Click fraud is a type of internet crime that occurs in pay per click online advertising when a person, automated script, or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating a charge per click without having actual interest in the target of the ad's link. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud. Internet crime is crime committed on the Internet, using the Internet and by means of the Internet. ... Pay per click, or PPC, is an advertising technique used on websites, especially search engines. ... Online advertising is advertising on the Internet. ... An example of a web browser (Internet Explorer), displaying the English Wikipedia main page. ... Cost Per Click or CPC (as it is often initialized to) is a phrase often used in online advertising and online marketing circles. ...

Use of a computer to commit this type of Internet fraud is a felony in many jurisdictions, for example as covered by Penal code 502 in California, USA, and the Computer Misuse Act 1990 in the United Kingdom. There have been arrests relating to click fraud with regard to malicious clicking in order to deplete a competitor's advertising budget. This article does not cite any references or sources. ... For the record label, see Felony Records The term felony is a term used in common law systems for very serious crimes, whereas misdemeanors are considered to be less serious offenses. ... Official language(s) English Capital Sacramento Largest city Los Angeles Area  Ranked 3rd  - Total 158,302 sq mi (410,000 km²)  - Width 250 miles (400 km)  - Length 770 miles (1,240 km)  - % water 4. ... The Computer Misuse Act 1990 is an Act of the UK Parliament. ...

Pay per click advertising

Main article: Pay per click

Pay per click advertising or PPC advertising is an arrangement in which webmasters (operators of web sites), acting as publishers, display clickable links from advertisers, in exchange for a charge per click. As this industry evolved, a number of advertising networks developed which acted as middlemen between these two groups (publishers and advertisers). Each time a (believed to be) valid web user clicks on an ad, the advertiser pays the advertising network, who in turn pays the publisher a share of this money. This revenue sharing system is seen as an incentive for click fraud. Pay per click, or PPC, is an advertising technique used on websites, especially search engines. ... Pay per click, or PPC, is an advertising technique used on websites, especially search engines. ... Webmaster or Webmistress is a commonly used term that refers to the person or persons responsible for a specific website. ... Cost Per Click or CPC (as it is often initialized to) is a phrase often used in online advertising and online marketing circles. ...

The largest of the advertising networks, Google's AdWords/AdSense and Yahoo! Search Marketing, act in a dual role, since they are also publishers themselves (on their search engines). According to critics, this complex relationship may create a conflict of interest. For instance, Google loses money to undetected click fraud when it pays out to the publisher, but it makes more money when it collects fees from the advertiser. Because of the spread between what Google collects and what Google pays out, click fraud directly and invisibly profits Google. Google, Inc. ... A Google promotional graphic, highlighting AdWords AdWords is Googles flagship advertising product, and main source of revenue. ... AdSense is an ad serving program run by Google. ... Yahoo! Search Marketing (formerly Overture Services, Inc. ...

Non-contracting parties

A secondary source of click fraud is non-contracting parties, who are not part of any pay-per-click agreement. This type of fraud is even harder to police because perpetrators generally cannot be sued for breach of contract or charged criminally with fraud. Examples of non-contracting parties are:

• Competitors of advertisers: These parties may wish to harm a competitor who advertises in the same market by clicking on their ads. The perpetrators don't profit directly, but force advertiser to pay for irrelevant clicks thus weakening or eliminating a source of competition.
• Competitors of publishers: These persons may wish to frame a publisher. It is made to look like the publisher is clicking on its own ads. The advertising network may then terminate the relationship. Many publishers rely exclusively on revenue from advertising and can be put out of business by such an attack.
• Other malicious intent: As with vandalism, there's an array of motives for wishing to cause harm to either an advertiser or a publisher, even by people who have nothing to gain financially. Motives include political and personal vendettas. These cases are often the hardest to deal with, since it is hard to track down the culprit, and if found, there is little legal action that can be taken against them.
• Unwanted "friends" of the publisher: Sometimes upon learning a publisher profits from ads being clicked, a supporter of the publisher (like a fan, family member, or personal friend), will click on the ads to "help". However, this can backfire when the publisher (not the "friend") is accused of click fraud.

Advertising networks try to stop fraud by all parties, but often do not know which clicks are legitimate. Unlike fraud committed by the publisher, it is hard to know who should pay when past click fraud is found. Publishers resent having to pay refunds for something that is not their fault. However, advertisers are adamant that they should not have to pay for phony clicks. Vandalism is the conspicuous defacement or destruction of a structure, a symbol or anything else that goes against the will of the owner/governing body. ...

Organization

Click fraud can be as simple as one person starting a small web site, becoming a publisher of ads, and clicking on those ads to generate revenue. Often the number of clicks and their value is so small that the fraud goes undetected. Frequently publishers will claim small amounts of such clicking is an accident, which is often the case.

Much larger scale fraud also occurs. Those engaged in large scale fraud will often run scripts which simulate a human clicking on ads in web pages. However, huge numbers of clicks appearing to come from just one, or a small number of computers, or a single geographic area, look highly suspicious to the advertising network and advertisers. Clicks coming from a computer known to be that of a publisher also look suspicious to those watching for click fraud. A person attempting large scale fraud, alone in their home, stands a good chance of being caught. Scripting programming languages (commonly called scripting languages or script languages) are computer programming languages designed for scripting the operation of a computer. ...

One type of fraud that circumvents detection based on IP patterns is one that uses existing user traffic, turning this into clicks or impressions[1]. Such an attack can be camouflaged from users by using 0-size iframes to display advertisements that are programmatically retrieved using JavaScript. It could also be camouflaged from advertisers and portals by ensuring that so-called reverse spiders are presented with a legitimate page, while human visitors are presented with a page that commits click-fraud. The use of 0-size iframes and other techniques involving human visitors may also be combined with the use of incentivized traffic, where members of "Paid to Read" sites are paid small amounts of money (often a fraction of a cent) to visit a website and/or click on keywords and search results, sometimes hundreds or thousands of times every day[2]. A web crawler (also known as a Web spider or Web robot) is a program or automated script which browses the World Wide Web in a methodical, automated manner. ...

Organized crime can handle this by having many computers with their own Internet connections in different geographic locations. Often scripts fail to mimic true human behavior, so organized crime networks use Trojan code to turn the average person's machines into zombie computers and using sporadic redirects or DNS cache poisoning to turn the oblivious user's actions into actions generating revenue for the scammer. This article or section is not written in the formal tone expected of an encyclopedia article. ... A zombie computer (often abbreviated zombie) is a computer attached to the Internet that has been compromised by a security cracker, a computer virus, or a trojan horse. ... URL redirection, also called URL forwarding, domain redirection and domain forwarding, is a technique on the World Wide Web for making a web page available under many URLs. ... DNS cache poisoning is a technique that tricks a DNS server into believing it has received authentic information when, in reality, it has not. ...

Impression fraud is an insidious variant of click fraud in which the advertiser is penalized for having an unacceptably low click-through rate for a given keyword. This involves making numerous searches for a keyword but without clicking of the ad. Such ads are disabled automatically, enabling a competitor's lower-bid ad for the same keyword to continue while several high bidders (on the first page of the search results) have been eliminated. Click-through rate or CTR is a way of measuring the success of an online advertising campaign. ... A keyword in an Internet search is one of the words used to find matching web pages. ...

It is very difficult for advertisers, advertising networks, and authorities to pursue cases against networks of people spread around multiple countries.

Legal cases

Class action lawsuits

Disputes over the issue have resulted in a number of lawsuits. In one case, Google (acting as both an advertiser and advertising network) won a lawsuit against a Texas company called Auction Experts (acting as a publisher), which Google accused of paying people to click on ads that appeared on Auction Experts' site, costing advertisers $50,000[3]. Despite networks' efforts to stop it, publishers are suspicious of the motives of the advertising networks because the advertising network receives money for each click, even if it is fraudulent. It has been suggested that civil trial be merged into this article or section. ...

In July of 2005, Yahoo settled a class action lawsuit against it by plaintiffs alleging it did not do enough to prevent click fraud. Yahoo paid $4.5 million in legal bills for the plaintiffs, and agreed to settle advertiser claims dating back to 2004 [4]. In July of 2006, Google settled a similar suit for $90 million [5][6].

Michael Anthony Bradley

In 2004, California resident Michael Anthony Bradley created "Google Clique", a software program that he claimed could let spammers defraud Google out of millions of dollars in fraudulent clicks. Authorities said he was arrested while trying to blackmail Google for $150,000 to hand over the program, believed to be the first arrest for click fraud.[7] Google, Inc. ... For other uses, see Blackmail (disambiguation). ...

Charges were dropped without explanation on November 22, 2006; both the US Attorney's office and Google declined to comment. Business Week suggests that Google was unwilling to cooperate with the prosecution, as it would be forced to publicly disclose its click fraud detection techniques, and as it also makes money from fraudulent clicks.[8] November 22 is the 326th day (327th on leap years) of the year in the Gregorian calendar. ... For the Manfred Mann album, see 2006 (album). ... BusinessWeek is a business magazine published by McGraw-Hill. ...

Solutions

Proving click fraud can be very difficult, since it is hard to know who is behind a computer and what their intentions are. Often the best an advertising network can do is to identify which clicks are most likely fraudulent and not charge the account of the advertiser. Even more sophisticated means of detection are used, but none is foolproof.

The Tuzhilin report, produced as part of a click fraud lawsuit settlement, has a detailed and comprehensive discussion of these issues. In particular, it defines "the Fundamental Problem of invalid (fraudulent) clicks":

• "There is no conceptual definition of invalid clicks that can be operationalized [except for certain obviously clear cases]."

• "An operational definition cannot be fully disclosed to the general public because of the concerns that unethical users will take advantage of it, which may lead to a massive click fraud. However, if it is not disclosed, advertisers cannot verify or even dispute why they have been charged for certain clicks."

The pay-per-click industry is lobbying for tighter laws on the issue. Many hope to have laws that will cover those not bound by contracts.

A number of companies are developing viable solutions for click fraud identification and are developing intermediary relationships with advertising networks. Such solutions fall into two categories:

1. Forensic analysis of advertisers' web server log files.
   This analysis of the advertiser's web server data requires an in-depth look at the source and behavior of the traffic. As industry standard log files are used for the analysis, the data is verifiable by advertising networks. The problem with this approach is that it relies on the honesty of the middlemen in identifying fraud.
2. Third-party corroboration.
   Third parties offer web-based solutions that might involve placement of single-pixel images or Javascript on the advertiser's web pages and suitable tagging of the ads. The visitor may be presented with a cookie. Visitor information is then collected in a third-party data store and made available for download. The better offerings make it easy to highlight suspicious clicks and they show the reasons for such a conclusion. Since an advertiser's log files can be tampered with, their accompaniment with corroborating data from a third party forms a more convincing body of evidence to present to the advertising network. However, the problem with third-party solutions is that such solutions see only part of the traffic of the entire network. Hence, they can less likely identify patterns that span several advertisers. In addition, due to the limited amount of traffic they receive, when compared to middlemen, they can be overly or less aggressive when judging traffic to be fraud.

Click Fraud in Academia

The fact that the middlemen (search engines) have the upper hand in the operational definition of invalid clicks is the reason for the conflict of interest between advertisers and the middlemen, as described above. This is manifested in the Tuzhilin report as described above. The Tuzhilin report did not publicly define invalid clicks and did not describe the operational definitions in detail. Rather, it gave a high-level picture of the fraud detection system and argued that the operational definition of the search engine under investigations is "reasonable." One aim of the report was to preserve the privacy of the fraud detection system in order to maintain its effectiveness. This prompted some researchers to conduct public research on how the middlemen can fight click fraud. Since such research is presumably not tainted by market forces, there is hope that this research can be adopted to assess how rigorous a middleman is in detecting click fraud in future law cases. The fear that this research can expose the internal fraud detection system of middlemen still applies. However, it is less critical if this research identifies fraud control methods for every published fraud technique. An example of such research is that done by Ahmed Metwally, Divyakant Agrawal and Amr El Abbadi at UCSB. The University of California, Santa Barbara (UCSB) is a coeducational public university located in Santa Barbara County, California. ...

See also

• Clickbot.A

Clickbot. ...

References

• "The Lane’s Gifts v. Google Report, by Alexander Tuzhilin." Alexander Tuzhilin. Retrieved December 7, 2006.
• Metwally, Ahmed; Agrawal, Divyakant; El Abbadi, Amr (2007). "DETECTIVES: DETEcting Coalition hiT Inflation attacks in adVertising nEtworks Streams". Proceedings of the International WWW conference: 241-250, IW3C2. 
• Metwally, Ahmed; Agrawal, Divyakant; El Abbadi, Amr (2005). "Duplicate Detection in Click Streams". Proceedings of the International WWW conference: 12-21, IW3C2. 
• "Truth in advertising" The Economist, November 23, 2006.
• "Click Fraud: The dark side of online advertising." BusinessWeek. Retrieved October 2, 2006.
• "Badvertisements: Stealthy Click-Fraud with Unwitting Accessories." APWG eFraud conference, 2006. Retrieved October 2, 2006.
• "Web start-ups vie to detect 'click fraud'." Wall Street Journal Online. Retrieved June 10, 2005.
• "Vendors release click-fraud detection tools." eWeek. Retrieved March 4, 2005.
• "Click fraud roils search advertisers." CNet. Retrieved March 4, 2005.
• "Mice Attack: Internet scammers steal money with 'click fraud'." Newsweek. Retrieved January 18, 2005.
• "Google CFO: Fraud a Big Threat." CNN Money. Retrieved December 2, 2004.
• "Click Fraud PPC is getting out of control." eWorld PRWEB June 3, 2007
• "Click fraud threatens web." Wired News. Retrieved October 13, 2004.
• "How Click Fraud Could Swallow the Internet." Wired Magazine, issue 14.01 (January 2006). Retrieved December 29, 2005.
• "Click fraud fears growing for online advertisers." The Times. Retrieved February 2006
• "New Attacks and Defenses In Click-Fraud War." Datamation. Retrieved September 2004
• "Click Fraud: New Definition and Methodology to Assess Generic Traffic Quality."Web Analytics Association. Retrieved April 2007.