UGN Security Forums UGN Security: UGN Archives Tech News Exposing click fraud

Internet marketers facing higher advertising fees on search networks are becoming increasingly concerned about a form of online fraud that was thought to have been contained years ago.

The practice, known as "click fraud," began in the early days of the Internet's mainstream popularity with programs that automatically surfed Web sites to increase traffic figures. This led companies to develop policing technologies touted as antidotes to the problem. But some marketing executives estimate that up to 20 percent of fees in certain advertising categories continue to be based on nonexistent consumers in today's search industry.

In one recent example of the problem, law enforcement officials say a California man created a software program that he claimed could let spammers bilk Google out of millions of dollars in fraudulent clicks. Authorities said he was arrested while trying to blackmail Google for $150,000 to hand over the program. He was indicted by a California jury in June.

Matt Parrella, chief of the San Jose branch of the U.S. Attorney's Office in Northern California, said that case was "not unique." The problem "is certainly not shrinking, and we're ready to prosecute people," said Parrella, whose office handled the Google case.

Click fraud is perpetrated in both automated and human ways. The most common method is the use of online robots, or "bots," programmed to click on advertisers' links that are displayed on Web sites or listed in search queries. A growing alternative employs low-cost workers who are hired in China, India and other countries to click on text links and other ads. A third form of fraud takes place when employees of companies click on rivals' ads to deplete their marketing budgets and skew search results.

Although the extent of click fraud is impossible to measure with any certainty, its persistence has exposed a fundamental weakness in the promising business of Internet search marketing. Google's pending initial public offering has been widely anticipated as a barometer of online advertising and the post-apocalyptic dot-com climate in general.

"It's hard to tell how big the problem is, but people are looking at it closer and closer as the cost of search advertising goes up," said John Squire, vice president of business development of Coremetrics, a Web analytics firm. "Click fraud is a fin sticking out of the water: You're not sure if it's a great white shark or a dolphin."

Unlike advertising in traditional media such as billboards and print publications, "cost per click" Internet ads displayed with specific keyword searches have been promoted as a definitive way for companies to gauge their exposure to potential customers. As a result, U.S. sales from advertiser-paid search results are expected to grow 25 percent this year to $3.2 billion, up from $2.5 billion in 2003, according to research firm eMarketer. From 2002 to 2003, the market rose by 175 percent.

As more advertisers have competed for desirable keywords in their industries, the cost for clicks has risen too. On average, advertisers are paying 45 cents per click this year, according to financial analysts, up from 40 cents in 2003 and 30 cents in the second quarter of 2002. In certain sectors, such as travel, legal advice and gaming, the cost can reach several dollars per click.

But marketing executives say click fraud is pervasive among affiliates of search leaders Google, Yahoo-owned Overture Services and FindWhat.com. In a typical affiliation, any Web publisher can become a partner of these large networks by displaying their paid links on a Web page or within its own search results and then share in the profits with every click.

"There's a fatal flaw in the cost-per-click model because a ton of marketing dollars can be depleted in a fraction of a second," said Jessie Stricchiola, president of Alchemist Media, a search-engine marketing firm based in Los Angeles that specializes in fraud protection. "Technology is continuing to be developed that can exploit this pricing model at incredibly high volumes."

Google's fraud squad
Google declined an interview for this report, citing the mandatory "quiet period" before its initial public offering, which is expected to raise $2.7 billion. But the company said in a statement that it has been "the target of individuals and entities using some of the most advanced spam techniques for years. We have applied what we have learned with search to the click fraud problem and employ a dedicated team and proprietary technology to analyze clicks."

In recent documents filed with the Securities and Exchange Commission, the company also acknowledged the problem as a threat to its revenue, of which 95 percent is derived from advertising. Google and other search networks provide refunds to advertisers when click fraud has been discovered.

"If we are unable to stop this fraudulent activity, these refunds may increase," Google said in its SEC filing. "If we find new evidence of past fraudulent clicks we may have to issue refunds retroactively of amounts previously paid to our Google Network members."

Google and Overture employ "fraud squads," or teams of people dedicated to fighting click schemes. But at least two marketing executives say such countermeasures are missing fraudulent clicks that are responsible for between 5 percent and 20 percent of advertising fees paid to all search networks.

Overture spokeswoman Jennifer Stephens refutes that estimate, saying that the numbers likely represent acts of fraud that are ultimately caught. She added that Overture filters most fraudulent clicks with the best antifraud system in the industry, which combines technology and human analysis.

"We take this very seriously; it's the foundation of what we do," Stephens said. "If an advertiser has a question about it, we look into all matters."

Cost-per-click advertising comes in many forms, but it essentially lets marketers gain exposure on a Web site and pay only when people click on their ads. Google and Overture let advertisers bid for placement of paid links, which appear when certain keyword searches are conducted on the networks' sites or those of third parties that partner with them. Keyword ads can also be distributed according to the content of partners' sites and displayed on non-search pages. (CNET Networks, which publishes News.com, partners with Google for shared advertising revenue.)

Most advertisers are aware of the click-fraud issue but have not delved into it because of the technical complexities involved. Others are concerned that they could jeopardize their relationships with the powerful search networks if they complain too loudly.

"It is a bigger problem, but folks just don't want to take the time to track it down because it's a complex problem," Coremetrics' Squire said. Given that some of the largest marketers manage up to 1 million keywords in a campaign, he added, the data can be difficult to crunch.

Danny Sullivan, who runs a quarterly search-industry conference, said many advertisers do not raise their concerns with the ad networks because "they're afraid that if they complain, it will hurt their free listings."

Still, more fraud-detection technologies are emerging to help advertisers analyze their campaigns and traffic. Some advertisers and search-engine marketing companies say they are compiling lists of sites that generate a high number of clicks but not sales.

Coremetrics, Urchin and Whosclickingwho.com are just a few that sell technology to examine click rates and sales that result from paid searches. Alchemist Media, which charges flat fees for its consulting services, has detected fraud while acting as an intermediary between search networks and marketers.

In general, Alchemist's Stricchiola estimates that 10 percent of all search ad sales could be based on fraudulent clicks. But she said the rate can reach 20 percent in particular businesses that have been targeted for click fraud.

Roy de Souza, CEO of advertising technology firm Zedo, said his company's geotracking systems have traced Internet Protocol addresses to detect click operations in China. In describing one common scheme, he said a legitimate site is duplicated under another name, complete with text ads from a search network. A bot would then be trained to click on the ad links that appear on the bogus site, said de Souza, who estimated that click fraud affects 10 percent to 20 percent of today's search network ads.

Many policing technologies can counter click fraud by analyzing Web traffic logs or surfing behavior. If a page is turned every 1.8 seconds over a period of time, for example, fraud-detecting systems will flag the traffic as suspiciously uniform.

Covert clicks
Human operations can be more difficult to detect because a wide network of people can click on ads from different computers across many regions, without a steady pattern. According to a report in the India Times, residents are being hired to click paid links from home, with the hopes of making between $100 to $200 per month.

In other instances, the source of bogus clicks can be much closer to home.

Joe, the chief executive of an Internet marketing company, enjoys clicking on his rivals' text ads on Google and Yahoo because his competitor must pay as much as $15 each time he does it. Eventually, such phantom clicks can add up and drain a rival's budget.

"It's an entertainment," said the executive, who asked to keep his name and company anonymous. "Why do you run into a store without dropping a quarter in the meter? You know it's wrong, but you do it."

Kevin Lee, chief executive of search marketing firm Did-It, estimates that fraud from such "drive-by" competitive clicks and affiliate scams makes up about 5 percent of the industry's total sales. Lee concedes that he can only guess at the number, but he does know one thing for sure:

If it gets much higher, he said, "then we should all be getting worried."

You can view the original article here...
http://news.com.com/Exposing+click+fraud/2100-1024_3-5273078.html?tag=nefd.lede