One of the more interesting stories to come out this week is from Brian Krebs over at Krebsonsecurity.com. Writing on Friday, Krebs used his prodigious knowledge of the cyber underground to profile “GoodGoogle,” one of a growing number of specialized online fraud services that helps e-commerce firms target competitors by gaming Google’s AdWords feature.
As you probably know, AdWords are one of Google’s biggest sources of revenue. They allow companies with products or services to sell to “bid” on words or phrases (like “Internet of Things”). Users who search on those terms will see hyperlinked ads to the right of their search results that link to a site of the advertiser’s choosing.
Advertisers pay a premium to own popular (and lucrative) keywords – more than $40 per click for keywords like “loan,” “insurance,” “mortgage” or “attorney” depending on the word and time of day. Typically, advertisers set a certain daily budget to fund AdWords campaigns. As that budget is exhausted, lower bidding competitors get a chance at top billing, and so on down the line.
According to Krebs, GoodGoogle games that feature, using a combination of custom bots and human operators to force competitors to pay out for fraudulent AdWord clicks. Customers pay to block specific ad units for a specific period of time, or can pay a flat fee of $1,000 to permanent knock a competitors’s Google AdWords ads indefinitely.
Google has sophisticated tools to identify click fraud, so it is suspected that GoodGoogle’s service uses advanced software to get botnets to mimic human interactions and make the AdWord traffic look organic.
Read the full story on Krebsonsecurity.com.