Botnets Blamed For Increase In Click Fraud

A new report has accused botnets of being behind the rise in click fraud, where automated scripts or computer programs mimicks a legitimate user by clicking on an online advert

The growing amount of click fraud has been linked to botnets, according to a new report by Click Forensics.

It found that the increase in botnet-related activity follows an overall upsurge in click fraud in the third quarter of 2009.

Click fraud is a scheme when a person, automated script or computer program mimicks a legitimate user clicking on an online ad in order to profit from a pay-per-click arrangement.

According to the firm, which tracks click fraud data, botnets accounted for 42.6 percent of all click fraud in the third quarter of 2009. The increase is more than double what it was two years ago, and is up from 27.5 percent during the same quarter last year.

“One of the changes we’ve seen is how botnets are being used for more than just phishing…botnets are becoming more sophisticated in how they commit click fraud,” said Paul Pellman, CEO of Click Forensics. “Before many were just taking control of PCs and having them automatically click on ads to generate money for the botnet. In the case of the Bahama botnet, the program is also taking over a user’s natural searches in order to make them look like a real search queries. This is more difficult to detect because the search is a “real one” not a robotic click.”

Among these botnets is ‘Bahama’, which was observed redirecting traffic through 200,000 parked domains located in the Bahamas. The botnet hijacks natural search queries and employs automated clicking to mask itself as a legitimate source of search advertising traffic. According to Click Forensics, the endgame is to steal from advertisers and search engines.

After analysing Bahama, Click Forensics found a link between the botnet and the recent NYTimes.com display ad scareware incident, and traced the source of the attack back to the Ukrainian Fan Club – a group Click Forensics referred to as known online fraudsters.

While some of the botnets are using automated clicking programs to commit fraud, others are employing more sophisticated methods, Pellman said.

“The Bahama botnet is one of the biggest ones we’ve seen committing click fraud from a volume perspective,” he said. “We regularly track many other botnets aimed at perpetrating click fraud but we haven’t called them out just yet.”

The greatest volume of click fraud came in countries outside North America, specifically the UK, Vietnam and Germany, respectively. The overall industry average click fraud rate was 14.1 percent, up from 12.7 percent for the second quarter of the year and down from the 16 percent rate reported for the third quarter of 2008.