Malware Driven Banner Ad Attacks Rising
While fake cost-per-click rates declined in the fourth quarter, a new form of impression inflation has emerged, finds online advertising audit firm.
The number of online advertising campaign clicks that were fake -- known as "click fraud" -- declined in the fourth quarter of 2010 to 19.1%, compared with 22.3% in the third quarter of 2010. While that's an improvement, overall click fraud levels are still higher than the rate of 15.3% seen just one year ago.
Those findings come from Click Forensics, which tracks the quality of online advertising campaigns by researching who -- or what -- is clicking on links. To do that, it studies advertising traffic as it flows over a variety of Web sites, including search engines, shopping engines, online publishers, and social networks.
More Security Insights
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Getting a Grip on Mobile Malware
- Solving Today's Toughest Mainframe Security Challenges
- Organizations Remain Unprepared for DDoS Attacks
According to Click Forensics, the greatest volume of click fraud is occurring in North America, followed by Japan, the Netherlands, Philippines, Sweden, and France.
For organizations that buy or sell cost per click (CPC) advertising, click quality is a big concern. Hence the recent -- at least in the short term -- decline in click fraud is good news. But it may not last, said Paul Pellman, CEO of Click Forensics. "While the overall click fraud rate dropped last quarter for CPC advertising, we saw the emergence of new schemes focused on display advertisements. We are investigating the malware-driven attacks in more detail, but early evidence points to an impression inflation scheme."
This particular scheme uses malware to target banner advertisements. According to Click Forensics, "the sophisticated program performs a pop-up or pop-under and rotates brand advertisers' banner ads every 10 to 15 minutes." Malware may then surreptitiously click the banner ads, thus generating impressions and CPC revenue for attackers, via affiliate advertising networks.
Online attackers are always seeking innovative ways to monetize their attack capabilities, and click fraud has become a tried-and-true technique, at least for botnet operators. By making compromised -- aka zombie -- PCs click on links, criminals can turn their malicious code into a moneymaking venture.
For example, according to a November 2010 study from Information Warfare Monitor, written by security researcher Nart Villeneuve, "through the use of pay-per-click and pay-per-install affiliate programs and forcing compromised computers to install malicious software and engage in click fraud, the Koobface operators earned over $2 million between June 2009 and June 2010."
Cutting-edge attacks like Stuxnet and Zeus will be the everyday exploits of the future. Here's what you need to know. That and more--including five best practices to improve the budgeting process for security spending--in the debut all-digital issue of Dark Reading. Download the issue now (free registration required).