Spyware Still Cheating Merchants

Jamie found an interesting story about how Spyware is still on the move. It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things. It breaks down several common types of spyware and some analysis of each.

Spyware FP

The spyware on slashdot's servers allowed me to spy on this story and craft a 1st post with ample time to spare.

Ben Edelman, here

[bedelman]

I'm Ben Edelman, the author of the piece. I'm happy to answer any questions folks may have.

It would be particularly interesting to hear from merchants and by legit (non-spyware-using) affiliates who are ripped off by the practices I documented.

Re:Ben Edelman, here

[teknopurge]

I'm a merchant that has recently looked into many forms of online advertising, and these are my thoughts:

Sponsored-search advertising is a ripoff. Google makes the vast majority of their money this way and I take issue. We have run numerous campaigns and stopped due to the lack of quantification. Talking with other merchants, people are starting to get disgusted by the google/yahoo/ms advertising avenues. clickfraud is rampant and we end up paying for it. recently, every time google releases earnings i can't help but laugh. all it takes is for a adwords merchant to start a campaign and watch their traffic and usage for a month to see what is going on. my feeling is that there is no better solution for online advertising, so people feel the need to do _something_, so they will continue to pay because they feel it is better than nothing.

Re:Ben Edelman, here

[idesofmarch]

Which pop-up blocker did you find most effective?

Re:Ben Edelman, here

[Aladrin]

No offense, but isn't that the same as all other types of advertising? If you feel you are getting enough for your money, you buy the advertising. If you don't, you don't.

TV ads continue to be annoying and people are actively avoiding them now. Instead of making better commercials that don't annoy people, they just keep shelling out the money for the same old crap.

Radio, ditto.

Newspapers, magazines... Other than the sale ads and video game magazines (which are disappointing, because the ads rarely tell you anything the actual game), I don't think I've bothered to do more than glance at an ad in years.

How is 'sponsored-search advertising' any different?

And you say 'clickfraud is rampant.' ... Are you saying that you think Google is faking clicks? Or pays someone to? I can't see how anyone but Google would benefit from this. (I suppose the paranoid part of me says your competitor could be faking the clicks, to get rid of your ads... But that could have serious legal consequences.)

Re:Ben Edelman, here

[teknopurge]

I think google is aware of the problem and is taking a blind-eye to it. It makes sense in a way: if they put in more checks to deter clickfraud their revenue would be decimated. I'm not trying to be dramatic, but you can basically hand wave "advertising charges" away from people. Case-in-point, several people who are advertising affiliates for google have had large sums of $$$ that was due for payout frozen by google(http://forums.digitalpoint.com/). If this was isolated, I would discount it as maybe a few people were doing something shady google did not like. But when respected members that have been in the advertising business a long time start have their payouts frozen because they get into the thousands of dollars, I start wondering....

Re:Ben Edelman, here

[bignetbuy]

"No offense, but isn't that the same as all other types of advertising? If you feel you are getting enough for your money, you buy the advertising. If you don't, you don't."

From what I read, the merchants are paying for advertising results that they would have received for free. That, in turn, forces merchants to spend more money on advertising and ultimately results in higher prices for consumers.

Re:Ben Edelman, here

[aclarke]

And you say 'clickfraud is rampant.' ... Are you saying that you think Google is faking clicks? Or pays someone to? I can't see how anyone but Google would benefit from this. (I suppose the paranoid part of me says your competitor could be faking the clicks, to get rid of your ads... But that could have serious legal consequences.)

Click fraud can happen on Google's "content network". I just happen to be looking at one of my ads right now. In the last week, it's been shown 104 times on Google's pages. It's been shown 13,636 times on other pages using Google's Adsense. You know, the Google ads on other peoples' pages.

If I run a site and put Adsense on it, I get a percentage of Google's revenue for each ad clicked through from my site. Therefore, if I have more click-throughs, I get paid more. That's where click fraud comes in. The advertiser gets a higher bill due to more clicks, and Google pays the fraudulent Adsense operator a portion of the revenue.

You can opt out of your ads being shown on the content network, or even on certain sites. But as you can see from the numbers above, you'll be losing out on a HUGE percentage of your ad impressions. OTOH, in my experience the CTR off Google's sites is higher than the content network CTR, and quite possibly depending on what your product is, the people might be more qualified.

Re:Ben Edelman, here

[MttJocy]

Or like in my case (as a publisher) by a user who happens to disagree with the content of your site and decides the best way to deal with that is to attack the revenue stream that is funding your hosting costs.

In this case the attack worked, prior to the attack I was averaging around 1,000 clicks per month legitimately and thus gaining reasonable revenues which paid for hosting, domain registration and various other services (such as occasional professional design services to help with certain things I am less skilled at), until one evening there is an extremely strong worded scathing comment written by some anonymous user, the next morning I wake up to discover 1,896 clicks in one night which all originated from the same IP as that comment (thanks google for giving that info), my account by this point had been blocked.

I immediately contacted google, explained the situations, provided server logs and other relevant info re the comment and the massive amount of traffic generated by that IP during the night on my own site including raw server logs of this general traffic also. Google then provided me with their statistical information on clicks in that time period not raw data however which I can understand on privacy grounds (it would have included legitimate users also, I had removed data not relating to the suspect IP in my own logs I sent out of respect for my legitimate users who had committed no crime which is what this amounts to). Their representative even agreed that it was quite clear to them this was a case of a click fraud attack aimed at causing my disqualification, however they would not even consider reinstatement even under any kind of trial basis which eventually lead to me being forced to abandon the site on financial grounds not being able to find another system able to generate such reasonable revenues that covered the costs, with acceptable ad formats which were not overly obtrusive.

So to suggest they do not take click fraud serious is not something I can believe, with a one strike and you are out no questions asked policy irrespective of evidence proving the publishers innocence when any click fraud of any description is detected by their system resulting in a lifetime ban from the scheme seams to me like extremely stringent anti click fraud policies to me, too stringent in reality when clear evidence of innocence on the part of the publisher and evidence the fraud was actually an attack on the publisher and their funding mechanism for their website with the intention of making it impossible to keep the website online is beyond unreasonable.

Not to mention the $612.45 in legitimate click revenues they withheld and and dropped into their own coffers which is in itself wrong in my opinion especially when they themselves agree that the publisher was the victim of a targeted attack they should have at least had the decency to settle the account for all the legitimate clicks.

Spyware will become clean...

[Kjella]

It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things. ...the day Tony Soprano becomes a 'respectable businessman'. Crapware (my common term for deceotive adware, spyware, malware and whatever else "toolbars" and "helpers" and "assistants") couldn't get clean without going into legitimate advertising and shareware. And there the competition is solidly entrenched already, so all I want for them is to quietly die. They're a cancer to the computer industry and should be eradicated.

Serves them right?

[140Mandak262Jamuna]

These merchants, Netflix, Blockbuster and others signed with people with very low ethical standards. These spyware vendors install software without consent, fool people, irritate people with pop-ups etc. And these companies thought that is how they should get their customers. It should not surprise anyone, least of all these merchants, that the spyware vendors use every trick in the book and then some to cheat them and charge fees and commissions. Let them go bankrupt. Serves them right for providing food to these cockroaches.

Re:Serves them right?

[u-bend]

Sometimes when cleaning out a relative's totally infested PC, I think that most average computer users are so bovine in their approach to spyware, that they really don't mind all the automatic installation that goes on, as long as it doesn't interfere with the "just works" experience. In my experience, there's very little of the outrage that we feel about this stuff. It's frustrating really.

Re:Thats an interisting article.

Then you should read the article again.

The article described how, if you go to, e.g. Blockbuster's website and perform some action(such as signing up—they intend to pay legitimate advertisers who refer new customers), while having certain spyware installed, then Blockbuster is ripped off by having to pay an illegitimate advertiser, and the spyware makers benefit. You aren't affected directly in the slightest.

Pop-up blocker

[bedelman]

I don't have a strong view on pop-up blockers. I often use Google Toolbar. But in XP SP2, IE's internal pop-up blocker works fine too.

One key insight: Pop-up blockers don't stop spyware-originating pop-ups. Pop-up blockers stop pop-ups that load through a web browser, i.e. as a result of JavaScript code within pages users request. But pop-up blockers do nothing to stop full Windows programs (e.g. spyware) installed on users' computers.

Now google has a till option....

[simm1701]

I can see the ideal solution to this type of advertising fraud.

If I am running a site selling certain goods, then I don't really care how many hits I get, I'm bothered about how many sales I get.

Now if google can set up an adwords system for me that does not charge per click, but instead I use their payment system as a check out and grant them a commission on refered sales (as long as they can prove that the refereal was sent via a targetted ad in the current browser session would be my condition) then they can take say 5% of the sale (on top of their normal processing comission.

Then the problem comes down to trusting google to correctly report which sales on your site are actually directly from one of their adverts and not from their main search.... however its only one company, its a large and well known company so auditing it would be a lot easier than many of the smaller more dubious companies.

Re:Now google has a till option....

[Aladrin]

Don't forget the reverse is true as well: Google has to trust your company to only use the Google checkout. Phone, mail, email... There's plenty of opportunity to turn that customer away from Google's checkout without doing anything shady such as only sending 2/3 to Google and the other 1/3 to something else.

There are also plenty of people that aren't interested in Google's checkout at all, and would refuse this.

If there was a simple answer, this problem would not have existed for so long.

Capital S?

[LoudMusic]

Jamie found an interesting story about how S pyware is still on the move. It talks about how S pyware vendors are trying to clean up their image, but still doing fishy things. It breaks down several common types of spyware and some analysis of each. How does spyware earn a capital s? I don't understand.

Re:Capital S?

[AndrewM1]

It's a noun, being used to collectively refer to all Spyware programs.

From Wikipedia: "Common nouns may be capitalized when used as names for the entire class of such things." In this case, Spyware is being used as a name for an entire class of such programs, and is thus capitalized.

Re:Capital S?

[TheHawke]

spyware, adware, or malware of any kind does not deserve to be capitalized, nor do corporations, entities, or persons trying to destroy our ways of life.

I do not care if the grammar nazis give me a d-, I refuse to comply.

Maybe its time for a new name

Does anyone else find it funny that spyware is trying to clean up its image? Maybe they should start with the name. The very name SPY WARE isn't very clean. Maybe they should change their name to "used to spy now trying to decieve ware"

Here's a question or few for you

[Specks]

How would the merchants detect that Zango or other spyware makers have hijacked organic traffic or a legitimate affiliates cookie? If the software routs traffic through the spyware vendor's servers first then to the intended website how is a site like Netflix or Blockbuster going to tell if they don't get a chance to put a cookie there? Not to mention that a spyware vendor probably doesn't have the affiliate code in their name but probably a shell corporation or some other company. If companies like Netflix take action how bad do you think the shakeup will be for companies like Zango?

Re:Here's a question or few for you

[azrider]

Question:

How would the merchants detect that Zango or other spyware makers have hijacked organic traffic or a legitimate affiliates cookie?

Answer: By: 1: RTFA (and Mr. Edleman's reply to you question) 2: Duplicating his methodology. If you (as a merchant) find that the same thing is happening, contact the FTC (among others), as well as a competent (and hopefully trustworthy) attorney. It is your responsibility to ensure that your ad vendors are living up to their part of the bargain before paying them

Re:Thats an interisting article.

[Lockejaw]

Either Blockbuster/Netflix have advertising contracts with spyware companies (and I don't much want to do business with them), or they have no obligation to pay for any of these spyware-generated ads (and they aren't being forced to pay anything).

How to catch rule-breakers

[bedelman]

Specks, you're right that merchants generally won't be able to figure this out merely from inspecting users' traffic or web server log files.

Instead, in my experience, the only robust enforcement strategy is testing: Get copies of the spyware, browse the web on infected test PCs, and see what happens. If an affiliate's link is invoked wrongfully and unexpectedly, then investigate and take appropriate action.

Is this trivially easy? Well, no. But it's the only clear way forward. And arguably it's appropriate: Any merchant paying out $$$$$ of affiliate commissions ought to put forth reasonable effort to confirm who they're paying and what they're paying for. In few other contexts would a company have as many suppliesr, subject to as little vetting (ex ante) and supervision (ex post), as in Internet advertising.

Ewww

[Dachannien]

Part of the problem is that online advertising has for a long time essentially been one gigantic circle-jerk, and in these cases, the original advertisers end up cleaning up the mess. Companies pay other companies to source advertising, who pay other affiliate networks and other websites a pittance to carry the advertising. There are enough middle men to make one's head spin. The original advertisers end up having no idea who they're dealing with.

Less outsourcing, and contracts that demand less second-degree outsourcing, would help the advertisers tremendously. I doubt that it would do much for the spyware victims, though, because there'll always be another scam right around the corner.

Yes, it is frustrating.

[140Mandak262Jamuna]

I have tried to explain to my relatives and friends, with "real world" analogies. Like, "OK, the cable company says just leave the door unlocked, that way our tech can get in and install your new cable box and you dont have to house sit. Will you agree? Wont you feel outraged if all the merchants in town walk into your living room and paste their advertisement on your wall? Yes, security will entail some inconvences like staying at home and letting in the technician. But you would not leave the home unlocked, would you?"

The usual responses are that "You are exaggerating the dangers", and "I have nothing of value for anyone to steal in my computer" or "it is too complex to lock the machine down" or "I dont know how to lock the machine down" or "there are millions of people who dont lock their machine down, are they all fools and are you the only smart guy out there".

Their file sharing stops working. They call the tech. Some cousin of me from India walks them step-by-step to turn off the firewall in the router so that "he can come in and fix it", turns off the firewall in the machine, turns on remote assistance, fixes something and leaves. For the tech guy the metric is "minutes to solve the problem". Staying on line to turn back all the firewalls and turning off remote-assistances "does not pay". The machine gets pwend even before he is done and he recommends wiping the hard disk and restoring, wiping out everything the customer had in the disk.

It is a torture to be the one-eyed man in the land of the blind.

Re:Thats an interisting article.

[Wicked+Zen]

Then you didn't understand it. Blockbuster/Netflix isn't installing the spyware. They are the ones being robbed because of spyware you already have on your computer.

After working at a free newspaper for some time...

[erroneus]

...I arrived at the unshakeable conclusion that people in marketing businesses are relentless assholes who can only see things with dollar signs and care nothing about collateral damage they may cause. You can apply this to printed free papers who often litter the streets of many urban and suburban neighborhoods with their distribution boxes and papers flying through the air. You can apply this to spammers who are still convinced among themselves that they are not bad people and only annoy people a little. Just about anywhere there are marketing people, you will see them pushing over the edge of what is acceptable practices and behavior... not every marketer is like this, but the "successful" ones are definitely of that breed.

Re:Thats an interisting article.

[Lockejaw]

Blockbuster/Netflix isn't installing the spyware.

No, they didn't, but they're paying to advertise via spyware.

Re:Thats an interisting article.

[raju1kabir]

How can Higaran's idiotic response be moderated "Insightful"? He managed to read a very clear article and come away with an interpretation that was almost completely the opposite of what it said. It does provide some insight into the sorry state of education these days, but definitely not into the topic of this post.

There is no spyware on the Blockbuster or Netflix websites.

There is spyware that may get loaded onto your computer by companies like Zango, which then intercepts your visits to Blockbuster/Netflix, and inserts a cookie that scams Blockbuster/Netflix out of commission $$.