people may want to frame the publisher. It's created as if the publisher clicked on its own ad. The advertising network can then break the relationship. Many publishers rely solely on advertising revenue and may be expelled from business with such attacks.
  • Other malicious intentions : Just like vandalism, there are many motives that want to cause harm to both advertisers and publishers, even by people who have nothing to gain financial gain. Motives include political and personal grudges. These cases are often the most difficult to deal with, as it is difficult to track down the culprit, and if found, there is little legal action to take against them.
  • Publisher friends : Sometimes after learning about the publisher's benefit from the clicked ad, a publisher's supporter (such as a fan, family member, political party supporter, protector or personal friend) will click on the ad to help. This can be considered patronage. However, this can backfire when the publisher (not a friend) is accused of a click fraud.

Ad networks can try to stop fraud by all but often do not know which clicks are valid. Unlike fraud committed by publishers, it's hard to know who to pay when the last click fraud is found. Publishers are angry at having to pay a refund for something that is not their fault. However, advertisers insist that they do not have to pay for fraudulent clicks.

Click Fraud Case | High Click Volumes & Fraudulent Traffic
src: storage.googleapis.com


Organization

Click fraud can be as simple as one person starting a small website, becoming an ad publisher, and clicking on the ad to generate revenue. Often the number of clicks and scores is so small that fraud is undetectable. Publishers can claim that a small number of such clicks are accidents, which are often the case.

Large-scale fraud also occurs. Those involved in large-scale scams often run scripts that simulate human clicks on ads on web pages. However, a large number of clicks that appear from one, or a small number of computers, or one geographic region, look very suspicious to advertising networks and advertisers. Clicks coming from a computer known as publisher also look suspicious to those watching for click fraud. Someone who attempts a large scale scam, from one computer, has a great chance of getting caught.

One type of fraud that circumvents IP-based detection uses existing user traffic, turning them into clicks or impressions. Such attacks can be disguised from users by using iframes 0-sizes to display ads that are programmed to load using JavaScript. It can also be disguised from advertisers and portals by ensuring that so-called "reverse spiders" are presented with legitimate pages, while human visitors are presented with pages that perform click fraud. Use of 0-size iframes and other techniques involving human visitors can also be combined with incentive traffic usage, where members of the "Paid to Read" site (PTR) are paid a small amount of money (often a fraction of a cent) to visit the website and/or clicking keywords and search results, sometimes hundreds or thousands of times each day Some PTR site owners are members of the PPC machine and can send many email ads to users who search, when sending multiple ads to those who do not. They do this primarily because cost per click on search results is often the only source of revenue to the site. This is known as a forced search, a preferred practice in the Get Paid To industry.

Organized crime can handle this by having multiple computers with their own Internet connection in different geographical locations. Often, scripts fail to imitate human behavior, so organized crime networks use Trojan codes to turn the average machine of a person into a zombie computer and use sporadic redirects or DNS cache poisoning to transform unconscious user actions into revenue-generating actions for fraudsters. This can be difficult for advertisers, advertising networks, and authorities to pursue cases against networks of people scattered in different countries.

Impression fraud is when the resulting fake ad impression affects the advertiser's account. In the case of click-through auction models, advertisers may be penalized for having unacceptable low clickthroughs for certain keywords. This involves making a lot of searches for keywords without clicking on ads. Such ads are automatically disabled, allowing competitors low bid ads for the same keyword to continue, while some high bidders (on the first page of search results) have been deleted.

Hit inflation attack

Hit inflation attacks are a kind of fraudulent method used by some publishers to get an unjustifiable revenue on the traffic they drive to the advertiser's website. This is more sophisticated and more difficult to detect than simple inflation attacks.

This process involves the collaboration of two colleagues, dishonest publishers, P, and a dishonest website, S. The webpage in S contains scripts that direct customers to the P website, and this process is hidden from the customer. So when U user takes a page in S, it will simulate a click or request to a page on P site. Site P has two types of web pages: manipulated version, and original version. Manipulated versions simulate clicks or requests to ads, causing P to be credited for clickthrough. P selectively determines whether to load the manipulated (and thus cheats) script into browser U by checking whether it is from S. This can be done through the Referrer field, which specifies the site from which the link to P is obtained. All requests from S will be loaded with manipulated scripts, and thus automatic and hidden requests will be sent.

This attack will silently change every innocent visit to S into a click on an ad on page P. Worse, P can work with some dishonest websites, each of which can work with several publishers not honest. If the ad commissioner visits the P website, the non-cheating page will be displayed, and thus P can not be accused of being a fraud. Without reason to suspect such collaborations, the advertising commissioner must check all Internet sites to detect such attacks, which is impossible.

Another proposed method of detecting this type of fraud is through the use of association rules.

How to Remove Google Adsense Fraud Click on WordPress Site - YouTube
src: i.ytimg.com


Manipulation of organic search results

One of the main factors affecting the ranking of websites in organic search results is CTR (Clickthrough Rate). That is the ratio of clicks to impressions, or in other words how many times a search result was clicked, compared to how many times it appeared in search results.

In contrast to PPC scams, where competitors make use of the services of botnets, or low-cost labor, to generate fake clicks, in this case the goal is to beg your competitors by making their CTR rate as low as possible, thus reducing their ranking factors (position of the top of the results search).

Bad actors will generate fraudulent clicks on the organic search results they want to promote, while avoiding the search results they want to demote. This technique can effectively create business service cartels controlled by the same bad actor, or used to promote certain political opinions, etc. The scale of the issue is unknown, but it is evident to many website developers who pay close attention to statistics in webmaster tools.

Fraud Protection | Post Affiliate Pro
src: www.postaffiliatepro.com


Legal case

In 2004, California resident Michael Anthony Bradley created Google Clique, a software program that claims to spammers fool Google from millions of dollars with fraudulent clicks, leading to arrests and indictments.

Bradley used the technology he created for other companies that took five years to grow. Using this technology, he was able to show that fraud was possible, and impossible to detect by Google.

Bradley told Google about this security hole, and was willing to work with them to close some of these holes. However, Bradley was offered $ 500,000 for his software and technology by some of the world's top spammers. With this information, Bradley thinks he can charge $ 100,000 on his technology, and offers to sell all Google rights to the technology, and they can make the Internet a better and safer place.

When Bradley shows up at Google's office, he demonstrates the software for them, and when they ask him what he wants, he declares that he will consult for free if they want to buy the rights to the technology. He explains the previous offer of $ 500,000 and says he knows he can get it, but will pay $ 100,000 if they want to work together.

Bradley returned to Google's office and was greeted by the US Secret Service undercover. They keep asking what he wants, and they even push a check for $ 100,000 to him. Bradley states that this feels like blackmail and uncomfortable with this, and pushes the money away. That's when the Secret Service came in and caught it.

Authorities said he was arrested while trying to extort $ 100,000 from Google in return for submitting the program.

The allegations were dropped without explanation on November 22, 2006; the US Attorney's office and Google declined to comment. Business Week indicates that Google is unwilling to cooperate with prosecutors, as it will be forced to disclose its public fraud detection techniques.

Fabio Gasperini

On June 18, 2016, Fabio Gasperini, an Italian citizen, was extradited to the United States on charges of click fraud. An indictment charged by Gasperini with:

  • two allegations of computer intrusion
  • one count of wire fraud
  • one count wire fraud conspiracy
  • and one count of money laundering

According to the US government, Gasperini organizes and operates more than 140,000 botnets of computers worldwide. This is the first click fraud trial in the United States. If found guilty, Gasperini risks up to 70 years in prison.

Simone Bertollini, an Italian-American lawyer, represents Gasperini in court. On August 9, 2017, the jury freed Gasperini from all charges of criminal indictment. Gasperini was convicted of one allegation of infringement in obtaining information without financial gain. Gasperini was sentenced to a maximum of one year in prison, a $ 100,000 fine, and a year of supervised release after imprisonment. Shortly after he was credited with the time served and sent back to Italy. Appeal is currently pending.

Click Fraud - How To Prevent Click Fraud Damaging Your PPC
src: www.clickguardian.co.uk


Solution

Proving click fraud can be very difficult, as it is difficult to know who is behind the computer and what their intentions are. Often the best that an advertising network can do is to identify which clicks are likely to be fraudulent and not charge an advertiser's account. Even more sophisticated detection tools are used, but nothing is so easy.

The Tuzhilin report was generated as part of the completion of the click fraud lawsuit, having a detailed and comprehensive discussion on the issue. Specifically, it defines "Fundamental Issues from invalid clicks":

  • "There is no conceptual definition of invalid clicks that can be operationalized [except for certain obvious cases]."
  • "The operational definition can not be fully disclosed to the general public because of concerns that unethical users will take advantage of it, which could lead to massive click fraud, but if not disclosed, advertisers can not verify or even dispute why they are charged for clicks certain. "

The PPC industry is lobbying for more stringent legislation on this issue. Many expect to have laws that will protect those who are not contractually bound.

A number of companies are developing feasible solutions for click fraud identification and are developing an intermediary relationship with advertising networks. The solutions fall into two categories:

  1. Forensic analysis of advertiser web server log files.
    Analysis of this advertiser's web server data requires an in-depth look at traffic sources and behavior. Because industry standard log files are used for analysis, data can be verified by advertising networks. The problem with this approach is that it depends on the honesty of intermediaries in identifying fraud.
  2. Third party strengthening.
    Third parties offer web-based solutions that may involve the placement of a single-pixel or Javascript image on the advertiser's web page and appropriate ad tagging. Visitors can be served with cookies. Visitor information is then collected in third-party data storage and available for download. Better offerings make it easy to highlight suspicious clicks, and they show reasons for such a conclusion. Because advertiser log files can be tampered with, their mentoring with reinforcing data from third parties forms more convincing evidence for display to the ad network. However, the problem with third-party solutions is that they only see some traffic from across the network. Therefore, they are less likely to identify patterns that reach multiple advertisers. In addition, due to the limited amount of traffic they receive when compared to intermediaries, they can become overly aggressive when assessing traffic as fraud.

In a 2007 interview on Forbes, Google clicks on Tsarist Shuman Ghosemajumder says that one of the main challenges in click fraud detection by third parties is access to data beyond clicks, especially, ad impression data.

Click cheating is less likely in the cost-per-action model.

Mobile Ad Fraud Detection Tools | Real Time Ad Fraud Detection
src: storage.googleapis.com


Research

Source of the article : Wikipedia

Comments
0 Comments