Site Map | Search
HomeAbout UsServicesNewsResourcesCareersContactSearch
Resources

  • New Media Bytes and Briefs
  • Articles
  • Presentations
  • Links
  • Glossary
  • Key Online Metrics
  • Reading List
    		•



    v-Fluence Interactive Public Relations > Resources

    How Click Fraud Could Swallow the Internet

    09-15-06

    Category: Internet Marketing

    Key Points:

    • Click-fraud refers to the illegal manipulation of keyword-based advertising.
    • As search engine advertising continues to grow in prominence, so do the incidents of click-fraud.  Estimates of the proportion of fake clicks run from as low as 10% to as high as 50%.
    • The major PPC firms have invested heavily in methods to block click-fraud.
    • The demand for click-fraud related services has spawned a market of companies helping victims track and respond to the practice.

    ***

    Excerpt - For full article, please visit Wired Online.

    Stuart Cauff launched a charter-jet service in Miami Beach back in 2002. Being a 21st-century business, JetNetwork advertised on the Internet, especially on search engines. Anyone who Googled, say, "air charter Miami" would be greeted with the familiar list of search results and, in a separate place, a plain box of text with a blue hyperlink to JetNetwork's Web site.

    Search ads were perfect for Cauff's business. His potential customers - a diverse group of celebrities, photojournalists, medical evacuees, and people who just needed to get away from or to Miami in a hurry - were scattered across the country. To reach this audience with traditional advertising, he would have had to buy time on scores of television and radio stations and space in just as many newspapers and magazines, something that only wealthy, established companies could afford. Even if Cauff could pay for the ads, the vast majority of people exposed to them wouldn't care about charter jets, so most of his money would be wasted. But with search-based ads, JetNetwork's name would appear, at least in theory, only before people who were actually interested in Miami charter flights.

    Still, the ads were expensive. This kind of advertising is known as pay-per-click, because advertisers shell out money to a search engine every time a surfer clicks on their links. The price and placement depend mainly on how much the advertiser wants to bid for the search term - also known as the keyword in ad jargon. As other charter-air companies began PPC advertising, the cost of a click on a top-ranked ad rose to about $10 - in some cases as high as $30 - and there could be hundreds of clicks a month.

    Which is why Cauff was infuriated when he discovered that up to "40 percent, maybe more" of the clicks on his keyword ads apparently came not from potential customers around the nation but from a single Internet address, one that belonged to a rival based in New York City. "If we get clicked fraudulently, it uses up our ad budget," he says. Advertisers usually set limits on how much they will spend, and search engines drop ads once they hit that limit. As a result, fraudulent clicking "literally pushes us off the page," Cauff explains. "And then our competition buys in at a lower price when we're not there."

    Cauff was a victim of "click fraud," the illicit manipulation of keyword-based advertising. In this case, the scam appeared straightforward - one company clicked on a rival's search engine ads to drive up its costs. More complex is a second type of bogus ad click that exploits a second form of PPC advertising: ads fed to Web sites - anything from personal blogs to the sites of major corporations - by search providers like Google, Yahoo!, LookSmart, and, soon, MSN. The search engine indexes the content of the Web site and matches it with a group of relevant ads. (The most familiar form is Google's AdSense program - the sets of links labeled ads by goooooogle that show up on pages across the Internet. The advertisements that appear on Google itself are part of a separate but related program called AdWords.) Thus, bloggers who write about their air-travel experiences and choose to host such ads may find links on their pages for JetNetworks and its brethren. If a blog visitor clicks on the ad, the search engine splits its fee with the blogger. Although these "affiliate" ads have been hugely successful for advertisers, search engines, and the host Web sites, the system creates an incentive for affiliates to cheat. "All you have to do to make some money is find a way to click the ad sent by Google or Yahoo! to your own Web page," says search marketing consultant Joseph Holcomb. "Click! - there's 10 bucks. Click! - there's 10 bucks. It goes on all the time."

    Pay-per-click is the fastest-growing segment of all advertising, reports the Interactive Advertising Bureau. Last year, Yahoo! alone ran more than 250 million individual listings, according to Michael Egan, the company's search-marketing director of content strategy. Yahoo! doesn't break out PPC earnings separately in its financial statements, but Goldman Sachs analyst Anthony Noto believes that keyword advertising accounted for about half of the company's estimated $3.7?billion in revenue for 2005. PPC is even more lucrative for Google. According to Noto, Google will end 2005 with $6.1 billion in revenue. About 99 percent of that revenue comes from keyword ads (over 56?percent from AdWords, according to the company's most recent quarterly financial statement, and 43?percent from AdSense), making Google a bigger recipient of ad dollars than any television network or newspaper chain. All of which is to say that little blue text links, a type of advertising that barely existed five years ago, are poised to become the single most important form of marketing in the US - unless click fraud ruins it.

    If that occurs, the consequences will be felt throughout the Net. By splitting revenue with the sites that host the ads, search engines have become, in effect, the Internet's venture capitalists, funding the content that attracts people to the computer screen. Unlike the VCs who backed the boom-era Internet, search engines now provide revenue to thousands of wildly diverse sites at little up-front cost to them -?PPC advertising is one of the few income sources available to bloggers, for instance. If rampant click fraud overwhelms the system, it will muffle the Internet's fabulous cacophony of voices.

    The amount of click fraud is difficult to quantify; estimates of the proportion of fake clicks run from as low as 1 in 10 to as high as 1 in 2. In a widely cited recent study, MarketingExperiments.com, an online marketing research outfit, reported that "as much as 29.5?percent" of the clicks in three experimental PPC campaigns on Google were fraudulent. Whatever the exact figure, click fraud has become pervasive, and Google, Yahoo!, and the other major PPC firms have found themselves caught in a game of cat and mouse with its perpetrators. Even as the search engines shore up their defenses, click scammers are becoming more sophisticated, increasingly deploying complex software to disguise the origins of clicks. For now, the search companies and many of their clients maintain that the problem on their networks is under control. But some observers, like Holcomb, believe that click fraud is "a billion-dollar mess" that "has the potential of destroying the entire industry."

    Last October, Boris Elpiner noticed something odd about the Web traffic coming to his company from its PPC ads. As vice president of marketing for RingCentral, an online telecommunications firm in San Mateo, California, Elpiner is in charge of its affiliate-ad program, which hired Yahoo! to distribute RingCentral's ads onto Web sites with compatible content. Poring over his records, he discovered that a keyword term ("fax software download") that had previously generated almost no clicks was suddenly pulling them in. The total cost to RingCentral for the clicks - $2,500 over about four weeks - "was significant, but not immediately noticeable."

    Puzzled by the sudden change, Elpiner investigated further. When users visit a Web site, the site server notes the URLs from which they came, the visitors' IP addresses, and other data. Cauff, the charter-jet executive, had used such information to conclude that a competitor was clicking repeatedly on his ads. In this case, Elpiner didn't see an obvious pattern. At the same time, the URLs and IP addresses associated with the suspect clicks "didn't make any sense," he says. "Some of the URLs were error 404 messages, and a lot of the addresses didn't exist."

    Elpiner took the matter to Yahoo!, whose analysts "figured it all out quickly," he says. One or more Yahoo! affiliates may have generated deceptive clicks on ads served to their sites, using special software to disguise the source. The scammers, he says, "were clever enough not to take a whole lot from [the ads on] one site, but must have been trying to siphon off a little from many advertisers." Yahoo! gave Elpiner full credit. But it did not, as far as he could tell, try to identify the perpetrators. Instead, Yahoo! and other PPC companies are responding to click fraud by deploying new antifraud technologies. For example, Yahoo! analysts have created click fraud filters - algorithmic screens that sift through the sea of incoming clicks to find patterns suggesting fraud and then discard phony clicks without regard to source or motive.

    Although Google and Yahoo! will not, for security reasons, discuss their methods in detail, the advertisements themselves offer some clues. When affiliates sign up for a box of, say, Google ads, they are essentially hosting within their own Web page a small, separate page with its own, very long URL. According to Joseph Tierney, an Internet marketer in central Florida who describes himself as a repentant click frauder, that URL is embedded with a string of information including the time, in milliseconds; the last time the host Web page was updated, also in milliseconds; and other data used to track customer behavior. Analysts could use this material to match the various time stamps against one another, as well as other information provided by server logs. "If someone from such-and-such IP address clicks on the same ad four times in a second," says Elias Levy, a security architect at Symantec, "you can know that at least three of those clicks don't mean anything. It's inconceivable that Google wouldn't be looking at this."

    The company won't confirm it, though. "We don't discuss our techniques," says Shuman Ghosemajumder, a Google business product strategy manager. Nor will Google disclose whether invalid clicks are common or whether it has "a lot" or "just a few" researchers working on click fraud. "We have recognized invalid clicks as a serious problem from the beginning," Ghosemajumder says. "We've done a good job at being effective with these issues in the past, and we believe we will be effective in the future." In his view, PPC companies should be judged not by whether they have succeeded in stamping out click fraud but by whether their advertisers are satisfied.

    By that standard, Google and company seem largely successful, at least for now. Google is "very good at detecting multiple clicks from the same computer," says Ash Nallawalla, a former search engine advertising consultant in Melbourne, Australia. "I am not likely to be charged for any of those clicks, not even the first one." (Marketers contacted by Wired say much the same about Yahoo!) Google typically knocks about a third off the Chase Law Group's bill to discount for click fraud, according to James Butler, IT director for the Los Angeles-based firm, which draws about 60?percent of its clients through Internet advertising. "If we get 500 clicks from their ads," he says, "they bill us for 320 or so."

    Full Article








    <- Back to: Single View


     


    Copyright © 2006 v-Fluence Interactive Public Relations