Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Malware That Enables Traffic and Ad Fraud


Published on

Malware and botnets enable ad fraud by generating fake pageviews and video views.

  • Be the first to comment

Malware That Enables Traffic and Ad Fraud

  1. 1. Stats of Malware that Enables Ad Fraud Dr. Augustine Fou October 2013 -1- Augustine Fou
  2. 2. UPDATE: June 2013 Source: Google Safe Browsing Initiative -2- Augustine Fou
  3. 3. Network Block Analysis Source: -3- Augustine Fou
  4. 4. Phishing Sites – June 2012 Source: Google Safe Browsing Initiative -4- Augustine Fou
  5. 5. Infected Sites – June 2012 Drive by downloads install and run a variety of malicious programs, such as: Spyware to gather information like your banking credentials. Malware that uses your computer to send spam. -5- Source: Google Safe Browsing Initiative Augustine Fou
  6. 6. Attack Sites – June 2012 Attack sites are purposely built for distributing malware and try to avoid detection by services such as Safe Browsing. To do so, they adopt several techniques, such as rapidly changing their location through free web hosting, dynamic DNS records, and automated generation of new domain names. -6- Source: Google Safe Browsing Initiative Augustine Fou
  7. 7. What Bots Are Used For -7- Augustine Fou
  8. 8. Traffic Firehose Source: Alexa Source: Quantcast Legit human traffic does not change rapidly; but bot traffic (firehose) can be rapidly turned on or off and directed to other sites. -8- Augustine Fou
  9. 9. Fake Mobile Ad Traffic While “mobile” is more likely to be human, there is no guarantee! -9- Augustine Fou
  10. 10. Solving Captchas A captcha is difficult for most computers to solve because it distorts letters and numbers in unusual ways, says Vicarious co-founder Scott Phoenix. Humans use their powers of perception to see a "m and o" with a line through it and still read the word "morning." "We picked CAPTCHA to solve because it was explicitly designed to be impossible for computers to solve. If you're trying to build artificial intelligence, CAPTCHA a great test," Phoenix says. Source: Business Insider October 28, 2013 - 10 - Augustine Fou
  11. 11. Fraud Value Chain impressions clicks Networks of algo-generated content sites that attract free organic search traffic Botnets generate fake pageviews which produce ad impression “inventory” (get paid for CPM) leads Click farms generate fake clicks (get paid for CPC) sales Fake leads (get paid for CPL minus cost of filling out lead forms) Fake sales via affiliate revenue shares; money laundering, especially on digital goods/subscriptions - 11 - Augustine Fou
  12. 12. Related Articles Bad Guys Happily Rob Display Advertisers By: Augustine Fou, July 23, 2012 Everything Fake (Display Ad Fraud, Search Click Fraud) By: Augustine Fou, April 2013 Blacklisting vs Whitelisting By: Augustine Fou, October 2013 Fake Profiles on Facebook By: Augustine Fou, July 2013 How Display Ad Fraud Works By: Augustine Fou, May 2013 - 12 - Augustine Fou
  13. 13. Dr. Augustine Fou – Digital Consigliere “I advise clients on optimizing advertising across all channels. Using insights and fast-feedback loops from digital, we can not only target brand ads better, but we can shift towards more detailed measurement and ROI.” FORMER CHIEF DIGITAL OFFICER, HCG (OMNICOM) MCKINSEY CONSULTANT CLIENT SIDE / AGENCY SIDE EXPERIENCE PROFESSOR AND COLUMNIST ENTREPRENEUR / SMALL BUSINESS OWNER PHD MATERIALS SCIENCE (MIT '95) AT AGE 23 ClickZ Articles: Slideshares: LinkedIn: - 13 - @acfou Augustine Fou