Welcome to WebmasterWorld Guest from 23.20.241.155

Forum Moderators: incrediBILL & martinibuster

Message Too Old, No Replies

Experts: Google Doesn't Police Advertisers

     
10:51 am on Apr 27, 2007 (gmt 0)

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



from pc world [pcworld.com]:
Google could avoid future malware attacks carried out using advertisements posted on its Web sites if the company more thoroughly investigated customers of its AdWords system, according to security and legal experts.

On April 25, researchers with security software maker Exploit Prevention Labs announced that they had uncovered hard evidence that malware distributors were using advertisements placed via Google's automated AdWords system to infect unsuspecting end-users with virus code.

According to Roger Thompson, chief technology officer at Exploit, based in New Kingstown, Pa., the malware brokers used fraudulent advertisements for legitimate organizations such as the Better Business Bureau to trick users into clicking on the links.

When someone clicked such a link, the ad would redirect their browser through URLs that attempted to automatically download virus programs onto their computers before passing them along to the actual sites that were advertised.

11:09 pm on Apr 27, 2007 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



If done smartly, this will generate artifical (fraudulent) traffic and clicks that are unrecognisable from "organic" traffic.

True, a botnet could become a click fraud net, and the underbelly of the net has already done as much.

The problem is that just randomly clicking any old ads doesn't profit someone, it has to be specific ads or ads on a specific site, and that kind of random traffic spikes would probably indicate a problem to Google.

If you wanted to do this properly in stealth mode and not get caught you would have to execute a plan for years to appear organic in nature, to slowly build up fake traffic to click fraud scam sites.

That's why most of them get caught is they get too greedy too fast trying to churn and burn a quick buck before they get caught.

Not saying it can't be done, but most criminals aren't that patient.

11:56 pm on Apr 27, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



incrediBILL

I am not an expert on botnets, but here is how it works for me.

I search, I see I click, there is an additional info, so I click, if it tries to install something not good, I block(if have the power) and never comeback to the one above.

Now lets say, you rank #1, so I search and find you, I click, there is an additional info, so I click, if it tries to install something not good, I block(if have the power) and never comeback to the one above.

Now lets say, I care, and let you and where you rank know that I searched and found you, I clicked, there was an additional info, so I clicked, it tried to install something not good, so I blocked(or did not) and That I am never be coming back to the one above.

I search else where. I see you and never click, Ever. Where I searched knows that I did but donít know why I did not click, hmmm

It must be an antivirus thing again

7:47 am on Apr 28, 2007 (gmt 0)

WebmasterWorld Senior Member powdork is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Since I did it, could Googlebot, Media-partners and the AdsBot-Google check for malware?

Of course they could.

Could the sites being checked, if indeed it was malicious on the site owners behalf, spoof a clean page to Google?

OF COURSE THEY COULD!

Could Google enable their advertising partners to help them?

of course they could.

Could Google spoof an IP and compare the indexed page against the one indexed without the spoofed IP?

OF COURSE THEY COULD!

edited-switched order

[edited by: Powdork at 7:50 am (utc) on April 28, 2007]

8:49 am on Apr 28, 2007 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Actually, Google couldn't spoof anything as Google.

They would have to come in from a random IP as a normal browser user agent and then Google would be technically breaking the law regarding "Computer Hacking and Unauthorized Access Laws" and that would be doing EVIL, wouldn't it?

1:48 pm on Apr 28, 2007 (gmt 0)

WebmasterWorld Senior Member jtara is a WebmasterWorld Top Contributor of All Time 5+ Year Member



They would have to come in from a random IP as a normal browser user agent and then Google would be technically breaking the law regarding "Computer Hacking and Unauthorized Access Laws"

Not if Adword advertisers gave permission as part of their agreement with Google.

1:53 pm on Apr 28, 2007 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



So rumours about the GOOOOOOOOstapo are totally unfounded.
6:36 pm on Apr 28, 2007 (gmt 0)



Looks like Google is already dealing with the problem:

[webmasterworld.com...]

1:55 am on Apr 29, 2007 (gmt 0)

WebmasterWorld Senior Member farmboy is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



Looks like Google is already dealing with the problem:

So the moral of this story is, when Google perceives something as a problem, they can and will take prompt corrective action.

Emphasis on the When Google perceives something as a problem part.

FarmBoy

4:06 pm on Apr 29, 2007 (gmt 0)

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member



So the moral of this story is, when Google perceives something as a problem, they can and will take prompt corrective action.

Any responsible company would. In this case, when stuff like this hits the mainstream press, it gets taken care of a bit quicker. ;)

4:36 pm on Apr 29, 2007 (gmt 0)

WebmasterWorld Administrator martinibuster is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



It's difficult to anticipate every negative use of the AdWords system, and I'm sure this caught them by surprise. In the interest of protecting their brand and trust in the system you can bet your bottom dollar they're working on weeding out rogue advertisers even as we speak.

hehehe

5:37 pm on Apr 30, 2007 (gmt 0)

5+ Year Member



Is it possible that a person's own website would show a warning if one of the suspect Google ads appears on one of your pages?
Someone told me this morning that when they tried to go to my website last night a box popped up with a danger warning. She put the url in a Google search box and got the same message.
8:01 pm on Apr 30, 2007 (gmt 0)

WebmasterWorld Senior Member farmboy is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



I wrote:

So the moral of this story is, when Google perceives something as a problem, they can and will take prompt corrective action.

pageoneresults:

Any responsible company would. In this case, when stuff like this hits the mainstream press, it gets taken care of a bit quicker. ;)

My comment was sarcasm about Google not perceiving MFA's, misleading ads, etc. as a problem and taking action on them. My guess is you probably recognized that.

But that with your comment about "any responsible company would" almost makes it seem like Google responding because this problem is getting bad press somehow earns them the title of being a responsible company.

FarmBoy

8:08 pm on Apr 30, 2007 (gmt 0)



You're assuming that, without press coverage, they wouldn't have done anything about the problem. I think that's a farfetched assumption, but opinions about Google's corporate stupidity (or the lack thereof) obviously differ.
This 43 message thread spans 2 pages: 43
 

Featured Threads

Hot Threads This Week

Hot Threads This Month