Welcome to WebmasterWorld Guest from 3.80.4.76

Forum Moderators: martinibuster

Message Too Old, No Replies

Dissatisfied Customer Threatened us with Click Attacks

     
1:05 am on Mar 13, 2007 (gmt 0)

New User

10+ Year Member

joined:Mar 13, 2007
posts:11
votes: 0


We received numerous threats from one dissatisfied customer whom we refused to issue "full refund". He used our services for 2 weeks, and our full refund policy is applicable only within 1st week. We are consulting company and we simply can't offer full month of services for free. Our refund policy is clearly stated on our site. I went one step further and issued 50% refund and he was still unreasonably dissatisfied. Then he started sending numerous emails with foul words and threats that he will click attack us. As a result, we removed Google ads on March 1st from our website and contacted Becky, Google Adsense employee. We explained her the situation we are in and she told us they will monitor the site and she noted the incident in our account, and today we received email from adsense-addclicks@google.com stating our site was disabled, but we do have a right to appeal.

I appealed immediately, pointed out to my conversations with Becky (Adsense Support), pointed out to threats that we received, and told them that we were the ones who originally reported possible illegal click activity coming from threats that we received. We even removed ads to protect ourselves and even contacted Google. We acted in good faith. Now, our ban is under appeal, and I hope we get our company's account back. We have 25 full time employees (19 full time, 6 part time) and we also opened another office in Surrey, BC (our main office is in Vancouver). To prevent possible clicks by employees, we used OpenAds and blocked our local networks' IP addresses.

I hate to say this, but I am totally disgusted at how easy it is for competitors or/and dissatisfied customers to hijack other company's publisher account. It's not Google's fault as much as it is fault of the system under which pay per click advertising and publishing operates. Think about it - what can prevent mean individual to click your ads 1000s of times or even to possibly spam your website link on adult forums? If you do research by googleing these issues, you will learn that many such cases have been reported.

Edit Reason: Spelling

[edited by: James_M_Omakovich at 1:12 am (utc) on Mar. 13, 2007]

2:20 am on Mar 13, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jomaxx is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 6, 2002
posts:4768
votes: 0


Is that your real name? I mean, it LOOKS like you signed up with your real name and that makes the story seem more plausible, but Google and Yahoo both report zero hits for "Omakovich". Seems like that would be next to impossible if it was a real name.

Anyway some of those banning messages seem to be automated or semi-automated; it seems likely to me that that your account will be reinstated upon investigation.

2:31 am on Mar 13, 2007 (gmt 0)

System Operator from US 

incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14664
votes: 99


I would be more concerned about your business policies instead of worrying about AdSense policies.

Maybe next time you'll just give a full refund as arguing with a customer is never worth the potential bad word of mouth and in this instance being banned from AdSense.

2:33 am on Mar 13, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 5, 2006
posts:2095
votes: 2


If your in the US and the customer made threats, press charges! Threats like that are not on the civil side of court, they are on the criminal side......

Anyone who threatens to damage a business through fraud can be arrested. If you are in the US I would contact authorities. Nice thing is, if you billed his credit card originally you can tell the authorities exactly where to find him....

3:47 am on Mar 13, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jomaxx is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 6, 2002
posts:4768
votes: 0


Actually that's an important reason why (IMO) such click attacks are rare -- it exposes the attacker to significant civil and even criminal liability, and not many people are clever enough to launch a click attack and not get caught one way or another.
4:26 am on Mar 13, 2007 (gmt 0)

New User

10+ Year Member

joined:Mar 13, 2007
posts:11
votes: 0


Seems like that would be next to impossible if it was a real name.

Real name is not necessarily public name. My last name is originally Bosnian, very rare. I don't know anybody here in Vancouver with such last name, even in white pages. However, if you google "Omakovic" you will get more matches (english "ch" is how we pronounce Bosnian "c" with a checkmark above). James is my Canadianized name. Let's put my personal life aside.

If your in the US and the customer made threats, press charges! Threats like that are not on the civil side of court, they are on the criminal side......

Anyone who threatens to damage a business through fraud can be arrested. If you are in the US I would contact authorities. Nice thing is, if you billed his credit card originally you can tell the authorities exactly where to find him....

I am in Canada, and same rules apply. I will contact authorities first thing in the morning and see what can be done. I saved all copies of customer emails and threats. At least police can visit him and talk to him; hopefully that would make him think that internet is not a safe medium for threats.

Edit reason: Bosnian letter "c" with checkmark does not display properly

[edited by: James_M_Omakovich at 4:27 am (utc) on Mar. 13, 2007]

12:37 pm on Mar 13, 2007 (gmt 0)

Full Member

10+ Year Member

joined:May 19, 2004
posts:235
votes: 0


Is it possible that the ban was not for a click-attack?
Pure speculation follows: Maybe they closed the account because they thought you had joined another network (this is a long shot). Perhaps, during a review of your site after your email to them, they took a closer look at the pages and found something against the TOS?
1:10 pm on Mar 13, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member hobbs is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 19, 2004
posts:3056
votes: 5


Hi James,

how easy it is for .. to hijack other company's publisher account

I think Google has measures against this, although they could allow us to declare our individual sites and make the pubid hijacking a thing of the past.

what can prevent mean individual to click your ads 1000s of times

Almost every one here at one time or another observed fishy behavior and reported it, and almost always they thank you and tell you they have systems in place to take care of this, nothing a publisher can do but keep their nose clean, fly low and report when shelling fish!

Did I just say fly low?
Yes, we fear not click fraud as if anyone can code against it, it is Google, and I personally have no doubt about their coding abilities, it is the bulk business inefficiency mistakes that forces uncertainty, they deal with hundreds of thousands of publishers, makes one feel uncomfortable. No risk no gain, say la veee.

You did well by informing them in time, and did better than what I would have done by removing the code from your pages, rest assured that if all else is clean you will be back in.

7:58 pm on Mar 14, 2007 (gmt 0)

Full Member

10+ Year Member

joined:Oct 28, 2005
posts:325
votes: 0


What I dont understand is why is Google so blind to not detect an obvious click attack? No wonder advertisers shy away from content network.
8:07 pm on Mar 14, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 27, 2003
posts:751
votes: 1


What I dont understand is why is Google so blind to not detect an obvious click attack? No wonder advertisers shy away from content network.

Google does detect them, and does not charge the advertiser. However Google doesn't know if the publisher caused the clicks or someone malicious caused them. It's probably more cost-effective for Google to close the AdSense account than to try to play detective in these cases, especially if the account is not a big earner.

10:59 pm on Mar 14, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 1, 2004
posts:1987
votes: 0


If I didn't have a click attack occasionally I wouldn't hardly have any clicks at all.
11:38 pm on Mar 14, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 16, 2003
posts:971
votes: 0


What I dont understand is why is Google so blind to not detect an obvious click attack?

You're in the majority -- most people don't understand the difficulties. For example, you get 10 clicks from the same IP address in a 10 minute period. Isn't that an obvious click attack? Or did the local sewing circle meeting at the library find a bargain on peach-colored thread, which they all proceeded to enjoy after Mom said "hey everybody, just go to www.<somesewingsite>.com and click on the ad for Peach Thread Sale"? (Library multiplexes 32 workstations via a single, external IP address).

Tiny publishers can afford the collateral damage that comes with indulging in the myth that IP address == human. Large commercial ops like Google cannot.

Of course, Google is detecting many obvious click attacks -- that's how they are able to automatically ban publishers. This means some innocent folks get shut down, but that's simply unavoidable with any kind of automatic banning process (and Google does not do anything manually for long without trying to automate it). For example, in the OP scenario, poor Google must also allow for the cases where Bad Publisher #1 is probing Google's auto-detection abilities by a) sending letter to Google claiming imaginary bad guy is threatening to attack then b) initiating attack to see if it is detected. To beat a dead horse: no algorithm can discern human intent.

Google can't win this war, they can only try to win enough of the time to keep the business model from collapsing.

Maybe next time you'll just give a full refund as arguing with a customer is never worth the potential bad word of mouth and in this instance being banned from AdSense.

I don't want to work for incrediBill's consulting company! A large refund on intangibles, or recoverable tangibles is one thing, but a lot of consulting companies live hand to mouth and a "no questions asked" policy can leave your employees asking you plenty of questions about why their paycheck isn't going to clear this week.

2:28 am on Mar 15, 2007 (gmt 0)

New User

10+ Year Member

joined:Mar 13, 2007
posts:11
votes: 0


I filed an appeal on March 12th, still no response from Google. This is a good news. Most likely they are investigating our account on a higher level, which is a good news. I am expecting them to reinstate the account, because we were the first one to report possible click attacks on our site. We worked with Google in good faith.

As Hobbs pointed out, click attack does not have to result in 1000's of clicks from same IP address. All malicious user has to do is click 10 times or more within a short period of time and that's it - you are click attacked without even realizing. And what else can you do when a malicious user threatens to click-attack? We reported it to Google (and I also reported it to local authorities, Vancouver Police Department, yesterday. I will not comment on that, but a threat is a threat and it's a crime).

I still trully believe Google will reinstate our account. It's just a matter of days. I believe Sandpetra pointed out it took 5 business days for him to hear back from Google, and then they reinstated him. I have a good feeling that the outcome will be to our satisfaction.

Edit Reason: little annoying spelling error

[edited by: James_M_Omakovich at 2:31 am (utc) on Mar. 15, 2007]

2:34 am on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 27, 2003
posts:751
votes: 1


Consider a script like Adlogger that disables ads for IP addresses after X clicks over Y period of time (configurable). It's not perfect, but surely can help.
4:30 am on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 1, 2006
posts:1536
votes: 0


"All malicious user has to do is click 10 times or more within a short period of time and that's it - you are click attacked "

Having experienced multiple clicks by a single surfer, I can say that G discounts most clicks and will not normally ban.
There must be some sort of a 'pattern' detected by G before their automatic algo would autoimatically ban.

Also IMHO, small publishers with say 50 - 100 clicks a day would be more suceptible to this kind of a ban. Larger publishers would normally get away unless there is suspicious activity over a longer period of time.

Also as EFV is fond of saying, if the site goes in for a human review, it must be able to pass the 'SNIFF TEST' . If site is made for adsense, it may not pass such a review.

1:24 pm on Mar 15, 2007 (gmt 0)

New User

10+ Year Member

joined:Nov 16, 2006
posts:37
votes: 0


There is no law against clicking on adsense ads. Everyone has the right to move their cursor over a private citizen's adsense advertisement and click as many times as they choose. What they are thinking during the action is theirs and theirs alone to know.

As far as I know google is not a sovereign nation and cannot impose thought crime laws on its subjects.

3:25 pm on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member bigdave is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 19, 2002
posts:3454
votes: 0


Graham,

You need to look up the legal definition of fraud.

From [dictionary.law.com...]

n. the intentional use of deceit, a trick or some dishonest means to deprive another of his/her/its money, property or a legal right. A party who has lost something due to fraud is entitled to file a lawsuit for damages against the party acting fraudulently, and the damages may include punitive damages as a punishment or public example due to the malicious nature of the fraud.

In this case someone stated that they were going to make a click attack for a malicious reason. Since they stated this, they would have to go to great lengths to prove that the reason that they clicked all those times was NOT fraud.

3:54 pm on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 26, 2006
posts:1397
votes: 0


If you can't afford a full refund, can you afford a lawsuit?

Doubtful it's a crime, but it sure sounds like tortious interference. It's a deliberate, premeditated, and malicious attempt to interfere with a business relationship: your company + Google.

Even if it were a crime, the cops are far too busy with bigger cases. They don't have the time or money to deal with this.

Good luck with the account reinstatement. Internet terrorists be damned!

p/g

6:37 pm on Mar 15, 2007 (gmt 0)

New User

10+ Year Member

joined:Mar 13, 2007
posts:11
votes: 0


Dear Friends,

Another good news. We just got email from Google.
Google stated they are still in the process of reviewing our account with the additional information that we have provided. Things are looking good.

If they reinstate, I am definitely going to use professional click-tracker so we can prevent suspicious clicks and save our face with Google.

Things are looking good. Keeping my fingers crossed. I've always been optimist, even in tought times. Five years ago, I opened a business in Vancouver, I had my office on Granville Street (high prime downtown area) and it collapsed within 9 months. I did not give up, I was optimistic and I pushed for another business. My consulting firm slowly grew from 2 employees to over 20 employees in less than 3.5 years. Had I realized that e-commerce is a gold-mine earlier, I would never go into traditional types of businesses. Now, I have given a task to my employees to create 4 big projects just for our company. One will be similar to newsvine.com (I absolutely love their concept and have been in touch with Calvin for some time and praised their team for creating awesome web site); the second will be similar to digg/spotlex but with a twist; the third project will be website similar to hotscripts with software and script contributions and programming; and the fourth project under development will be totally new concept that I butt my head against the wall to come up with. I trully think these projects will be successful. I am 150% sure, absolutely sure, they will be successful.

I am going to stop bothering you with my plans. My brain is factory of ideas, they are boiling like crazy.

8:12 pm on Mar 15, 2007 (gmt 0)

System Operator from US 

incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14664
votes: 99


There is no law against clicking on adsense ads.

There is when you send someone a threatening letter claiming you're going to cause harm via click attacks when you don't refund his money, then it's blackmail. Not only that, it's FRAUD for the advertisers involved, not to mention tortious interference with a business.

It's open season for criminal and civil suits.

8:45 pm on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member hobbs is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 19, 2004
posts:3056
votes: 5


Keep up the spirit James, also keep the details of your new ideas to yourself till they are launched, you don't want people copying them.. Each of the 3 you mentioned is a lot of work, so make sure you give each the amount of detail and quality it needs, go for weaknesses in the existing sites and see how you can develop something new and different, also try to get your employees to pitch in and develop their own ideas as owners not drones, allow them to be a source for innovation.
Good luck
8:54 pm on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jomaxx is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 6, 2002
posts:4768
votes: 0


Keep in mind that it's highly unlikely Google will divulge the exact nature or source of the invalid clicks.

And without their cooperation, even if it was an intentional click attack, there will probably be no real consequences for the perpetrator. Unless maybe if they have an AdSense or AdWords account.

8:56 pm on Mar 15, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 30, 2005
posts:120
votes: 0


It's definitely blackmail (according to my lawyer at Wikipedia & Associates: "In a broader sense, blackmail is an offer to refrain from any action which would be legal or normally allowed, and is thus distinguished from extortion.") Simply threatening to do something along these lines may be enough to constitute blackmail (even if there was no follow up), depending on the laws where you live.

Not so sure about the fraud, as the people who are doing the clicking are not profiting (and do not intend to profit) from the clicks. They are merely trying to muck things up for someone else out of spite.

11:33 pm on Mar 15, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 1, 2004
posts:1987
votes: 0


I find this thread so maddening!

Google's policies and business practices are neantherthalian (sorry cavemen).

Google obviously knows that there was click fraud and it should be equally as obvious that it wasn't you who was doing the clicking.

The nerve of them seeking information from you from your logs - how absurd is that. They have every freaking piece of information that you could possibly give them and a whole lot more.

Google! quit being such buttholes and simply discount the clicks like you do in 99% of the other cases and leave the poor op alone.

ps. I'd like to see Google try to cancel a major advertiser's account because some customer did a bunch of ticked-off clicking.

11:57 pm on Mar 15, 2007 (gmt 0)

System Operator from US 

incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14664
votes: 99


Keep in mind that it's highly unlikely Google will divulge the exact nature or source of the invalid clicks.

That's why you file a criminal case against the guy that threatened you and they subpoena that information. Once it's entered into open court as evidence, then you have it for your civil case ;)

[edited by: incrediBILL at 11:57 pm (utc) on Mar. 15, 2007]

2:46 am on Mar 16, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 16, 2003
posts:971
votes: 0


Google obviously knows that there was click fraud and it should be equally as obvious that it wasn't you who was doing the clicking.

Of course, since Google can use reverse-optic-transference technology to see who is on the other end of each IP address. BTW, please put some pants on when you're posting here.

3:23 am on Mar 16, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 18, 2005
posts:817
votes: 0


Actually that's an important reason why (IMO) such click attacks are rare -- it exposes the attacker to significant civil and even criminal liability, and not many people are clever enough to launch a click attack and not get caught one way or another.

I wouldn't be too sure of that. In principle, anyone who has either implemented an HTTP client or server knows how to launch such a click attack. While the number of such people as a percentage of the world's population is very small, there are a substantial number of people who can implement HTTP clients or servers. I'm not suggesting that all, or even most of such people would commit click fraud, but that the knowledge is not as rare as it might seem.

9:54 am on Mar 16, 2007 (gmt 0)

Junior Member

10+ Year Member

joined:Aug 10, 2006
posts:86
votes: 0


well as said before.

G should make the "whitelist" system so we do not see such a cases in future.

11:10 am on Mar 16, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member hobbs is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 19, 2004
posts:3056
votes: 5


ronburk:
please put some pants on when you're posting here

Proposing a change in the WW Charter?

8:45 am on Mar 17, 2007 (gmt 0)

New User

10+ Year Member

joined:Nov 16, 2006
posts:37
votes: 0


Don't scam your clients and you will not be click attacked.
This 32 message thread spans 2 pages: 32
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members