ANALYSIS BRIEF – September 2012 IS YOUR BROWSER PUTTING YOU AT RISK? PART 2 – CLICK FRAUD Authors -‐ Francisco Artes, Stefan Frei, Ken Baylor, Jayendra Pathak, Bob Walder Overview 1The US online advertising market in 2011 was approximately $155 billion USD . Fraudsters utilize click fraud to deflect some of this money to them or to deplete their competitors marketing budgets. In the process, millions of consumer and corporate users are infected by malware as a byproduct of this war between ad buyers, ad publishers and fraudsters. Click fraud is a type of Internet crime that abuses pay-‐per-‐click online advertising for the purpose of generating a charge per click, of which the criminal is paid a percentage of the ad revenue. The effects of click fraud can be devastating for small business owners and very costly for big budget ad buyers. For individuals and enterprise users, the effects of click fraud itself are malignant, as click fraudsters fund many malware campaigns. These campaigns lead to multiple malware infections such as banking trojans that typically accompany each click fraud software installation. NSS Lab Findings: • Click fraud itself, causes minimal direct harm to the typical end user, as the ultimate target is the ad buyer. • Consumer and corporate users are infected by additional malware as a byproduct of click fraud installation. • Click fraud catch rates are Chrome 1.6%, Firefox 0.8%, Internet Explorer 96.6%, and Safari 0.7%. • Services are available that may help ad buyers identify click fraud. However, service contracts with ad 2 networks may contain clauses that restrict ad buyers’ ability to recover damages for click fraud. • The average lifespan of a click fraud URL was 32 hours with over 50% expiring within 54 hours. 1 http://www.marketingcharts.com/direct/internet-‐advertising-‐revenues-‐continue-‐growth-‐20257/ 2 https://www.google.com/intl/en_us/adwords/select/TCUSbilling0806.html Section 5.