Slashdot Mirror
Man Accused of Attempting to Extort Google
sandalwood writes "A programmer has been arrested on charges of attempting to "threaten Google with a software program he devised that creates phony clicks on pop-up advertisements delivered by Google. Google pays Web site publishers companies a certain amount for legitimate hits on those ads, but Bradley created a method that generates false clicks that appeared to be real Internet traffic, which would have repeatedly defrauded Google... Bradley contacted Google in early March, informing company officials that he had created the program and wanted $100,000 to keep him from selling it to spammers, according to an affidavit by a U.S. Secret Service agent." A harbinger of organized crime to come? That's a real nice website you have here... a shame if anything were to happen to it..."
actually this will not work. Google use statistical data to stop the user from doing this. It will almost have to be a DDOS attack (i.e. have thousands of IP addresses click on the AD) to pull this off. In that case it would be much easier just to DDOS the website of your competitor. Just like what happened to SCO.com
Consensus is good, but informed dictatorship is better
Ironically, while that exact search does actually come up with 0 results, there are 5 'sponsored links' offering 'Secrets behind AdWords', 'Create AdWords Cash' and so on...
That's why the article mentions spammers. The (old) trick works by sending out spam that generates a click-through when someone opens the email. (Or previews it in LookOut.) That way it comes from a whole bunch of IP addresses of people dumb enough to allow HTML script to run in their email.
One line blog. I hear that they're called Twitters now.
* Google does not pay website owners for AdWords. The owners pay Google to for advertising space on Google. /. uses it sometimes as well.
Not true. You can use their adsense program. I think
http://www.google.com/services/ http://www.google.com/adsense
If I'm actually looking to buy something, and I see an ad that is *relevant*, sure I'll click on it. We advertise heavily on AdWords ourselves and get a phenomenal amount of traffic on them, with click-throughs over 25% on certain keyword combinations.
Google does not pay website owners for AdWords. The owners pay Google to for advertising space on Google.
Google does pay website owners for displaying adwords, in its adsense program.
The problem with the guys attempted extortion is that google charges advertisers more then it pays out on the adds, and as such this guys program, if sucessful, still makes google a buck. That said the amount advertisers pay on adds is determined by a number of criteria such as CTR (which is why googles adds are generally of good quality; better, more relevant, and therefore more clickable adds can be put in top positions for less then irrelevant adds) and as such something of this nature could potentially really screw up advertising related statistics and revenue for google.
How do I keep track of people who are fingering
Yep, too late--some damned fool already posted about that trick to news.admin.net-abuse.email back in May of 2001. D'OH! :^)
One line blog. I hear that they're called Twitters now.
There is a valid methods for doing this. I know more than one, orginally I was going to post it, but greedy slimy business men might read this and get a programmer to write it. A little unknown fact, right from a GOOGLE engineer, and I quote "We DO NOT check for spam clicking". Guys, THIS IS ALREADY BEING DONE. THIS is not new news. I Hope the FBI does their job and get the a--holes that are doing. Google is not the ONLY victim, Looksmart, overture ( yes overture, i know about the split servers to prevent double clicking, might want to try a more elegant solution) . While this is not rampant, it is being done in HIGHLY competive spaces. I know for a fact these devices are in place.
Google, and the other search engines know about this, and done very little to stop mass clicking.
This costs the small companies a lot of cash, because you will have bigger enties running a software application and bringing up their PPC costs. Plus the fact, most smaller companies are not as indept in PPC marketing.
Sincerly,
Anonymous Coward
That 25% is only on a few very specific search phrases, but we honestly do get that high on those phrases. The reason is that for those phrases we are more relevant than the actual search results *in our geographic area*.
We get 10%+ click-through on the most completely generic term for the site. It could possibly be higher, but we also rank first in the normal search results for that term, if you limit your search to one particular country or use the country name as part of the search. Being able to limit AdWords to individual countries is one of the great things about Google - Overture isn't half as good in this regard.
Our *average* click-through over all phrases is much lower, at 3%, largely because with a lot of the other product words we use, people *would* be just searching for information on the product, rather than with a view to purchase. We could raise the click-through by only displaying ad if the search term included words such as 'buy', 'purchase', etc. but 3% is well above Google's cut-off and we aren't paying for the extra impressions, only the clicks, so this suits us fine. We still rank first on most of these search terms (e.g. competing AdWords are seen as less relevant).
Here is summary of my recent experience with Overture's Click Protection program. Overture e-mail responses are almost unbelievable.
As a more common example, take PGP. PGP uses a well known algorithm, but that does not make PGP insecure. Even if you steal a person's private key - you can only compromise their date, other PGP users are safe.
Security through obscurity is when a system is only secure if its workings/algorithms remain secret. For any system that is to be distributed outside of a controlled environment this is a very bad idea, as it's almost guaranteed that someone will crack it.