Harvard Business School professor Ben Edelman has revealed what he says is a new form of click fraud that accomplishes what watchdogs once thought impossible: "A scam that not only simulates valid clicks on a Google ad sold to an advertiser, but seems to result in a real customer who spends money on the advertiser's site," writes Forbes. Says Edelman: "This is a particularly insidious kind of click fraud ... It takes more effort to organize, but it gives the perpetrator the capacity to impose charges in a way that's much harder for the advertiser to notice." Edelman goes on to describe how the complex and stealthy click fraud scheme works, explaining that perpetrators of the fraud -- who run a site called TrafficSolar.com -- make a deal to host Google's pay-per-click ads through a long string of Google affiliate partners, each of which agree to place their ads on other sites in exchange for a share of those ads' revenue. The owners of the site then infect Web surfers' machines with spyware through a common cybercriminal tactic, exploiting a security vulnerability in either Windows XP or Internet Explorer when the user visits a popular, compromised Web site.