Botnet Click Fraud Problem Growing
Researchers who specialize in tracking the use of automated programs and other means to commit click fraud -- or the illegitimate inflation of online ad traffic for the purpose of boosting profits -- are pointing to the increased use of botnets by scammers seeking to line their pockets via ill-begotten trade.
Click Forensics, which has been reporting on click fraud data and trends for over four years now, released its figures for Q3 2009 this week. According to the latest figures, botnet-driven traffic accounted for 42.6 percent of all the empty ad traffic between the beginning of July and the end of September 2009.
The results represents a significant increase in such activity, more than doubling botnet-driven click fraud compared to the same period in 2007 and gaining from the 27.5 percent reported for the same quarter in 2008.
Researchers with the company recently issued a report on the use of a sophisticated new click fraud botnet, dubbed Bahama, that is being used purposefully and strategically by scammers to boost their ad impressions and fleece referral networks for more cash.
Along with continued use of Bahama, the traffic patterns that Click Forensics tracked during Q3 across 300 different ad networks indicates that such use of zombie machines to inflate business is only becoming more prevalent and harder to nail down.
"The significant rise in botnet-generated click fraud lines up with recent findings of several well-known malware and online fraud tracking experts," said Paul Pellman, CEO of Click Forensics. "Botnets perpetrating click fraud and other online schemes continue to grow in number and sophistication."
However, despite the increased use of botnets to push click fraud, the overall rate of ad impressions considered to be illegitimate is not gaining rapidly.
Click Forensics reported that the overall industry average of click fraud rate was 14.1 percent during Q3, a smallish increase from the 12.7 percent reported for Q2 2009, and down from the 16.0 percent rate reported for Q3 2008.
In terms of geographic orientation, the countries outside North America producing the highest rates of click fraud in Q3 were the United Kingdom, Vietnam and Germany, respectively, the company said.
As we head into Q4 and the busiest season for online shopping and Internet use by those considered inexperienced users, click fraud will likely run rampant as scammers seek to tap into the increased attention, experts warned.
"Advertisers and ad providers need to be especially vigilant about such activity as we enter the competitive search marketing holiday season," said Pellman.
Follow eWeek Security Watch on Twitter at: eWeekSecWatch.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.