Study: Botnets boosting click fraud rates on ads

The overall industry average click fraud rate--which represents the number of clicks on online pay-per-click ads that are not legitimate--has jumped, according to a new report from search engine marketing firm Click Forensics.

The overall click fraud rate was 15.8 percent for the second quarter, up from 14.1 percent from a year ago and 14.8 percent from the previous quarter, Click Forensics said. The rate for pay-per-click ads appearing on search engine content networks, such as Google AdSense and the Yahoo Publisher Network, was 25.6 percent, up from 21.9 percent for the previous quarter.

The increase is due to a rise in the use of botnets, or networks of software robots that compromise people's computers and are remotely controlled or pre-programmed to do things like send e-mail spam, shut down Web sites by overwhelming them with requests or, in this case, automate the repetitive clicking on advertisements on Web sites, the report said. The clicks are fraudulent because they are not legitimate clicks from potential customers.

Traffic from botnets doubled from the first quarter to the second quarter, the report says. The FBI estimates that more than 1 million PCs in the U.S. have been compromised by botnets and are being used to conduct fraud.

"Click fraud has become the new spam and it's clearly a problem that is getting worse, not better," said Tom Cuthbert, chief executive of Click Forensics.

Click fraud is a problem in the industry because advertisers pay every time their ads are clicked on. It is done to either boost revenue to the Web site hosting the ad or to deplete the budget of the advertiser. Advertisers complain that they are credited for only a small fraction of the total of fraudulent clicks detected on their network.

Google claims that its click fraud rate is in the single digits, and Yahoo claims its rate is less than the 12 percent to 15 percent of the clicks on its network that it does not bill customers for. The Click Forensics figure measures all clicks detected on the advertiser side that are believed to be fraudulent, including clicks that Google or Yahoo may have either not charged for or credited advertisers for after the fact.

"Yahoo is also actively pursuing numerous new quality initiatives that provide advertisers with more control over and visibility into the quality of their traffic. We've recently launched new features and functionality--like quality-based pricing and enhanced geo-targeting tools--for advertisers and we plan to introduce additional controls like domain blocking in the coming months," Reggie Davis, vice president of marketplace quality, said in a statement. "While vigilance against click fraud is a top priority for Yahoo across all of our offerings, it's important to note that our Yahoo Publisher Network remains a limited beta program, which allows us to more closely monitor the quality of the publishers in our content network."

Google released a statement that said: "These estimates continue to count clicks Google does not charge to advertisers as fraudulent, so they are not actually click fraud estimates. Furthermore, their estimates have never reflected the invalid click rates we see at Google. It is also worth noting that in all of 2007, only two advertisers have contacted us regarding click fraud data from Click Forensics, and in both cases we found that the suspicious activity was not charged for in the first place."

Yahoo and Google have both settled class action lawsuits filed over click fraud.