modelman - 7:47 am on Apr 16, 2013 (gmt 0)
This thread is the best I've seen on this topic. My bounce rate has been hammered and it has most certainly harmed my organic traffic. I don't use adwords or adsense, or any other ads. This attack has cost me 3/4 of my normal traffic since January.
I look at 100% bounce rate along with 00.00 duration in G.A. to find the offenders, and then isolate them by small towns or normally low traffic cities, or other indicators listed below.
The attack seems to have changed in recent months. My most recent strange traffic data shows these things in common:
* 100% direct traffic
* 100% first time visitors
* Pages/visit = 1
* Average visit duration = 00:00:00
* Browser "Mozilla Compatible Agent" version 5
* 24 bit screen colors/ Screen resolution 1024x768
* 100% Java disabled
* 100% Windows OS
* 100% Flash enabled (version 11.4 r402)
* Network Domain = msn.com
* keyword = "not set"
The target pages are spread out over hundreds of pages, with the most popular ones that normally have the lowest bounce rates hit most often.
The most interesting things that are different from the previously posted reports is that my home page is never hit, and that it is all domestic American traffic, even though my customers are worldwide. All my foreign traffic looks normal. The version of Flash being used is also new to this thread.
I can find other 100% bounce rate/00.00 duration traffic which has Network/Domain = "unknown.unknown" or with Flash version set to 11.4 r402, but the most reliable predictor is if it comes from msn.com with a Mozilla compatible agent.
I'm exploring ways to survive without Google search traffic, but as far as I can tell, this mystery has not been solved, it has not gone away, and I'm convinced that there are many, many more businesses that don't even know they are being adversely affected by it.
My first thought was that it was a competitor who wanted my search terms. I've gone through many other theories similar to those listed in this thread, but my latest thought is that it might be from the websites that furnish web stats for a domain name, because it started getting bad when I started visiting these sites and entering my domain name. At the same time, I renewed my SSL certificate (which was expired for over a week), so that might also be related, although I don't see how it could be. It's far too isolated to particular locations, although it is spreading and diversifying quite a bit in the past few weeks.
I've fended off many kinds of attacks, but this one has me stumped. I don't feel so bad seeing how everyone else seems to be mystified, but I would like to solve this by figuring out exactly how it is being done. I don't accept defeat very easily. Any help is greatly appreciated.