homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google AdSense
Forum Library, Charter, Moderators: incrediBILL & jatar k & martinibuster

Google AdSense Forum

Hacker put his adsense on my site for months
Do I contact Google first and leave evidence or put my adsense back?

 5:05 am on May 13, 2007 (gmt 0)

After doing a periodical check, I noticed an old domain of mine with low traffic has an adsense publisher code that isn't mine. I assume a hacker guessed the password to the admin page, and put his adsense code in banner management panel.

Should I leave it and contact adsense about this hacker, or edit it right away?



 5:36 am on May 13, 2007 (gmt 0)

After some digging, I found out the hacker is the previous domain owner ... very sad. Why would anyone risk banning his Adsense account for a few dollars?

I wonder if I can claim the revenue I lost.


 6:05 am on May 13, 2007 (gmt 0)

Personally, I would contact Adsense about it and let them know exactly what the story is. But then, I'm pretty open and transparent. Meantime, beef up the security - new password etc. and see if you've got logs going back to when it might have happened.


 6:36 am on May 13, 2007 (gmt 0)

And take a screen shot of all of it...especially their adsense code.


 6:39 am on May 13, 2007 (gmt 0)

reading back over the thread I can't help but wonder that when you cleaned up the page (from PREVIOUS OWNER) it wasn't something you forgot to remove?



 7:22 am on May 13, 2007 (gmt 0)

Nope, I did put my code as soon as I bought the site. I looked in my adsense logs and it seems he replaced my code with his sometime in February. I can see a complete stop of page impression on some channels.


 7:29 am on May 13, 2007 (gmt 0)

Document ALL of that and get it to them. That was a very dirty thing to do, so cover yourself well - including screenshots, as ann said.


 8:00 am on May 13, 2007 (gmt 0)

I don't really know what to take screenshots of so I simply left his adsense code run and explained the situation to Google. I took note of his publisher ID code and the date of my page impression decline when he replaced it with his code. I'm sure they know when he put his adsense back.

Does anyone know what measures will Adsense take in this situation? Will I be compensated? Will he have his account banned?


 8:08 am on May 13, 2007 (gmt 0)

Just throwing a spanner in the works a bit - how would adsense know that you didn't have an agreement with the ex owner to run some adsense ads on the site? It will be difficult to prove. After hearing adsenses response to this - I would then get legal advice and get a letter sent to the ex owner - have a calculation of estimated loss of earnings - and send him a bill.

Secondly - I have a felling something similar has occurred before - I think if you read back a few months there was a similar thread - perhaps you could contact the OP and ses what the outcome was. I'm pretty sure they didn't get any short change out of adsense - but perhaps the other party got a ban. Let us know.


 9:10 am on May 13, 2007 (gmt 0)

First of all.. you need to change your password for the hosting account. And if the hosting account is from the original owner, you need to change hosting ASAP.

When Google bans this guy, which they may well do, you may wake up and find the whole site deleted. If he had access to change the Adsense code he has access to change or remove anything he wants.

I would have secured my position and then contacted the original owner for a claim of two or three times my estimated loss of earnings - if he's using adsense elsewhere it would be more than worth it to him to pay up just to avoid you reporting him to Google.

As you've now reported him to Google, perhaps you want to look into the small claims court and bringing a money claim against him for the stolen revenue?


 12:34 am on May 16, 2007 (gmt 0)

I got a response from Google and it looks there's nothing they can do. I doubt they'll do anything, which is rather upsetting because he's getting away with it. I was hoping they'd at least take some measures to prevent this sort of thing from happening again. What if this account owner tries this on someone else?

Here's their response:

[edited by: martinibuster at 4:00 am (utc) on May 16, 2007]
[edit reason] See TOS [webmasterworld.com]. [/edit]


 12:48 am on May 16, 2007 (gmt 0)

>there's nothing they can do

There's nothing they could do to get in the middle of this kind of situation, so it's a loss that would have to be recovered from the guy direct. But there's no telling if they'll consider action on that other account and even if they did, it wouldn't be divulged to anyone else.

Just gather whatever documentation you can, back up and move the site and move on. Make sure your passwords are secure, including double-checking the domain registration.


 5:13 am on May 16, 2007 (gmt 0)

I wonder if I can claim the revenue I lost.

Confront the thief. Ask for your money and he/she doesn't return it, say you'll report the outrageous fraud and theft to Google, which will mean they'll lose their Adsense account, and never get another one. Or however you feel you can get their attention. The thief has your money, not Google, so going to G would be barking up the wrong tree.



 6:30 am on May 16, 2007 (gmt 0)

ITs as I thought, Google will not get involved, but may have taken action against the other party. If I were you I would gather some figures on estimated clicks and loss of revenue to those particular sites.

Then contact the owner - perhaps sending an invoice - for these loss of earnings. Write a covering letter stating that unless monies are recieved within x days you will be taking legal action to recover his fraudulent activity - and will be claiming additional costs on top. Its got two chances. If we are talking about significant amounts of money - seek legal advice first. However, if it is an annoying area whereby you could perhaps end up losing more to lawyers than you might gain, then try to get it resolved this way.

I feel for you - I would have steam gushing out of all orifices if this happened to me. I guess a learning curve for anyone who buys domains/sites off of someone else. Make sure all passwords etc are changed.

Let us know if you get any joy.


 6:20 pm on May 16, 2007 (gmt 0)

I wouldn't confront the thief unless the revenue lost is huge. If you do confront him, he may want to take revenge on you by clicking your ads repeatedly or using some other technique to get your adsense account banned. Once banned, its hard to get your adsense account reinstated. So, just forget this incident and make sure it doesnt happen again in future. I know how it feels being in your position, but since google isn't too cooperative, there is nothing much publishers can do in such cases.
My 2 Cents


 6:53 pm on May 16, 2007 (gmt 0)

I'm going to agree with peepin, unless we're talking about thousands of dollars you're risking an even larger mess if you approach this guy and he gets a bug you-know-where and starts clicking away at your ads or attacking your sites/servers/hosting/email/name/etc... It would probably be more worthwhile to fix your security holes, steer clear and be thankful that all he did was change your pubid (are you sure this is all he did?).

I recommend using a password manager and generating a different random password for each login you use. If you search WW you will find a few good threads discussing the various password management solutions.


[edited by: Fribble at 6:55 pm (utc) on May 16, 2007]


 7:09 pm on May 16, 2007 (gmt 0)

Document everything. EVERYTHING. Including all log information you can find about how this guy got in to your system. This will help you figure out what happened and will give you ammo to go to Google or to court with.

I hate to say it, but there could be a backdoor that's giving the hacker access to your server. Change ALL your passwords and continue to watch your site like a hawk.

...Or sell your site to the Hell's Angels and let them sort it out if it happens again.


 3:41 am on May 17, 2007 (gmt 0)

I guess you are luck you noticed it without any serious harm to your domain , otherwise if hacker misused it google might have blocked your domain and you would have been double looser (paid for domian and lost domian for adsense)

Just update your security as suggested , good luck with your earnings


 9:28 am on May 17, 2007 (gmt 0)

you know, the nasty thing to do - which i would never condone, of course - would be to play him at his own game. change all of your passwords (so he can't remove the ads) and then get all your mates to click the hell out of his ad for a few days. eventually he will get banned. nothing he can do about it. he will just have to sit there and watch his click-through rate go through the roof. he made his bed, he will have to lie in it.

actually, that is a terrible idea. ignore what i just said. google might link the ban to the domain name, which will mess up your own ads.


 11:00 am on May 17, 2007 (gmt 0)

Google should provide us an option which can enable/disable revenue sharing.

A report which shows all domains associate with current adsense publisher id is also useful.

[edited by: iProgram at 11:02 am (utc) on May 17, 2007]


 1:56 pm on May 17, 2007 (gmt 0)

jeeze you already said it was a couple bucks get over it and next time don't be so lazy with the security of the site. how did he get in forget to change the fpt password or something.
why did it take you 4 months to find this as well?

Global Options:
 top home search open messages active posts  

Home / Forums Index / Google / Google AdSense
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved