Click
fraud is migrating from search engines to ad networks, where experts are less likely to discover it, according to a report released today.
Key findings from the Q1 2009 Click Fraud
Index suggest that click fraud traffic from malicious scripted programs increased during the quarter. Unlike botnets or malware, these new threats exist as simple Javascript programs that execute upon
a page view or site visit. Ad networks became more vulnerable to these attacks during the quarter.
Ad networks are not necessarily more vulnerable to scripted attacks, but the data shows them
becoming the target of more click fraud attacks in general as fraudsters look for the easy route in, according to Tom Cuthbert, president of Click Forensics.
Yahoo and Google are becoming better
at stopping fraud, so the "bad guys" are going after easier targets such as ad networks that don't have sophisticated systems such as Google and Yahoo to stop click fraud. "Advertisers are paying for
these phantom clicks," Cuthbert said. "In the background, multiple things occur that the average user wouldn't see on their screen. They are called it an 'off-screen click.'"
Cuthbert said that
isolating the traffic allows online fraud specialists to detect the clicks.
Major search engines did a better job of blocking fraudulent traffic from botnet in the first quarter of 2009,
possibly because of the heightened awareness of well-publicized attacks such as Conficker.
The Click Forensic first-quarter report suggests the overall industry click fraud rate dropped to 13.8%
from an all-time high of 17.1% reported in the fourth quarter of 2008. Factors contributing to the decline range from the seasonal first-quarter drop, as well as lower cost per clicks (CPCs) for
keywords, which mean less money made on fraud.
The Click Fraud Index provides industry PPC data collected from online advertising campaigns across most search engines. Traffic across more than
300 ad networks is also reflected in the data.
The report also suggests that the greatest percentage of click fraud comes from outside the U.S. originates from Canada, the U.K. and Germany.
Ad networks are not the only industry segment to feel the heat. Although not included in the Click Forensics report, Twitter has experienced its own problems with malicious links and worms as the
microblogging site rises in popularity.
A worm ran amuck through Twitter earlier this month. Four accounts were created that began spreading a worm on Twitter on April 11, according to the
company's blog post. For several hours, Twitter's security team worked on eliminating the vectors that could identify this worm.
At that time, about 90 accounts were compromised, identified and
secured, according to the post. The following morning, Twitter recognized several additional attacks. The team secured and removed content that might help spread the worm. All told, the company
identified and deleted almost 10,000 tweets that could have continued to spread the worm.