Botnets Tied to Increase in Click Fraud

A report by Click Forensics links a growing amount of click fraud to botnets. The increase in botnet-related activity follows an overall upsurge in click fraud in the third quarter of 2009.

New research from Click Forensics shows botnets are playing a growing role in the spread of click fraud.

Click fraud is a scheme when a person, automated script or computer program mimics a legitimate user clicking on an online ad in order to profit from a pay-per-click arrangement.

According to the firm, which tracks click fraud data, botnets accounted for 42.6 percent of all click fraud in the third quarter of 2009. The increase is more than double what it was two years ago, and is up from 27.5 percent during the same quarter last year.

"One of the changes we've seen is how botnets are being used for more than just phishing...botnets are becoming more sophisticated in how they commit click fraud," said Paul Pellman, CEO of Click Forensics. "Before many were just taking control of PCs and having them automatically click on ads to generate money for the botnet. In the case of the Bahama botnet, the program is also taking over a user's natural searches in order to make them look like a real search queries. This is more difficult to detect because the search is a "real one" not a robotic click."

Among these botnets is -Bahama', which was observed redirecting traffic through 200,000 parked domains located in the Bahamas. The botnet hijacks natural search queries and employs automated clicking to mask itself as a legitimate source of search advertising traffic. According to Click Forensics, the endgame is to steal from advertisers and search engines.

After analyzing Bahama, Click Forensics found a link between the botnet and the recent display ad scareware incident, and traced the source of the attack back to the Ukrainian Fan Club - a group Click Forensics referred to as known online fraudsters.

While some of the botnets are using automated clicking programs to commit fraud, others are employing more sophisticated methods, Pellman said.

"The Bahama botnet is one of the biggest ones we've seen committing click fraud from a volume perspective," he said. "We regularly track many other botnets aimed at perpetrating click fraud but we haven't called them out just yet."

The greatest volume of click fraud came in countries outside North America , specifically the U.K., Vietnam and Germany, respectively. The overall industry average click fraud rate was 14.1 percent, up from 12.7 percent for the second quarter of the year and down from the 16 percent rate reported for the third quarter of 2008.