As long as advertisers pay for clicks, there will be click fraud. And the more people combat it, the more sophisticated the attacks become to get around the defenses that advertisers, search engines, and others put in place. But a recent click fraud ring discovered by click-fraud monitoring service Anchor Intelligence suggests that the practice is evolving to a scale never seen before.
Anchor Intelligence identified a click fraud ring being run out of China which involved 200,000 different IP addresses and racked up more than $3 million worth of fraudulent clicks across 2,000 advertisers in a two-week period. That money was never paid out and the ring has now dissipated (or moved onto another scam), but who knows how long the ring was in operation before Anchor noticed. The operation was called DormRing1 because it was centered in dorms at technical universities in China such as the Shanghai Technology Institute.
“We have seen 200 fraud rings,” says Anchor VP Richard Sim, “and this one by far trumps them all. I think it is indicative of how sophisticated the click fraud is getting. We are seeing the sheer scale and size of these rings growing.”
Click fraud occurs when someone sets up a website, signs up with an ad network, and then clicks on the ads to generate ad revenues with false clicks. DormRing1 operated the same way, except it easily involved more than 1,000 people who set up more than 10,000 Websites to spread out the fraud. The image above depicts a portion of the ring, with each red dot representing a source of fraudulent clicks with similar digital signatures. (Anchor monitors such activity on behalf of advertising clients).
Spreading the click fraud out across thousands of sites makes it harder to detect, but it also requires a lot more people to perpetrate it. DormRing1 recruited student click fraud workers on Chinese social networks where and forums participants would post images of checks they were getting for their activities. One drummed up interest by talking about his plans to buy a car with the proceeds. Just like with any criminal organization, people at the lower rungs had to do a lot of grunt work to move up the ladder of trust and money. A briefing paper provided by Anchor describes the operation:
These social networks involve a complex set of user access levels. The baseline entrance level is only available by invitation; access to sensitive information is restricted solely to those users who have attained the highest levels. Users with the uppermost levels of access are able to purchase root kits to engage in fraudulent activity and contract out phases of their fraud operations to a large network of willing participants. Users reach higher levels of access in one of two ways: either through a vouching system or by proving themselves as valuable contributors to the network through the provision of some ground level of services (e.g. contracting to create hundreds of accounts on various websites).
DormRing1 was able to use these exclusive social networks to create a division of labor in which all participants at the highest levels shared in a percentage of profits from an operation. The students involved in the ring each set up dozens of bare-bones websites, and successfully registered them with multiple ad networks. The students then hired the services of several botnet controllers to systematically click on ad links that were displayed on these sites. For each ad click, the publisher made a percentage of what the advertiser paid for that click. Through this network, the perpetrators were able to contract money mules (i.e. people with US addresses to which checks can be sent), traffic generators / botnet herders, website template developers, and a host of other service providers. After monetizing these fake websites via fraudulent ad clicks, the perpetrators then wired money to their various contractors.
Remember, we only know these details because DormRing1 was stopped. But nobody was arrested. The advertisers just stopped making payments to the fraudulent Websites. You can be pretty sure that DormRing2 is already up and running.
This is why I can’t get revenue when I deserved it!
These crooks make it bad for the good guys.
This is why we can’t have anything Nice!
nah, its just a reality of a global internet. if it wasn’t china it would be someone else.
google’s ppc model looks more and more troublesome
Except you seem to be missing the beauty of the auction model. As fraud increases, advertisers are willing to pay less per click. This means cost per interested click remains roughly constant, with some timing anomalies. Why everyone missed this subtle, but important fact is beyond me.
Pay Per Click is for idiots.
Says someone who obviously doesn’t know how to manage their accounts or is too lazy to try. Now any advertiser that doesn’t exclude a placement from their network that is just costing money with no results, that person is an idiot.
Or someone who has tons of cash!!
Most advertisers use a third party for their ad placement so they have no idea how qualified the leads are.
The ad placement company gets paid and shows great click ratios.
After our first CPC campaign I decided that the whole system was a scam and banned it from our company.
So as an advertiser I’m meant to be happy and willing to pay for clicks that ARE fraudulent? Errmm….no. I pay for valid clicks if I pay for clicks, whatever the price the auction model moves to.
How can I be sure the clicks are valid clicks? Well I can’t, so I’m either willing to waste my spend or spend it elsewhere — probably with CPA being the long-term winner for direct response.
the market/auction is not that efficient yet. CPA is the way to go
China needs no friends, it says loud and clear. They like walls between them and the rest. Why the rest of the world should go to china?
If you are buying ads, make sure to exclude china from target.
what a fucking idiot can make that suggestion?
Anyone worried about product or click fraud. China is a nightmare if your goal is legal recourse.
It’s not about clicks coming from China. Who is that retarded to target china? The clicks are coming from botnets. So excluding China will not solve the problems. The easiest way to reduce it is to track all the traffic in detail and exclude the placements that are not converting.
Its not the PPC model thats in trouble, its ad networks giving their ads to sites with less then 100,000 users that is in jeopordy. Large sites like USA Today, US News, MSNBC and other dont have this type of click fraud….its the long tail of shit sites that contain all the fraud. The owners of the sites click on their links…large sites dont have to do that. So any ad network that works with the long tail will have their advertisers ask them to reduce the CPC to account for the fraud. or you can work with an ad network that does not work with these shit tiny self serve sites.
To play it safe, advertisers should stick to big sites not big like youtube but sites with lots of traffic.
Check out the quality of the site. If the design is ugly or rashly put together, if the page is filled with grammatical and spelling errors than that’s a clear sign that it may not be worthwhile to advertise on.
This is EXACTLY why performance based (i.e. CPA/Affiliate) promotion makes the most sense for the web moving forward. It is both easier to scrub and harder to fake genuine sales and lead generation.
Impression based advertising, while less effective from an ROI standpoint makes sense for large brands (such as Coke, Pepsi etc.) because they have to maintain that top of the mind awareness. Online advertising is about to be fragmented in a big way….
http://thecolle...-fragmentation/
then CPA needs to increase it’s prices to reflect the market conditions. Right now, the publisher is the one who takes all the risk, and the compensation hardly covers it.
Users simply don’t like pulling out the credit card in this day and age, hell when I tried CPA, I sent 4,000 clicks in a month, that resulted in only a few dozen sales. CPA compensation needs to be high enough, so that those “few dozen sales” should generate the same amount of revenue as the 4,000 clicks. Until it does, CPA will remain the home of affiliate marketers pushing weight loss products.
+1
The publisher should take the risk, or there should be an itelligent CPA network that can switch out campaigns that optimize for your readership. You could have been sending 4 million clicks per month but if it wasn’t targeted it’s still worthless.
The lack of a network that can split test various affiliate offers is why weight loss and other performance based garbage is out there. Once a system is in place the FAIRLY compensates based on using a more targeted approach, then CPC will die.
why should the publisher take all the risk? Why should we give away free advertising to the CPA merchant to build their brand, without getting paid for it?
That 4 million clicks is not worthless, I don’t care if it’s targetted or not, if my users bothered enough to go see what the ad was about, then I did my job, it’s up to the merchant to capture that attention and divert it into sales. With a CPA model, publishers have to rely on the merchant having an optimized page. But the thing is, the merchant has no incentive to optimize it, because he isn’t paying anything for clicks, so for him, the getting more people to see his website is optimal, since he isn’t paying anything for it, and those people may come back in the future after the tracking expires, so he won’t have to pay anything.
CPA won’t replace CPC, because publishers won’t stand for getting screwed by the merchants. We are in control, we choose which advertising we choose to run, and we’ll go with the one option that nets us the most money. Until CPA starts compensating at the same overall rate as CPC noone in their right mind will switch.
The advertiser actually does have an incentive. It’s called conversions.. Those visitors are worthless to the advertiser as well if they aren’t converting into actual sales!
And as far as publishers “not putting up with” CPA advertising, it’s really not up to the publishers because the advertisers drive the market. Why would any sane advertiser who can have proven metrics opt for CPC unless they ended up paying out less for CPC in which case the publisher still loses.
“That 4 million clicks is not worthless, I don’t care if it’s targetted or not, if my users bothered enough to go see what the ad was about, then I did my job, it’s up to the merchant to capture that attention and divert it into sales.”
100% bunk. If you sent 4 million peta members to Omaha Steaks, you haven’t done your job.
Fraud through CPA networks is getting ridiculous now, as well. Not that easy to catch when fraudsters from China use stolen credit cards, that usually only get caught once commission has been paid + the merchant gets hit with a chargeback. Lead gen fraud is also a huge problem.
Chargebacks is the same problem any business has and that hits at a larger issue. Lead generation is definitely the hardest to scrub from to increase quality. I would have to guess that lead generation however (given it’s usualy geographical limitation) will rely more on performance based local relationships rather than mass market.
Chargebacks also cost the merchant $25 a pop in processor fees. 1000 chargebacks discovered 30 days later could kill a small company.
This is amazing. Wow.
Erik, thanks for the post.
This is interesting, but what will be huge is when someone can better quantify (and prove their numbers) the amount of click fraud. When that happens, valuations for companies relying on ad revenues will suffer dramatically.
The click fraud sites are using proxy’s that are turned on anywhere to run this kind of fraud networks (Something that I haven’t seen reported anywhere before).
Back in Feb I was testing proxy settings on my hosted server and left proxy on for a day. Till this day I see requests trying to go through my server as proxy (all Click Fraud related requests) though proxy was on only for a day.
You can read some of the info here on my blog:
http://javaswam...urn-it-off.html
http://javaswam...with-proxy.html
I haven’t spend enough time to investigate this rouge behavior but its would be another interesting story.
this is why businesses will start moving to platforms like townable.com in the near future
I have to deal with this garbage all the time. Fortunately, a lot of the people who wrote the code behind the botnets are complete idiots, so they’ll do things like click ads on 600 sites from 600 ip addresses, but pass in the same session cookie with every request.
It’s a lot easier when you have a network of 100000+ sites to harvest data from. The amount of click fraud coming out of china has been amazing these past 3 weeks. It’s an endless supply of mangled user agents, faked headers, “anonymous” proxies (lol, nice try).
We don’t have problems with other countries, but we kick around 10 people off our platform every week for click fraud, and it’s ALWAYS* China.
*except that one dude in India who had 5 friends load a page and then click the same ad (not even different ads) over 100 times each. All in the same ip block. lulz
the russians are much better
I would think so also Silicon Valley Dropout.
I wonder if you can be arrested for click fraud though. All you are doing is clicking the ad.
and what about micro-click fraud? When you click on your own ads by hand maybe earning yourself fifty bucks per month.
I wouldn’t be surprised to see if click fraud ends up being in the same category as either defamation of property or theft. I can only hope that the market moves away from CPC before it comes to that though..
What about flat rate pricing? If a website gets X amount of traffic, and runs 10 ads in a slot, your ad will get X/10 impressions. Clicks are icing. How come more sites don’t just go flat rate?
Sites that go flat rate are typically large establishments doing inside sales with large brands. The big brands go for this because they have carefully monitored metrics in their back end to make sure the $ value is more than the flat rate they are paying.
The title says “Massive Chinese Operation”. Sorry, but “chinese operation” to any sensible person would imply a different meaning. I am sure, author knew it and used it just for a catchy headline. Shame on you!
i’m not sure we do understand — what does “chinese operation” mean in code?
There is no downside for spammers. If they get away with it, they get $. If they get caught, their ad network account is simply shut down, the money is not paid out and they move on to the next ad outlet.
Has this been factored into Google’s stock price?
The Chinese are pathetic thieves.
Leave a comment with real identity if you wanted to leave race-sensitive comment. Shame on you.
Anyhow, i think this is a great article. I think Erick uses “Massive Chinese Operation” literally mean this is an operation in china without any meaning of disrespect.
and the fact that china is just massive slipped into the spin,..
like prior the image of indains was always plural,..
now,. mention chinese to a westerner, they think exponential,..
now there is a flood awaiting n the other end the iron curtain,..
Marketing has created many bad things:
- The daily spam in your inbox
- The squeeze page
- The click fraud
Time to step up technology and use new methods for marketing.
Among many other things, that is why I believe they should pay for the time of displaying a given ad, not for bot clicks. Still, this is pretty much impressive.
Unfortunately you’ll see this pattern in developing nations. Don’t advertise in China/India/Russia.
so click fraud originated from 3rd world countries, nothing to do with developed american.
No, it’s that Americans already tried the same things that are currently occurring in China, and most of them weren’t sneaky enough to not get caught, so they gave up.
The vast majority of the click fraud traffic I see at work is detectable, although the methods to detect it range in complexity. The main thing is only serve up ads via ajax requests, that kills a huge amount of poorly coded bots from the start. Second, once you verify “Anyone receiving an ad has javascript enabled”, do some tests when the ad is click. Record the width of the ad container when the ad is clicked. It’ll be zero on a bot that has a javascript interpreter attached to a text scraper.
The problem with a lot of the ad providers, is that unless they are providing you with javascript of their own, a lot of the potential give-aways can’t be detected secondhand (by the ad source). The opportunity to stop the junk lies primarily in the hands of the site displaying the ads, and frankly, most people don’t implement ‘deep’ checks because they’re scammers to begin with.
The upside is, if you are on the ball and able to destroy most of the junk traffic, you end up with a high quality score from the provider, and then you get access to the high-paying ads, the ones that you can’t really trust most people with.
People would laugh if they understood how much time I put into making sure people -don’t- see out ads.
what do you do JT? who do you do it for (if you don’t mind sharing)?
I am willing to wager that this has more of a problem with content network (as compared to search engine traffic). Search engines mostly remove incentive for fraudulent clicks by individuals, since there is limited personal gain.
good article and something that’s increasingly problematic. Another phenomenon I’m increasingly observing is click/traffic discrepency. As an example, on a recent campaign google PPC indicated I had nearly 70% more clicks than I had visits to my site from Google PPC (as measured using google analytics).
-1
I suggest TC avoiding catchy title style like this. first of all TC is good enough without it; and look at inevitable racial sensitive comments it invites
Plot for next hollywood movie
Now if they would only figure out what’s going on with all the click fraud on Facebook, that would be great.
Looks like Dormring1 got to the comments section of this article…
Amazing, the chinese are getting sophisticated day by day, and you can be sure more sophisticated such networks exist in Pakistan and India
I think its silly people are complaining about the title of this post as if its something people could reasonable get offended over.
Its titled correctly.. the Chinese SUCK! I deal wit them daily unfortunately and they are 1. not creative 2. thiefs 3. will sell their mom for a buck 4. not able to conceptualize anything on their own, all they do is steal ideas from the western world.. I hope the country implodes on itself of the fucking commi country starts to get some control and hold some accountability on all the piece of shit business practices coming out of there..
The whole “making money online” concept is bullshit.
Why don’t you get a REAL JOB instead of pointing and clicking to earn an income. You are laughable.
Hahahaha!
This does not surprise me at all.
I recently wasted money on PPC with zero site hits. Previously I was told by Google that this was due to automated responses. If they knew that why did they charge me for clicks that lasted 0.1 seconds?
Why isn’t Analytics integated – so if you don’t get a site hit lasting longer than 0.1 seconds you don’t pay. PPH would be a better model for the future.
I also believe that if Google paid out all the money it owed via Adsense they would be bankrupt. Hundreds of millions of people are owed less than $10. They will never reach the $100 threshold – as their web site will disappear before they are ever paid.
Errm, People are wasting money on PPC with fraud clicks. Google and all major sites should do something to enable an fair internet marketing environment.
Errm, People are wasting money on PPC with fraud clicks. Google and all major sites should do something to enable an fair internet marketing environment.
well i had this thought.
if millions of google share holders click on google ads
their share price profits and they make money,
can anybody blame them?
this is probably another form of click fraud, that can not be controlled, there is a worm in the chain…
just brainstorming,
Google has a lot to answer for. I know they are only 1 player in this whole scenario. But honestly, they have collected more data on users, IP addresses, and other metrics… far more so than any click forensics company… so shouldn’t they be the leaders in stamping out this king of BS???
Seriously, google is taking everyone for a ride. They have a massive issue with clickfraud, and are not taking enough steps to reimburse customers for fraud that they have found, and they are not doing enough to prevent it in the first place.
Google is the new Microsoft. Oversized bullies that have become fat and complacent and no longer have anything worth contributing. The sooner that they are taken down a couple of pegs the better it will be for the online community.