Can A Single Click Be Worth $600: The Avoidable Fraud of Hackers and Botnets
What do the following search terms have in common?
- Business internet providers Los Angeles
- Car accident attorney Long Beach
- Mesothelioma attorney assistance
- Big rig accident attorney
This: If you want to buy them as Adwords, you will pay through the nose.
If you put these words into Google and click on the first four results, for each one of them, you will send about $8000 in Google’s direction at the expense of the businesses who bought the Adwords. They each cost between $450 and $615 per click. So, yes — a single click can be worth $600. (See The 1000 most expensive Google keywords.)
If you are a business in LA needing the Internet, have had a car accident in the Long Beach area, suffer from mesothelioma or got into an accident with a big rig, your attention is worth paying for — and it is Google, not you, that is getting paid. Shame about that.
The high price of these ads is not Google’s fault, by the way, it’s the competing businesses that bid the cost per click (cpc) up through the roof. The average Google cpc is far lower. It is somewhere between $1 and $2.
The Grim Battlefield
It is not just people seeking products and services who click on the Google-ads-disguised as search results. Also, there are a group of “bad actors,” whose only interest in to cost the advertiser money. These include:
- Disgruntled ex-employees
- Unhappy customers
- Activists who have a political ax to grind
- Unethical competitors
And it is not just people doing this, in fact in most cases it isn’t. It’s bots, or better put, hackers with botnets. Botnets can pretend to be people quite successfully. In general, a botnet is a networks of compromised PCs presided over by a hacker. Each PC can imitate a genuine user surfing the net. It isn’t so easy to tell the real from the false, because each compromised PC is owned by a genuine person.
Here’s a fun fact: about 1 in 5 ad-serving websites are visited exclusively by fraud-bots. That’s got to be dispiriting for those 1-in-5 websites, if they ever find out. They thought they were in the ad business, but they weren’t.
But never mind that, let’s cut to the chase: For every $3 spent on digital ads, $1 is wasted on fraudulent traffic (see AdAge.com). That’s remarkable — a third of the digital ad industry is consumed by fraud or, if you prefer, is fraud. And then there’s the curious fact that the click fraud focuses on the high click prices. Ads with a CPM cost (clicks per thousand) greater than $10 experience 39% higher bot fraud than lower-valued ads (see ANA). Does that seem suspicious? Does a one-legged duck swim in a circle?
Let’s take a step back and observe what’s happening. Certainly there can be false ad clicks from disgruntled individuals. But digital ads live and a twenty-first-century-automated-world, so if fraud is your game, employing Chinese armies to click away, night and day, is far too expensive. What you need is a large botnet — a click-farm if you like — that does your bidding. That seems to be what is going down here. Botnets are being hired to click on ads.
So who prospers when that happens? Obviously not the advertisers.
Let’s follow the money. Unethical competitors may be part of the picture, but they are not all of it. Websites that carry the ads and the ad networks themselves are utterly unharmed by click fraud. In fact, they split the profits. So… I’m not pointing fingers, but…
The evidence suggests (click here for a full report) that the level of fraud strongly correlates with the demand for digital advertising. Fraud increases when demand is higher. Fraudulent clicks, rather than real people, soak up the surplus demand. The money goes to the hackers with their botnets, and the ad-networks and websites they serve. Any ad network that attempts to opt out of this corrupt circle loses revenue. It is thus self-perpetuating. You can opt out, so you have to buy in.
And if you happen to be an unhappy advertiser, then good luck in proving to the ad network that some proportion of your traffic was bogus.
What’s The Alternative?
The alternative is to build an ad network where the clicks are provably real human beings who have an interest in the ads they click on. This is what Permission.io, formerly Algebraix (and one or two other blockchain businesses) are doing.
To change the ad world means to reimagine it and then rebuild it. The time is right for this. The blockchain makes it possible to ensure that only real people interact with ads and other promotional content. A permission-based platform makes it possible to accurately target and serve ads to those real people and to know that when they click on an ad, they are genuinely interested.
Contrast this with hordes of virus-infected PCs connecting to web pages that are never seen and clicking on ads that are never viewed to earn money that is undeserved.
Robin Bloor Ph D. is the Technology Evangelist for Permission.io, author of The “Common Sense” of Crypto Currency, cofounder of The Bloor Group and webmaster of TheDataRightsofMan.com.
