Forget doing it for competing business reasons, what about sour ex-employees or an unsatisfied customer. Why do hackers deface websites? I don't know but they do. Why ask why, the hole is there and that should be enough reason for concern.

wwuser: Towards the beginning, I got a warning from Adsense support about fraudulent clicks on my account. (I suspect it was someone from my office clicking when I was suggesting that the company implement Adsense on one of their info-only sites.) I offered to send them all my access logs from the time period in question, and to ban any offending IP's from my site. I got a short "thank you and don't bother" email back, and never heard anything else again.

Recently, I did accidentally click on one of my own ads due to a new mouse with buttons in places I wasn't used to. I emailed them a note telling them which ad, the URL, and what time it was, and apologized for it. (I got the tiniest bit flamed here on the board for wasting the Adsense support folks' time, but it was about half-and-half "good idea" to "bad idea" messages.) They sent me an email back saying basically, "don't do that again," and that was the end of it.

Based on my experience, the folks at Google have a limited tolerance for accidents. There are other people on the board who claim to deliberately click their own ads periodically to see what they lead to, and they haven't been banned (although I would not recommend that).

There are two sides to every story. I believe there are people who have been banned and honestly don't know why, and I also believe there are people who've been banned and do know why but don't admit it.

Just another reason to diversify your income wherever possible, I guess.

JK

I know that click fraud campaigns can be ignited by a competitor but that's highly unlikely.

Over the years, there have been many reported instances of this.

Think about it. Why would a competitor want you booted out of AdSense? It is because your competitor is also running AdSense ads and would benefit from one less rival to share the thinning ad supply? If that were the case the competitor would risk getting booted out of the program.

You're assuming that click fraud can always easily be detected. There are numerous ways it cannot. The competitor need not launch the attack from their corporate site, for example.

If it's a jealous rival that got booted for fraud, it would also already be in Google's system.

That wouldn't stop it from wanting to get revenge on its rival, or Google, even. Also, see above; the fraud may not be so easy to track.

If the rival doesn't use AdSense then the rival may have no idea about the inner workings of the program or how it can get one booted instead of just clicking to possibly enrich a rival.

Just because the rival doesn't use AdSense doesn't mean they can't figure out how it works. There is so much written about CPC advertising that anyone who was sufficiently motivated could easily mount a CPC attack that Google would not necessarily detect.

So now the big question:

Are there any preemptive steps you can take so that if you are accused you have something to present on your behalf?

JollyK - thanks for the encouraging story -- hopefully mine will be similar. In this case, I know I haven't clicked on any of the ads.

I really doubt that my comptetitors (to the extent that there are any) would be behind anything like this. My server does undergo very frequent attacks of other sorts (mostly DOS attacks), but I won't go into details because I'd likely divulge the identity of my site in violation of WW terms. Suffice it to say, we're good guys, and the attackers are bad guys :). Given the frequency and persistence of the other types of attacks, it wouldn't be at all surprising to discover that the same people decided to hit the adsense account.

As a long time reader and poster to this forum it seems to me this discussion arises from time to time about the unscrupolous hacker hitting a site to get someone banned. In the cases I am aware of this happening the publisher has been re-instated after discussions with Google. I am hard pressed to remember any of the other posts where a "banned" user had related this to a click attack? (course memory is failing:))

99% of banned posts are because of TOS violations when the questions are asked. I find it interesting that I don't remember a long term player that had adsense being banned without a warning (see OP) or if banned not re-instated?

I have faith in my business partner (Google) to manage this situation for me and don't lose any sleep in regards to it.

Are there any preemptive steps you can take so that if you are accused you have something to present on your behalf?

You can provide G with your logs (or if you use third-party site tracking, their records on your site usage). However, this doesn't constitute proof, although people have been let back into AdSense when presenting such records to G.

Some people are taking vigilant stances with regards to their sites, such as carefully monitoring traffic and pulling AdSense ads at the first sign of what they consider to be suspicious.

Well read through the entire 4 pages.

My 2 cents:

1) You either receive an email from Google about fraudulent clicks on your account or you get banned right away without warnings. If you get an email, it means Google doesnt have solid evidence to link you to the fraudulent clicks - so they are giving u a chance to correct it - if you dont get a warning email - your GUILTY.

2) G=Google and G!=God, so Yes G can make mistakes. I would'nt call them mistakes, I would use the term business decisions. In my opinion, I would think G would be less tolerant with new publishers. If you are new and within months, they see fraud clicks on your account - they would not want to waste their time and money to investigate your individual case in depth.

3) I dont think its so simple to kick your competitor out of Adsense just by lauching a click attack on their ads. If you've been with G for couple of years and one fine day someone launches a click attack on your site - Do you think Google is going to ban you. NO WAY. I dont have a high IQ nor do I work at Google but I have enough sense to know that it wasnt the publisher's mistake.

With the amount of new publishers signing up daily and with people coming up with new and new ideas to trick google, I think G is doing an excellent job in dealing with this entire situation. There are more happy publishers than unhappy ones :)

I've been on this forum for almost 3 years now and I have only seen hundreds of people post about getting banned, however only 2-3 had more than 50 posts.

I'm not saying posting will stop you from getting banned, but I am saying silly newbs and kids click, get banned, and come here to complain about it.

So then that means the hole exist and if someone really wanted to they could cause your account to go Bye Bye?

That's absolutely correct. There's absolutely no way that Google can distinguish between Publisher A renting a zombie network to clickfraud his way to higher profits and Publisher B renting a zombie network to clickfraud Publisher A into getting booted out of AdSense.

Click fraud has long been the Achilles heel of the whole AdSense model, Google knows it and has to cite it in their SEC filings.

Because there is absolutely no technical solution to distinguishing clickfraud-for-profit from anti-competitor-clickfraud, Google has nothing to rely on but "security by obscurity". They have to minimize press coverage of the degree of click fraud going on -- but never allow an audited assessment of the true numbers to be published, probably because it would be breathtakingly high.

Click fraud to attack a competitor is almost certainly a small percentage of total. But it would be extremely naive to assume it's zero. It probably happens mainly in areas where profits are high and competition is fierce. Indeed, it may be more a battle for SERPs that inspires it; if I deprive you of your AdSense income, it may keep you from having the resources to keep battling me for the top positions in the SERPs.

Of course, Google has a conflicting goal of keeping publishers with honest traffic alive. Simple clickfraud (15 machines in India pounding away on your ads) is both easy to detect and deal with -- just clip the profits from clicks originating with those IP addresses. Google doesn't really have to figure out who's doing the defrauding if they can just keep their advertisers from being handed the bill.

It's the highly professional clickfraud that uses rented zombie networks that makes the game a challenge. With over a quarter million user PCs being a member of one zombie network or another, it would be very hard to automatically clip out those fraudulent clicks without also clipping out the "real live human" clicks that come from the exact same machine (i.e., when the user is using the machine and the malware is waiting for them to go away).

Remember that natural shopper behavior often closely resembles an attack. For example, if the CTR for a shoe ad on your site suddenly went from 1% to 25%, that sure looks like an attack -- unless you happen to know that Oprah mentioned that brand of shoe on her show yesterday.

It may be that some of the reports of publishers moaning about how their AdSense income dropped precipitously are actually instances when Google detected and started silently clipping fraudulent clicks. Google wouldn't really be able to tell the publisher to quit moaning and be happy they weren't banned from AdSense because that would help reveal the extent of the problem.

It may be that Google only goes so far as to boot someone when they have time to manually inspect a website that they've already been automatically clipping "suspicious" clicks from, and decide that it's clear who is originating the fraud.

It may be that Google sends a "warning" letter out when such a manual investigation does not produce any clear indication of who is perpetrating the fraud. Maybe it's sometimes a case of "hey, we can't figure out who's doing what, so maybe you can -- and you better hurry because we might boot you just to solve the problem one way or the other."

It may be that automated clipping of "suspicious" clicks that matched some pattern is sometimes inadvertantly clipping "real" clicks, with both publishers and advertisers suffering a minor amount of "collateral damage".

Given how Google operates, these decisions could be getting made regularly by relatively low-level employees with no set policy or procedure, based simply on "gut feel" or what kind of mood they're in on a given day.

Prediction:

Google will at some point become a significant sponsor of some nation-wide or even world-wide effort to deal with the general problem of "zombie armies". Many other participants in the effort will have their own reasons for joining: national security, avoiding DDOS blackmail, etc. Google's reason will be to combat nearly undetectable click fraud.

Also, I predict significant Google hires (unless they're already full staffed :-) in the area of computer forensics. They're going to have a full set of ears on IRC channels trying to stay up on the latest zombie army activities, if they don't already.

The current situation cannot be allowed to persist. Right now, for the grand sum of less than $100,000, any rogue entity could bring the entire Google enterprise to an immediate halt by simply renting up all available botnets and having them engage in massive and random fraud. This probably already would have happened if some anti-American terrorist group had any grasp of the effect it would have to shut down the entire AdSense/AdWords network for a couple of weeks.

The only question is whether the problem will get dealt with proactively, or only after the electronic equivalent of Pearl Harbor occurs.

Click fraud to attack a competitor is almost certainly a small percentage of total. But it would be extremely naive to assume it's zero. It probably happens mainly in areas where profits are high and competition is fierce.

Interestingly enough, Google's CFO drew attention to that type of click fraud in a speech a while back. He wasn't talking about AdSense specifically, though. Such "competitor click fraud" is more likely to occur on Google's own SERPs than with AdSense, in my opinion, simply because it's probably easier for a sleazy businessperson to find his competition's ads on Google SERPs than on a raft of third-party publisher sites.

Also, I wonder if the threat of bot attacks on publishers isn't being overstated. After all, Google could easily discount clicks that appeared to be "excessive" by a site's historical standards. The spike in clicks might trigger a manual review, of course, so publishers who have anything to hide (or whose sites are unlikely to pass the "sniff test") might have good reason to worry about bot attacks.

Finally, I wonder how easy it is for publishers who do cheat to continue doing so without getting caught. They'd have to avoid being too greedy, because a sharp rise in clicks would be easily detectable unless it were accompanied by a corresponding increase in traffic--and Google probably has enough data on search referrals to detect rises in traffic that look artificial. Plus, anyone who's greedy enough to cheat Google and its advertisers probably doesn't have the patience or self-restraint to cheat on a scale that's small enough to be undetectable.

3) I dont think its so simple to kick your competitor out of Adsense just by lauching a click attack on their ads. If you've been with G for couple of years and one fine day someone launches a click attack on your site - Do you think Google is going to ban you. NO WAY. I dont have a high IQ nor do I work at Google but I have enough sense to know that it wasnt the publisher's mistake.

Well, there's no way to know for sure. It's entirely up to G's discretion whether or not they kick you out. I imagine that the length of time someone's signed up with AdSense, their historical traffic and earnings patterns, and other related factors are taken into account.

LinkChecker, Anyone know what this bot is and where it is from?

I was wondering if something hitting my links may have caused clicks to go down.

Finally, I wonder how easy it is for publishers who do cheat to continue doing so without getting caught. They'd have to avoid being too greedy, because a sharp rise in clicks would be easily detectable unless it were accompanied by a corresponding increase in traffic--and Google probably has enough data on search referrals to detect rises in traffic that look artificial. Plus, anyone who's greedy enough to cheat Google and its advertisers probably doesn't have the patience or self-restraint to cheat on a scale that's small enough to be undetectable.

Depends on their motives, I suppose. For some cheaters, a few extra clicks per day could be quite lucrative. I wouldn't assume that cheaters don't have self-restraint, in general.

How about installing a Google Toolbar and allow Google spy on our computer? Will this increase faith of Google on us?

As a rookie to adsense these dooms day predictions of click fraud are concerning. There's a hole in adsense? And what's this about website hijacking,and Internet terrorism? Is it really that bad?

Also, I read in a past thread members can be booted for having no earnings after a few months. This is very alarming for me if this is true.

But one thing everyone agrees is it is wise to have multiple streams of income.

As a rookie to adsense these dooms day predictions of click fraud are concerning. There's a hole in adsense? And what's this about website hijacking,and Internet terrorism? Is it really that bad?

Basically, it is a limitation of the underlying Internet technology. You can measure traffic that arrives at your site, but you can't necessarily determine its origin or ascertain its intent.

I don't think these facts are very well understood outside of forums like this.

I don't know what to think about Google...I've not had good experiences, but the first time around I did click my own adwords a couple times. Having had my adsense account shut off just before payday because of that error, I learned my lesson and applied for a second account about a month later through one of our other businesses.

Here's the thing: so the same thing happened the second time around (again, right before payday, quite conveniently for Google), but I made sure I NEVER clicked on any of my adwords, and content was really quite good.

My question to the group is this: could google have tracked my first set of sites, placed them on some sort of 'watch' list and when I placed the adsense code on the sites the second time around, they banned our second account because of that?

could google have tracked my first set of sites

Of course they did! Do you really think that reopening an account under another name and slapping the new AdSense code on the same old web site will fool them?

Apart from the fact that when you are banned you are banned for life...should you wish to "fool" them with any chance of success you will need:

- new identity
- new bank details
- new address
- new domain name
- new content