We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

Christopher Mims

A View from Christopher Mims

A Web Scam That Makes $500,000 a Month

A computer scientist discovers a scam that skims such a tiny amount from so many sources that no one has much incentive to shut it down.

  • March 21, 2011

A team of experts has uncovered an elaborate, even elegant, scheme to automate click-fraud in a way that allowed its perpetrator to carry on undetected for months. One of the experts involved in the investigation believes that subsequent versions of this scheme might escape notice simply because no one has much incentive to pursue it, even though it appears to have netted its perpetrator millions of dollars.

Click fraud is nothing new: Scammers use computers or actual human beings to click on ads on websites they own in order to collect revenue from advertisers. But the new scheme, outlined in an article in the Wall Street Journal, was built by someone who took elaborate measures to hide its fraudulent nature.

The scheme was uncovered by AdSafe, a company that helps brand advertisers make sure their ads aren’t appearing next to inappropriate content, such as porn or hate speech.

The mystery began when engineers at AdSafe noticed that sites monitored by their service that normally have totally innocuous content began to be classified as porn. What followed is laid out in elaborate detail on the blog of one of the computer scientists who worked on the team that uncovered the fraud, Panos Ipeirotis.

Through a substantial amount of sleuthing, the team eventually realized that a particular porn website, one which gets up to one million unique visitors a month, was loading innocuous domains in tiny iframes within its browser window. These sites had names like “baldnesshealth.com” and “carecouples.com.” These parked domains hosted the ads that were automatically clicked, in the background, without the user even knowing it.

The result is what Iperotis calls “traffic laundering” – advertisers receiving traffic from the innocuous parked domains who check their referrer logs saw only innocent-sounding domains. What’s more, the traffic even looked like “real” traffic in terms of its location and frequency, because the fraud was only occurring as long as users were on the porn site at the hub of this scheme.

The craziest part of this entire fraud, aside from the fact that, according to Ipeirotis’s calculations, it netted its perpetrator between $50,000 and $700,000 a month, is that the fraud was spread across so many different sites and brand advertisers that no single one of them had much incentive to pursue or even notice the fake clicks.

Do the big brands care about this type of fraud? Not really. Yes, they pay for some “invisible impressions”. […] In any case, compared to their overall marketing budget, this is peanuts.


Note also that the fraudster does not target a single publisher, does not target a single advertiser. The damage is amortized so nicely that nobody feels that it is a big deal. A mastery of the long tail.

Iperotis argues that whoever concocted this scheme intentionally or unintentionally involves the non-fraudulent players in such a way that they might actually have a disincentive to pursue it. For example, a big brand advertiser might not pursue the fraud because they would not want their brand to be associated with an investigation of it – it’s just bad PR.

The guy essentially realized that this type of fraud is really behaving like a parasite within a much bigger ecosystem. And it is a parasite that is so costly to remove that it makes sense to leave it there. As long as the parasite does not annoy the host too much, things will be fine.

Fortunately, according to the Wall Street Journal, the FBI has been notified.

Follow Mims on Twitter or contact him via email.

Learn from the humans leading the way in intelligent machines at EmTech Next. Register Today!
June 11-12, 2019
Cambridge, MA

Register now
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Print Subscription.
  • Print Subscription {! insider.prices.print_only !}*

    {! insider.display.menuOptionsLabel !}

    Six print issues per year plus The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Print magazine (6 bi-monthly issues)

    The Download: newsletter delivery each weekday to your inbox

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.