Monday, July 28, 2008

Click Fraud, Botnets and Parked Domains - All Inclusive

It gets very ugly when someone owns both, the botnet, and the portfolio of parked domains actively participating in PPC (pay per click) advertising programs, where the junk content, or the typosquatted domain names is aiming to attract high value and expensive keywords in order for the scammer to year higher on per click percentage. This is among the very latest tactics applied by those engaging in click fraud. Hypothetically, the cost to rent the botnet and commit click fraud would be cheaper than sharing revenue on per click basis with "human clickers" who earn money based on how many ads they click given a set of scammer's owned sites, where the customer supports represents a DIY proxy switching application changing their IP on the fly.



Click Forensics's recent Q2 2008 report indicates that botnets were responsible for over 25% of all click fraud activity they were monitoring during Q2. Not surprising, given that botnets have long been observed to commit blick fraud, using a common traffic exchange scheme. What's new is the use and abuse of parked domains :



"Despite indication that some of the clicks from parked domains were invalid, Google failed to disclose to the plaintiff specific domain names in which these ads were clicked on, making detection of invalid clicks difficult and even worse concealing any evidence of invalid clicks," the lawsuit alleges. RK West eventually went through its server logs and discovered the source of the clicks, said Alfredo Torrijos, one of the company's attorneys."



Cybersquatting security vendors in order to improve the chances of attracting high-valued keywords to later on commit click fraud on the parked domains, now showing relevant security ads, is nothing new. The trend has been pretty evident for a while, with cybersquatting increasing on an yearly basis according to multiple sources :



"Rise in pay-per-click advertising where cybersquatters link the domain name they have registered with a website containing ads promoting a variety of competing brands.  The cybersquatter receives money every time internet users access this website and click on one of the ads."



However, the "internet users who are supposed to click on one of the ads on the parked domains owned by the scammers" will get clicked by a botnet owned or cost-effectively rented by the scammer. Here's a sample of currently parked domains attracting Symantec ads :



symentec .com

symantek .com

symanteck .com

symantac .com

symantaec .com

symantic .com

symmantec .com

symanntec .com

ssymantec .com

symanthec .com

symanzec .com

symanttec .com

sjmantec .com

saimantec .com

seymantec .com

symanrec .com

symantrc .com

symantwc .com

aymantec .com

dymantec .com

sxmantec .com

symantex .com

symantev .com

symabtec .com

symamtec .com

synantec .com

stmantec .com

symanyec .com

sumantec .com

symant3c .com

syman5ec .com

wwwsymantec .com

symanteccom .com

ymantec .com

syantec .com

symntec .com

symanec .com

symantc .com

symante .com

symattec .com

symantcc .com

syman-tec .com

syymantec .com

symaantec .com

symanteec .com

symantecc .com

ysmantec .com

syamntec .com

symnatec .com

symatnec .com

symanetc .com

symantce .com




As well as recent sample brandjacking Kaspersky :

kespersky .com

kasparsky .com

kaspaersky .com

kaspasky .com

kasperscky .com

gaspersky .com

kasbersky .com

kasppersky .com

kasperrsky .com

kasperssky .com

kasperskj .com

kasperskey .com

kaapersky .com

kasperaky .com

kasperdky .com

laspersky .com

kaspersly .com

kasperskt .com

kaspersku .com

kasp3rsky .com

kaspe4sky .com

kas0ersky .com

wwwkasperskycom .com

wwwkaspersky .com

kasperskycom .com

aspersky .com

kspersky .com

kasersky .com

kaspesky .com   

kaspersy .com

kaspersk .com

kappersky .com

kaspessky .com

kas-persky .com

kasp-ersky .com

kasper-sky .com

kasperskyy .com

akspersky .com

ksapersky .com

kapsersky .com

kaseprsky .com

kaspesrky .com   

kaspersyk .com

kaspersky24 .com

kasperskyonline .com

kaspersky-online .com




What's most disturbing is that instead of having cybersquatting taken care take of a long time ago, so that scammers would need to emphasize on the junk content in order to attract the relevant ads on the bogus domains, cybersquatting still does the magic by including the targeted word in the domain name itself, so that no junk content generation courtesy of a blackhat SEO tool is needed.



Related posts:

Cybersquatting Security Vendors for Fraudulent Purposes

Cybersquatting Symantec's Norton AntiVirus

The State of Typosquatting - 2007

No comments:

Post a Comment