Comments on: Dissecting Clickbot.A

By: David Green

David Green — Thu, 12 May 2011 20:46:32 +0000

It appears Adsense believes one of our sites may have had a click-bomb attack of some kind (even though I feel the heavy trarffc could have also been legit involving a marketing or typo error by Bing search engine when they used my URL in their advertising). However, with that said, and even if invalid traffic is correct, why would Adsense issue a lifetime ban a good publisher (with an excellent record of not getting invalid traffic) and his 2,000 active websites plus 8 years longevity and confiscate all the hard-earned income, including the fully legitmite and undisputed revenues from all the sites not under scrutiny? We can’t talk to Adsense since they told us no more appeal or communicatios are allowed. Not a very nice way to treat someone who has given Google Adsense and its Adwords advertisers millions of dollars in business with no problems until now over all that time and all those sites!

By: Stuart

Stuart — Wed, 17 Oct 2007 13:37:21 +0000

Interesting paper, but it adds nothing to the discussion of bot nets or Clickbot.a in particular. Aside from repeated assertions that “all clicks had been detected by Google”, there is really nothing here to indicate that Google knew about this prior to Panda’s announcement, nor is there anything here to indicate how Google knew about a low level attack.

Clearly, the attack was on the adsense network as there is no financial incentive to defraud the search network (beyond competitive reasons which are unlikely to motivate a hacker).

The motivation and opportunity to defraud the content network on Google or any other content network remains. Fraud, therefore, will continue until the motivation is removed. Plain and simple.

By: William Gallahue

William Gallahue — Tue, 24 Apr 2007 19:57:14 +0000

Matt,

I have noticed a disturbing trend with a site I manage (which advertises some of the more expensive keywords in PPC). I believe a competitor is using bots to traffic google.com, click on our ads, and fill out our forms with information it is pulling from a yellow pages site. Furthermore since it traffics google.com and not a 3rd party site it appears legit and we cannot try and write up any kind of complaint.

After clicking to our site, they appear like genuine inquiries but when we check visit history we know they are a bot because they all exhibit a common behavior pattern on the site in terms of visit history.

I called an Ad rep and spoke to her at length about my problem but the best she could tell me was to submit logs and data and fill out an online form. Google doesn’t need to know my trade secrets and conversion data but I’m bleeding money.

As an expert 1) Have you heard of this? 2) How can I address this without disclosing trade secrets? (Google doesn’t share any of their click data so I see no reason to share mine)

By: Frederick Townes

Frederick Townes — Mon, 23 Apr 2007 14:08:10 +0000

Hi Matt, I was curious if you (or anyone else) knew of other companies besides Panda software that might be instrumental in click fraud detection and deterrence?

By: Wilson L. Chua

Wilson L. Chua — Tue, 17 Apr 2007 05:38:41 +0000

Interesting read. Now how about the scenario where a rival runs a click bot on another rival? This in effect forces a denial of adsense revenue from a site that had nothing to do (but was receiving revenue) as a result of the click bots?

The aim of the attacker was to force google to cancel or suspend the rival (victim/recipient of adsense clicks).

If you were the victim, how would you respond to this? How do you protect yourself against such an attack?

By: Richard Ball

Richard Ball — Tue, 17 Apr 2007 03:01:49 +0000

Hi Matt. While not quite a “fun” read, it was an interesting paper. This sentence, however, struck me as a little odd: “It is important to note that in a Clickbot.A-type attack, top-tier search engines would not pay miscreants directly.” Whether or not Google pays the “miscreants” directly, Google is culpable. Google (and Yahoo!) need to monitor and manage their syndication partners more effectively.

BTW, was the attack on the AdWords Search network or the Content network? Anybody know?

By: CPCcurmudgeon

CPCcurmudgeon — Tue, 17 Apr 2007 01:55:55 +0000

Robin,

These types of attacks have been occurring for years. You can find
out more information about botnets from Gadi Evron at the
securiteam.com site.

By: Jon Cram

Jon Cram — Mon, 16 Apr 2007 19:57:02 +0000

Tim: where are the JS clickbots? On pages you control? If yes, then it would be pretty straightforward to ‘detect’ them using PHP.

By: Tim Linden

Tim Linden — Mon, 16 Apr 2007 14:18:46 +0000

Is there any way to detect javascript clickbots? I run an advertising website (traffic exchange), and the trend now is to hide javascripts into pages that have paid to search portals on them. The javascript then has some way of making the visitor “click” on a random ad at random intervals. I haven’t seen it done on adsense yet, but since adsense isn’t allowed on traffic exchanges that would probably be why.. Any tips on finding them with a php script would be great, they are causing lots of havok for me..

By: Robin Allenson

Robin Allenson — Mon, 16 Apr 2007 11:14:13 +0000

Matt, Michael and Alan: thanks for the analysis and the commentary on the analysis. Fascinating stuff: for me it was a shock that click fraud was this sophisticated and that the fraudsters were this cunning.