25
Jul 14

Service Drains Competitors’ Online Ad Budget

The longer one lurks in the Internet underground, the more difficult it becomes to ignore the harsh reality that for nearly every legitimate online business there is a cybercrime-oriented anti-business. Case in point: Today’s post looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors.

Youtube ads from "GoodGoogle" pitching his AdWords click fraud service.

Youtube ads from “GoodGoogle” pitching his AdWords click fraud service.

AdWords is Google’s paid advertising product, displaying ads on the top or the right side of your screen in search results. Advertisers bid on specific keywords, and those who bid the highest will have their ads show up first when Internet users search for those terms. In turn, advertisers pay Google a small amount each time a user clicks on one of their ads.

One of the more well-known forms of online ad fraud (a.k.a. “click fraud“) involves Google AdSense publishers that automate the clicking of ads appearing on their own Web sites in order to inflate ad revenue. But fraudsters also engage in an opposite scam involving AdWords, in which advertisers try to attack competitors by raising their costs or exhausting their ad budgets early in the day.

Enter “GoodGoogle,” the nickname chosen by one of the more established AdWords fraudsters operating on the Russian-language crime forums.  Using a combination of custom software and hands-on customer service, GoodGoogle promises clients the ability to block the appearance of competitors’ ads.

“Are you tired of the competition in Google AdWords that take your first position and quality traffic,?” reads GoodGoogle’s pitch. “I will help you get rid once and for all competitors in Google Adwords.”

The service, which appears to have been in the offering since at least January 2012, provides customers both a la carte and subscription rates. The prices range from $100 to block between three to ten ad units for 24 hours to $80 for 15 to 30 ad units. For a flat fee of $1,000, small businesses can use GoodGoogle’s software and service to sideline a handful of competitors’s ads indefinitely. Fees are paid up-front and in virtual currencies (WebMoney, e.g.), and the seller offers support and a warranty for his work for the first three weeks.

Reached via instant message, GoodGoogle declined to specify how his product works, instead referring me to several forums where I could find dozens of happy customers to vouch for the efficacy of the service.

Nicholas Weaver, a researcher at the International Computer Science Institute (ICSI) and at the University California, Berkeley, speculated that GoodGoogle’s service consists of two main components: A private botnet of hacked computers that do the clicking on ads, and advanced software that controls the clicking activity of the botted computers so that it appears to be done organically from search results.

Further, he said, the click fraud bots probably are not used for any other purpose (such as spam or denial-of-service attacks) since doing so would risk landing those bots on lists of Internet addresses that Google and other large Internet companies use to keep track of abuse complaints.

“You’d pretty much have to do this kind of thing as a service, because if you do it just using software alone, you aren’t going to be able to get a wide variety of traffic,” Weaver said. “Otherwise, you’re going to start triggering alarms.”

Amazingly, the individual responsible for this service not only invokes Google’s trademark in his nickname and advertises his wares via instructional videos on Google’s YouTube service, but he also lists several Gmail accounts as points of contact. My guess is it will not be difficult for Google to shutter this operation, and possibly to identity this individual in real life.

Tags: , , , , , , ,

72 comments

  1. … and you’ve earned yourself *another* enemy! 🙂

    • Thankfully,Krebs doesn’t need advertising….

      Very good article,i really wonder how Google hasn’t shut down the operation…

      • Because Google gets rich off of it.

        • It’s not that simple, I don’t think the short term gain is worth the long term reputation damage and loss of business for Google. Advertisers who don’t make a return on investment, leave, and they often don’t come back. I think it would be very difficult to make a logical case for your conspiracy theory.

        • I doubt it given my experience using Adwords – if anything they’re too stringent in blocking bad actors (in the sense that good actors sometimes end up on the bad end of this). They definitely do not operate for short term profit at the cost of their service becoming less profitable and trusted in the longterm (in this case allowing fraud in order to make short term profits whilst degrading trust and profits in the long term).

          It’s far more likely IMO they’re simply not (or weren’t) aware of this guy using other Google services.

  2. As always, interesting reading. Without joining the ranks of pedantic typo-hunters…..;
    Is the “$80″meant to read “$800”?

    • I’d imagine those are the costs for ‘per ad unit’

      3 – 10 = $300 – $1000
      15 – 30 = $1200 – $2400

      • If this is the case, how does the $1,000 flat rate come in to play?

        I am curious how much the crooks are paying for what the advertisers are losing. They must be targeting competitors with enormous daily budgets. I hope Krebs corrects the article to show the proper pricing structure.

  3. Excellent article Brian!

    The YouTube videos (possibly the channel also) should be down momentarily. If flagging doesn’t work, I’ll pass them directly onto YouTube policy staff as I am sure Google wouldn’t appreciate such a service being advertised on their own platform.

  4. Using gmail to defraud Google? Sweet.

    In a previous consulting job I once tracked down someone who was selling a service to defraud my client. It was pretty easy. He was asking people to pay for the service using a payment system owned by that client. He ended up serving six months for conspiracy to commit wire fraud, and had to pay back all the money he had made. My client knew exactly how much money he had made…

  5. why would they

    why would google stop him? he is making google money faster by exhausting adword funds

    • There you go bringing logic into this. 🙂

    • Once again: Google has a reputation to maintain towards its clients. No being part of this scam is a key element.

    • If you actually ran Adword campaigns you would know this is exactly what they do not do.

    • Because if advertisers don’t get a return on their Google advertising spend, they will stop using Google.

  6. Google’s reputation? Long term business relationships with advertisers? The same reason that Google stopped doing anything with porn?

    I would hope that they look at the long term effects of this scam and shut it down.

    Yes, they make some money from this, but this will not look good in the long run and people (like me, now) who now know this will hesitate to use adwords until this is shut down.

    • Michael Ronayne

      If Google shut this down, they would be out if business in very short-order. Google AdWords is their mother’s milk.

      • You are *vastly* underestimating how much money Google makes from legitimate Adwords business. What you are proposing is absurd.

  7. TheOreganoRouter.onion.it

    Sounds like it’s accomplished through the use of server side scripting of some type, that’s my guess.

  8. The fraud would be tolerated by Google BUT ONLY if it is kept secret. Now that it is exposed of course they will seek to shut it down. IMO

    • I hate to bust your nice conspiracy theory but Google is not interested in having less advertisers bid on words which is what letting fraud like this continue leads to as the victims of the fraud stop bidding.

      They are actually interested in having advertisers pay as much as possible to increase profits. Perhaps this is obvious but then you did just make the allegation that they don’t act in this manner.

  9. AnomymousForObviousReasons

    I would never spend a dime on Google’s advertising. Everything that goes on with the advertiser has to be taken on trust. And any company that invades privacy like they have done or tracks people the way have done should not be trusted by anyone.

    • That’s good, less competition for the rest of us that want to make money.

      Good luck finding a better solution to reach search traffic. I’ll save you some time, it doesn’t exist.

    • But their motto is “Don’t be evil.” Is that not reassuring enough for you?

  10. I don’t use Google or Yahoo. Much better choices available.

    • There really isn’t anything anywhere near as effective as Adwords to target search traffic. Nothing else even gets close.

  11. As someone who works for the ad industry, I can say say that click fraud of all types is seen as a huge problem. It’s impacting the industry heavily, not least in the pocket book.

    Several companies are working on handling the problem, including mine. I know that for us, one of the risk factors is that we know that overt action will paint a big target on our company for the bad guys – but we’re going forward anyway.

  12. In a less organized manner, I’ve heard of average citizens who will search for “mesothelioma” or any other keyboards of interest to ambulance chasing lawyers. Then they will click all the ad links. Supposedly, lawyers pay some VERY serious money for those ads. In their way, these folks are out to gouge the lawyers who gouge the world.

  13. sheik yerbutti

    I don’t use Google, Bing or Yahoo for search. For surfing, I don’t use Chrome or Yahoo because they attract unwanted changes to my homepage and toolbar

  14. Could a similar thing be going on at Facebook? My company has done a lot of Facebook advertising and promoted posts, and has carefully studied the origin and behavior of the responses. The distribution of respondents always looked more like the distribution you would see from a botnet, rather than a normal distribution of real people likely to have an interest in us. Also exclusively with FaceBook, big numbers just don’t result in the typical time on site numbers, like it does with our other efforts. In our case, our highly targeted marketing efforts typically result 20 to 40% staying on site for 30 seconds or more, where on FaceBook, 98% stay 2 seconds or less. I studied a lot of statistics and pride myself on being better than average at pattern recognition, and a system like the one you describe for Adwords would explain what I think I’ve been seeing on Facebook.

    • Watch a video on YouTube called ‘Facebook Fraud’ and that will explain the pattern you are seeing with your Facebook advertising.

      • Thanks Josh, the YouTube video you reference was great and really confirms what is going on. Just yesterday Facebook reported a huge increase in ad revenue. Apparently the hackers stealing credit cards that is being so ably exposed here are real amateurs compared to Facebook when it comes to using complex deceptive practices to acquire a huge amount of money via questionable practices. Just proves once again the philosophy of George Washington Plunkitt – the most corrupt local official in the US at NY City’s early 1900’s Tammany Hall – Never mess with the penal code, there is enough to be stole honest like. Thanks again!

  15. I was a victim of something like this and was forced to discontinue using Adwords for a time. It hurt my sales tremendously. Out of desparation I resumed using Adwords cautiously with tighter budget limits and things are getting back to normal. The lack of traffic during that period appears to have negatively affected my store’s Google ranking as well.

    • I do not have actual proof, but after using adwords on and off, I found it very clear, there is a direct connection between how much you advertise using adwords and your rating with Google. It looks like they automatically derate you when you do not advertise. But, that is foreseeable considering the money involved. Some would call it cheating the normal users.

  16. Why did my earlier comment not appear? Is calling blackhat actors m o r o n s not allowed?

  17. Thanks for the tip. I’ll try this with my competition.

  18. Ive been online for about 30 years now and have never once clicked on an ad banner/link. It astonishes me how many people do.

    But then again i guess there are just as many people who have bought shamwows, george foreman grills and RonCo juciers/knives.

    • Yet you will probably complain when your favourite websites start charging for access.

    • That Payments Guy

      Funny Fred’s been online for 30 years but online ads/banners have only existed since the early-mid 90’s. I didn’t click any online ad banners in 1984 either.

      • I’ve been online for 30 years also. FYI, since you obviously have not been around that long, there was an online world before the WWW even existed. There wasn’t much advertising in it back then, but if you read Fred’s comment again, you might realize that he never said clicking banner ads was an option that far back. Lighten up and learn from your elders.

  19. We’ve encountered this precise activity coming out of Venezuela – about 20 different IP addresses clicking away at our Google Ads (which we have sitting on a daily limit, so we lost two days service, and then blocked Venezuela) – they have not returned, but we are watching…

  20. Reading through these comments, I’m amazed/wowed/astonished by how many people rely on Facebook and Google for their business.

    Granted, I don’t know what these people are selling, but there are many smaller better targeted ad networks.

    If my sales relied on Google, FB, or any other online ad company, I’d seriously reconsider my business model, if possible?

    Relying on ad companies that are not concerned about my success or failure, just my payments, is short sighted for a business owner.

    • I think you have very little idea of what you’re talking about in all honesty. This is the area I work in. I’ll hazard a guess that you do not based on your comment. Other networks simply provide lower quality traffic which means you have a lower conversion rate. Pertinent to Brain’s blog post: a large part of the reason Adwords delivers high quality traffic is they are very aggressive on fraud.

      It’d be nice if people names these supposedly better ad networks and in your case explained what you think is better targeted than an ad triggered by a search phrase the user has just made. There is not a better way to know what a user is intent on doing than this.

      • You are not doing your job very well if you think Google is the end all and be all of internet advertising. So to chastise another user is rather weak.

    • If you do your Adword campaign right, you are reaching people who are looking for your product, and want to buy it now. Therefore you can expect to get a very good conversion rate. That is why businesses use it.

  21. This sounds similar to malware developed by cybercriminal Andrey Nabilevich Taame. Taame and his conspirators developed malware that would infect computers and change the Domain Name System (DNS) settings in order to route the infected computers to servers controlled by his conspirators. These servers converted the domain names to incorrect IP addresses and redirected the infected computer to websites in order to generate false advertising information.

  22. The sooner Google can shut this down the better, it’s hard enough to convince certain potential PPC customers that Google is doing a good enough job in preventing fraud.

  23. I’m sure Google are collecting evidence – they don’t want to just shut this down, because it will simply move somewhere else.

    What they’ll want to do is gather the evidence, know exactly who what and where this service is and then they’ll take action that will shut it down on a more permanent basis. There is still no guarantee it won’t start up again, but they’ll want to be as thorough as they can be.

    • From a Business perspective, Google is making a boatload of money through this. Now that the evilness has been exposed, sure, they might be able to “research” what they can do about it, and drag their feet some to keep the revenue pouring in.

      Google typically watches which clients are clicking, and pretty much doesn’t allow an over saturation of clicks from a single PC. Extensive BOT armies can simply do a lot of click fraud, and though this may be tracked by google in respect to which IP clicked on an ad, it would be extremely tough to say which computers actually had users click an ad and which ones were BOTs.

      Gathering evidence through clicks means they may have to sniff a lot of traffic in order to see what actually is going on. I could see them standing up a bogus advertisement scheme to do this, but the term competitor reaches across every facet of business, so this is NOT a simple process. It could take years to find out what the heck is actually going on.

      If google simply shut down the adwords bidding and offered a flat rate per month fee per keyword it would eliminate most of this. Then it would be fair and across the board. the sites then would have to tweek thier own sites and keywords to make then stand out the best. It would be a combination of site SEO and Google keywords that would push a website to the top of the paid advertiser side bar.

  24. Nothing beats good ole natural SEO style links. Organic Links don’t cost you anything and if you tightly knit a handful of keywords, there is no need for Google Adwords.

    I am not a rocket scientist SEO guru. I just learned from messing around with a few websites to see how good or bad select keywords would work. In the beginning its a slow process, so the better your keyword selection is, the better your initial results will be.

    Look, if I can get sites up within Google’s first three pages after a weekend’s worth of effort, then there IS an alternative to paying a web giant with hard earned cash. Sure it may take a month or two to see results, but after that, very mild tweeking will keep your site within the top 3-5 web pages of google search.

    Google webmaster tools has a huge amount of educational material, and most of it is free. You can learn which website formats are kind to google and which are not. You can choose keywords based on extensive analysis – not just your best guess.

    No. I am not willing to take on any additional work, no matter the offers. I hope the information frees people from having to pay at times, a high rate for simple keywords.

    • If you are not on the first page you have already lost the game. The first 3-5 pages are where you end up when you do it wrong.

      • hehehehehe.
        I see that your much more capable of doing it yourself – with some one else’s money – no?
        Since you offer no futher advice than what others say generically I consider your SEO Skills and comment quite average, along with your attention to details. Jut because I said I have it to the top 3-5 pages of Google doesn’t mean it cannot make it to the first page. You forget, or do not know how SEO works. People get paid to pay attention to the rankings and its a constant code war to make the natural links more credible and rich in content using keywords.

        If I can do it over a weekend and see results to the top 3-5 pages, and another person can spend thousands of dollars in google adworks costs to get a page higher – go right ahead. Loss is in proof of ROI, not common rheteric from some one obviously uneducated in the subject.

  25. I have seen many click fraud situations in my career, all of them were beautifully handeled by clickcease.com. If you have these problems have a look at clickcease.com’s solution.

  26. You’d think Google would have been pro-active on this this one as it effects their credibility and eventual revenue. I suspect its not that big yet and if they are frauds why not with testimonials too?

  27. As a PPC management company for the past 13 years I can put some context around this.

    Google does not condone or promote this type of fraud, however it would seem that they do not make it a red alert priority. We have experienced numerous cases of such attacks over the years and Google Does respond with refunds, however they tend to be about 60-70% of the actual fraud amounts. Google was the first and continuous to be the leader in giving advertisers the tools and reports to help combat click fraud or simply poor quality/suspicious clicks.

    Yahoo on the other hand for years denied culpability, refused to provide tools and reports to reduce poor quality publishers or straight up click fraud… and you can see where they are now.

    Bing/Microsoft advertising has been in the middle. Offering some tools and reporting, but their overall traffic volume is so low that the fraud has less of a bite.

    There are far more tactics in play than straight forward click manipulation. There are also tactics of submitting false forms in order to flood the advertiser with bogus leads, wasting their time, resources and demoralizing their sales team. Or in some cases losing a client. There are political attacks with teams of advocates intentionally clicking on their “opposition’s” ads in order to drain budgets.

    All in all PPC is a very difficult channel to be successful in. Businesses need to have a professional on their side to give themselves the best chance at success.

  28. couldnt find the service not on youtube and not online
    does anyone have a link?

    • Dan,

      The YouTube channel was “AntichatGG”. It has since been terminated by YouTube. You can find forum threads advertising the service by doing a Google search for the following –

      “Antichat” “goodgoogle”

  29. Truth be Told!

    Actually it is true I have seen it first hand in my canpaign the way I have the ad groups set up. They always get me in the morning its crazy yo watch pretty sneakey goole cant do anything to stop it ive shelled out thousands to stop to no end .Now ive hirefa P I good luck

    Wa state

  30. When was this exposed? I wonder if our company has been a victim….any way to find out?