Cyber Security:

Click Fraud

The majority of modern malware has been designed with malicious intent; to cause damage to a computer's operating system or its data, or to steal information from a user, but increasingly, it is designed to steal from online advertisers.

Many large websites rely on advertising for their revenue.

The amount of money spent on online advertising is growing rapidly. In 2021, digital advertising spending in the United Kingdom (UK) amounted to 23.47 billion British pounds.

Advertisers like to use online advertising because it can be relatively cheap compared to a printed advertisement and because software allows for individuals to be targeted with specific adverts for products they are likely to buy.

The most common type of advertising is 'pay per click' where advertisers only pay the owners of a site when a user clicks on an advert.

However, this system can be subverted by either generating clicks that don't come from genuine customers, or by hijacking a click intended for a genuine advertiser. This is known as click fraud, and it accounts for more than 20% of all 'clicks'. Malware allows for it to be done on an industrial scale.

Click fraud is a massive problem, stealing tens of billions of dollars from advertisers every year. The fraudsters responsible for this crime include tech-savvy website owners, trans-national organized crime gangs, and even Nasdaq-listed multinationals.

Click Fraud Methods

There are two frequently used modes of click fraud – and both can use botnets to generate the clicks.

Clicking on targeted company ads on genuine sites to waste their advertising revenue.The perpetrator doesn't collect any income - but frustrates a rival.

The criminal sets up many hundreds or thousands of websites, often just copying other website content. They then sign up for advertising e.g. Adsense with Google or Microsoft Ads by requesting a "publisher advertising account". Publisher advertising accounts enable the fraudsters to place other companies' ads on their websites, with small fees earned every time the ads are clicked.

Then they commission a botnet made up of "bots" (malware pretending to be human operators that has infected users who have at some time 'clicked' to download the malware, and send them instructions to click on the ads on their sites thousands of times per day).

For each of these clicks, the advertisers pay money to the ad networks, which are then shared with the criminals. An individual click will only raise a tiny amount of money, but, done millions of times, click fraud can raise serious amounts of money for the criminals.

Computers all around the world, operating as a botnet, generating false clicks, siphon money from advertisers through multiple layers of publishers and redistributors to hide its eventual destination.

In 2011, the FBI broke a click fraud operation based in Estonia that had infected more than four million computers in 100 countries and stolen in excess of $14 million from advertisers.

In 2016, a Russian criminal group created 6,000 websites with over 250,000 pages containing video advertising. Their bot network 'watched' over 300 million video ads each day. They were defrauding the advertisers of close to four million dollars a day.