Spyware Still Cheating Merchants

Jamie found an interesting story about how Spyware is still on the move. It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things. It breaks down several common types of spyware and some analysis of each.

Spyware FP

[Anonymous Coward]

The spyware on slashdot's servers allowed me to spy on this story and craft a 1st post with ample time to spare.

Ben Edelman, here

[bedelman]

I'm Ben Edelman, the author of the piece. I'm happy to answer any questions folks may have.

It would be particularly interesting to hear from merchants and by legit (non-spyware-using) affiliates who are ripped off by the practices I documented.

Re:Ben Edelman, here

[teknopurge]

I'm a merchant that has recently looked into many forms of online advertising, and these are my thoughts:

Sponsored-search advertising is a ripoff. Google makes the vast majority of their money this way and I take issue. We have run numerous campaigns and stopped due to the lack of quantification. Talking with other merchants, people are starting to get disgusted by the google/yahoo/ms advertising avenues. clickfraud is rampant and we end up paying for it. recently, every time google releases earnings i can't help but laugh. all it takes is for a adwords merchant to start a campaign and watch their traffic and usage for a month to see what is going on. my feeling is that there is no better solution for online advertising, so people feel the need to do _something_, so they will continue to pay because they feel it is better than nothing.

Re:Ben Edelman, here

[Aladrin]

No offense, but isn't that the same as all other types of advertising? If you feel you are getting enough for your money, you buy the advertising. If you don't, you don't.

TV ads continue to be annoying and people are actively avoiding them now. Instead of making better commercials that don't annoy people, they just keep shelling out the money for the same old crap.

Radio, ditto.

Newspapers, magazines... Other than the sale ads and video game magazines (which are disappointing, because the ads rarely tell you anything the actual game), I don't think I've bothered to do more than glance at an ad in years.

How is 'sponsored-search advertising' any different?

And you say 'clickfraud is rampant.' ... Are you saying that you think Google is faking clicks? Or pays someone to? I can't see how anyone but Google would benefit from this. (I suppose the paranoid part of me says your competitor could be faking the clicks, to get rid of your ads... But that could have serious legal consequences.)

Re:Ben Edelman, here

[teknopurge]

I think google is aware of the problem and is taking a blind-eye to it. It makes sense in a way: if they put in more checks to deter clickfraud their revenue would be decimated. I'm not trying to be dramatic, but you can basically hand wave "advertising charges" away from people. Case-in-point, several people who are advertising affiliates for google have had large sums of $$$ that was due for payout frozen by google(http://forums.digitalpoint.com/). If this was isolated, I would discount it as maybe a few people were doing something shady google did not like. But when respected members that have been in the advertising business a long time start have their payouts frozen because they get into the thousands of dollars, I start wondering....

Re:

[bignetbuy]

"No offense, but isn't that the same as all other types of advertising? If you feel you are getting enough for your money, you buy the advertising. If you don't, you don't."

From what I read, the merchants are paying for advertising results that they would have received for free. That, in turn, forces merchants to spend more money on advertising and ultimately results in higher prices for consumers.

Re:Ben Edelman, here

[aclarke]

And you say 'clickfraud is rampant.' ... Are you saying that you think Google is faking clicks? Or pays someone to? I can't see how anyone but Google would benefit from this. (I suppose the paranoid part of me says your competitor could be faking the clicks, to get rid of your ads... But that could have serious legal consequences.)

Click fraud can happen on Google's "content network". I just happen to be looking at one of my ads right now. In the last week, it's been shown 104 times on Google's pages. It's been shown 13,636 times on other pages using Google's Adsense. You know, the Google ads on other peoples' pages.

If I run a site and put Adsense on it, I get a percentage of Google's revenue for each ad clicked through from my site. Therefore, if I have more click-throughs, I get paid more. That's where click fraud comes in. The advertiser gets a higher bill due to more clicks, and Google pays the fraudulent Adsense operator a portion of the revenue.

You can opt out of your ads being shown on the content network, or even on certain sites. But as you can see from the numbers above, you'll be losing out on a HUGE percentage of your ad impressions. OTOH, in my experience the CTR off Google's sites is higher than the content network CTR, and quite possibly depending on what your product is, the people might be more qualified.

Re:

[yulek]

i don't see google ignoring click through fraud.

i have a site i host with a friend of mine that uses adsense and i once clicked through on an ad because i actually wanted to buy what was being advertised (what a concept). it's against the ToS to click on those ads. but still, just one click. my account was shut down a few weeks later and i had to explain what happened to them to turn adsense on again. and we're not talking about giant monthly revenues here.

i'm sure there's a cookie/ip fingerprint 'cause

Re:

[aclarke]

I agree with you. I wasn't saying that Google is ignoring click fraud. I was just explaining how it can happen. A couple years ago I think it was a different story but as the problem became worse, Google started more actively cracking down on it.

Re:

[jaweekes]

You missed one point... It's also the amount of advertising on the web, TV, radio, etc. The reason I don't watch TV ads is due to the 20+ minutes of them in the middle of a 1 hour show (Thank you DVR!), so it doesn't matter how good it is. It's the same with the web; when most of the content is ads it's a huge turn-off, and magazines are the same.

Advertising would be more effective if there was less of it, but advertising agencies, etc just want to sell as much space as possible, regardless of how ef

Re:

[Tolkien]

TV ads continue to be annoying and people are actively avoiding them now. Instead of making better commercials that don't annoy people, they just keep shelling out the money for the same old crap.

Funny you should mention that! In fact, I was so compelled to reply that I didn't even read your post beyond that sentence.

I hate TV ads and fast-forward through ALL of them (bless my still-chugging VCR!), the ONLY exception I make are the Apple "I'm a Mac" ads. They're simple, funny, imaginative, and just pl

Apple's move to x86 and Linux

[miller701]

OS X is based on BSD, not Linux

Re:

[bendodge]

The clicks are usually made by rival companies trying to waste your money.

Re:

[MttJocy]

Or like in my case (as a publisher) by a user who happens to disagree with the content of your site and decides the best way to deal with that is to attack the revenue stream that is funding your hosting costs.

In this case the attack worked, prior to the attack I was averaging around 1,000 clicks per month legitimately and thus gaining reasonable revenues which paid for hosting, domain registration and various other services (such as occasional professional design services to help with certain things I am l

Re:Ben Edelman, there and not here!

[hesaigo999ca]

I have to say, for someon making alot of statements about things, you sure are unaware
of click-fraud statistics. People even have brought Google to court because of fraudulent
stats. I have adwords on my website, if I even go to my own website, and spend the day clicking on all the link and refreshing the page to get new ads, then click on those, I get some money in the bank for those clicks, at the end of the year I could maybe get 100-200$. That is if I have the time to do this, now there are people smart

Re:Ben Edelman, here

[idesofmarch]

Which pop-up blocker did you find most effective?

Pop-up blocker

[bedelman]

I don't have a strong view on pop-up blockers. I often use Google Toolbar. But in XP SP2, IE's internal pop-up blocker works fine too.

One key insight: Pop-up blockers don't stop spyware-originating pop-ups. Pop-up blockers stop pop-ups that load through a web browser, i.e. as a result of JavaScript code within pages users request. But pop-up blockers do nothing to stop full Windows programs (e.g. spyware) installed on users' computers.

Re:

[tokul]

IE's internal pop-up blocker works fine too.

Install shockwave. When it starts IE and pops setup window, say that you are younger than 1x. See the result. IE claims that popup is blocked, yet you get second window.

Re:

[bignetbuy]

Hi Ben, Great work...as usual. Have you notified Blockbuster or Netflix about your findings?

notifying the victim merchants

[bedelman]

I did send a note to someone I know in marketing at Netflix. I don't know anyone at Blockbuster, so I couldn't readily contact them.

Of course the bigger issue extends beyond those two specific merchants. Most affiliate merchants lack the kind of tough oversight of their affiliates that would be needed to prevent these scams.

Re:

[bignetbuy]

No question there are bigger issues than just two merchants. One has to start somewhere though. How about Investor Relations at BlockBuster?

Re:

[Anonymous Coward]

I'm just amazed that Netflix spends over 20% of their revenue on advertising.

I've also always thought that any merchant that pays for click-throughs or indirect referrals are foolish. It is just too easy to game those processes.

Here's a question or few for you

[Specks]

How would the merchants detect that Zango or other spyware makers have hijacked organic traffic or a legitimate affiliates cookie? If the software routs traffic through the spyware vendor's servers first then to the intended website how is a site like Netflix or Blockbuster going to tell if they don't get a chance to put a cookie there? Not to mention that a spyware vendor probably doesn't have the affiliate code in their name but probably a shell corporation or some other company. If companies like Netflix

How to catch rule-breakers

[bedelman]

Specks, you're right that merchants generally won't be able to figure this out merely from inspecting users' traffic or web server log files.

Instead, in my experience, the only robust enforcement strategy is testing: Get copies of the spyware, browse the web on infected test PCs, and see what happens. If an affiliate's link is invoked wrongfully and unexpectedly, then investigate and take appropriate action.

Is this trivially easy? Well, no. But it's the only clear way forward. And arguably it's appropriate: Any merchant paying out $$$$$ of affiliate commissions ought to put forth reasonable effort to confirm who they're paying and what they're paying for. In few other contexts would a company have as many suppliesr, subject to as little vetting (ex ante) and supervision (ex post), as in Internet advertising.

Re:

[azrider]

Question:

How would the merchants detect that Zango or other spyware makers have hijacked organic traffic or a legitimate affiliates cookie?

Answer:

By:

1: RTFA (and Mr. Edleman's reply to you question)

2: Duplicating his methodology.

If you (as a merchant) find that the same thing is happening, contact the FTC (among others), as well as a competent (and hopefully trustworthy) attorney.

It is your responsibility to ensure that your ad vendors are living up to their part of the bargain before paying them

Could advertisers catch this auditing their logs?

[Ungrounded Lightning]

If I'm reading your article correctly, at least some of these work by intercepting the customer hitting a link on the advertiser's site or popping up a redirected-through-affiliate page as a result of browsing the advertiser's site, to give the customer the impression he's just continuing his existing session.

If this is the case, it seems to me the advertiser would be able to identify this fraud by auditing his own logs - looking for a non-affiliate hit followed, soon after, by an affiliate hit claiming com

Re:Could advertisers catch this auditing their log

[nacturation]

My thoughts exactly. Any affiliate link should have the HTTP_REFERER header populated with where they came from. If the first hit to the site from any given IP address does not have an affiliate-style link, yet immediately after there's a visit to the site from the same IP address but with its referrer containing an affiliate-style link, then it should be possible to build up a history of suspected fraud. I'm glossing over things like proxy servers as this can either be solved with session cookies (which

Re:

[phantomcircuit]

Legit is a Registered trademark!!! [legit-site.com]

well ok not really ...

Re:

[Anonymous Coward]

Then you should read the article again.

The article described how, if you go to, e.g. Blockbuster's website and perform some action(such as signing up—they intend to pay legitimate advertisers who refer new customers), while having certain spyware installed, then Blockbuster is ripped off by having to pay an illegitimate advertiser, and the spyware makers benefit. You aren't affected directly in the slightest.

Re:

[Lockejaw]

Either Blockbuster/Netflix have advertising contracts with spyware companies (and I don't much want to do business with them), or they have no obligation to pay for any of these spyware-generated ads (and they aren't being forced to pay anything).

Re:

[Higaran]

I think I understood it exactly, if I don't want to support a spyware vednor and have their krap on my pc, then don't go sign up for those websites, plain and simple.

Re:Thats an interisting article.

[Wicked Zen]

Then you didn't understand it. Blockbuster/Netflix isn't installing the spyware. They are the ones being robbed because of spyware you already have on your computer.

Re:Thats an interisting article.

[Lockejaw]

Blockbuster/Netflix isn't installing the spyware.

No, they didn't, but they're paying to advertise via spyware.

Re:

[KarmaMB84]

Why would they knowingly advertise with someone who is obviously ripping them off? People are visiting *Blockbuster's* site and the spyware is initiating traffic that makes it look like they were referred by an affiliate when they had just *typed in the address themselves*.

This is a case of someone scamming legitimate affiliate programs at Blockbuster's expense.

Re:

[Lockejaw]

Why would they knowingly advertise with someone who is obviously ripping them off?

Now that they know about it, I imagine there's going to be some action taken.

Re:Thats an interisting article.

[raju1kabir]

How can Higaran's idiotic response be moderated "Insightful"? He managed to read a very clear article and come away with an interpretation that was almost completely the opposite of what it said. It does provide some insight into the sorry state of education these days, but definitely not into the topic of this post.

There is no spyware on the Blockbuster or Netflix websites.

There is spyware that may get loaded onto your computer by companies like Zango, which then intercepts your visits to Blockbuster/Netflix, and inserts a cookie that scams Blockbuster/Netflix out of commission $$.

Spyware will become clean...

[Kjella]

It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things. ...the day Tony Soprano becomes a 'respectable businessman'. Crapware (my common term for deceotive adware, spyware, malware and whatever else "toolbars" and "helpers" and "assistants") couldn't get clean without going into legitimate advertising and shareware. And there the competition is solidly entrenched already, so all I want for them is to quietly die. They're a cancer to the computer industry and should be eradicated.

Re:

[Shajenko42]

Crapware ... couldn't get clean without going into legitimate advertising and shareware.

There's an oxymoron if I've ever heard one...

Serves them right?

[140Mandak262Jamuna]

These merchants, Netflix, Blockbuster and others signed with people with very low ethical standards. These spyware vendors install software without consent, fool people, irritate people with pop-ups etc. And these companies thought that is how they should get their customers. It should not surprise anyone, least of all these merchants, that the spyware vendors use every trick in the book and then some to cheat them and charge fees and commissions. Let them go bankrupt. Serves them right for providing food to these cockroaches.

Re:Serves them right?

[u-bend]

Sometimes when cleaning out a relative's totally infested PC, I think that most average computer users are so bovine in their approach to spyware, that they really don't mind all the automatic installation that goes on, as long as it doesn't interfere with the "just works" experience. In my experience, there's very little of the outrage that we feel about this stuff. It's frustrating really.

Yes, it is frustrating.

[140Mandak262Jamuna]

I have tried to explain to my relatives and friends, with "real world" analogies. Like, "OK, the cable company says just leave the door unlocked, that way our tech can get in and install your new cable box and you dont have to house sit. Will you agree? Wont you feel outraged if all the merchants in town walk into your living room and paste their advertisement on your wall? Yes, security will entail some inconvences like staying at home and letting in the technician. But you would not leave the home unlocked, would you?"

The usual responses are that "You are exaggerating the dangers", and "I have nothing of value for anyone to steal in my computer" or "it is too complex to lock the machine down" or "I dont know how to lock the machine down" or "there are millions of people who dont lock their machine down, are they all fools and are you the only smart guy out there".

Their file sharing stops working. They call the tech. Some cousin of me from India walks them step-by-step to turn off the firewall in the router so that "he can come in and fix it", turns off the firewall in the machine, turns on remote assistance, fixes something and leaves. For the tech guy the metric is "minutes to solve the problem". Staying on line to turn back all the firewalls and turning off remote-assistances "does not pay". The machine gets pwend even before he is done and he recommends wiping the hard disk and restoring, wiping out everything the customer had in the disk.

It is a torture to be the one-eyed man in the land of the blind.

Re:

[bignetbuy]

These merchants, Netflix, Blockbuster and others signed with people with very low ethical standards. These spyware vendors install software without consent, fool people, irritate people with pop-ups etc. And these companies thought that is how they should get their customers. It should not surprise anyone, least of all these merchants, that the spyware vendors use every trick in the book and then some to cheat them and charge fees and commissions. Let them go bankrupt. .

Do you really believe BlockBuster sought out a spyware company to perform advertising? If so, that would be a bombshell. A kiss of death for BlockBuster. (How could this be proven?)

I'd wager that BB and NetFlix, when deciding how to spend their advertising dollars were pitched by these "dynamic marketing companies" (aka spyware companies) about new on-line marketing and referrals plans. Once they are notified that they are in bed with spyware companies, I'd wager (am a betting man lol) that they drop

Lie down with dogs, wake up with fleas

[gsslay]

I'd have thought so.

Make business arrangements with criminals and you deserve to get ripped off.

Re:

[raju1kabir]

These merchants, Netflix, Blockbuster and others signed with people with very low ethical standards.

Blockbuster didn't sign with Zango (the spyware company).

They signed with Linkshare, a reputable online advertising company.

The click gets laundered through successively less-sleazy companies on the way from the spyware-infested computer back to Blockbuster.

Now google has a till option....

[simm1701]

I can see the ideal solution to this type of advertising fraud.

If I am running a site selling certain goods, then I don't really care how many hits I get, I'm bothered about how many sales I get.

Now if google can set up an adwords system for me that does not charge per click, but instead I use their payment system as a check out and grant them a commission on refered sales (as long as they can prove that the refereal was sent via a targetted ad in the current browser session would be my condition) then they can take say 5% of the sale (on top of their normal processing comission.

Then the problem comes down to trusting google to correctly report which sales on your site are actually directly from one of their adverts and not from their main search.... however its only one company, its a large and well known company so auditing it would be a lot easier than many of the smaller more dubious companies.

Re:Now google has a till option....

[Aladrin]

Don't forget the reverse is true as well: Google has to trust your company to only use the Google checkout. Phone, mail, email... There's plenty of opportunity to turn that customer away from Google's checkout without doing anything shady such as only sending 2/3 to Google and the other 1/3 to something else.

There are also plenty of people that aren't interested in Google's checkout at all, and would refuse this.

If there was a simple answer, this problem would not have existed for so long.

Re:

[simm1701]

True, you are going to have to have the usual terms and conditions

Google must be the only checkout system on yuor site
your site must be orientated around an instant payment system
etc

The usual clauses, nothings perfect and I wouldn't suggest this replace whats already out there, just add another option and let people choose.

Given the choice I personally would use something like this over the choice of google adwords (right now I use paypal but am considering switching to google checkout)

Just like the Mob...

[MosesJones]

Trying to branch out into legit enterprises but you know that push come to shove your kneecaps are in trouble.

Capital S?

[LoudMusic]

Jamie found an interesting story about how S pyware is still on the move. It talks about how S pyware vendors are trying to clean up their image, but still doing fishy things. It breaks down several common types of spyware and some analysis of each.

How does spyware earn a capital s? I don't understand.

Re:

[AndrewM1]

It's a noun, being used to collectively refer to all Spyware programs.

From Wikipedia [wikipedia.org]: "Common nouns may be capitalized when used as names for the entire class of such things." In this case, Spyware is being used as a name for an entire class of such programs, and is thus capitalized.

Re:Capital S?

[TheHawke]

spyware, adware, or malware of any kind does not deserve to be capitalized, nor do corporations, entities, or persons trying to destroy our ways of life.

I do not care if the grammar nazis give me a d-, I refuse to comply.

Capital D

[Actually, I do RTFA]

I do not care if the grammar nazis give me a d-, I refuse to comply.

Letter grades should be capitalized: D-

That is all

Re:

[LoudMusic]

It's a noun, being used to collectively refer to all Spyware programs.

From Wikipedia: "Common nouns may be capitalized when used as names for the entire class of such things." In this case, Spyware is being used as a name for an entire class of such programs, and is thus capitalized.

That is vaguely familiar from an elementary school assignment of nearly 20 years ago. Thanks for doing the research (:

Re:

[Speare]

Spyware is still on the move. Spyware vendors are trying to clean up their image, but still doing fishy things.

through the magic of super-lazy editing staff, becomes,

Jamie found an interesting story about how Spyware is still on the move. It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things.

Re:

[treeves]

It's probably more like:

Jamie found an interesting story about how Spyware is still on the move. It talks about how Spyware vendors are trying to clean up their image, but still doing fishy things.

through the magic of super-lazy editing staff, doesn't become,

Spyware is still on the move. Spyware vendors are trying to clean up their image, but still doing fishy things.

It's more work to add superfluous words than to just copy and paste unchanged. More work still to judiciously remove words.

Re:

[Speare]

You've never graded school essays, then. The "it is about how [paste]..." gambit is a staple of weak-minded students who find it the easiest way to think they are avoiding plagiarism on a technicality.

Re:

[noidentity]

Get with the Times, Man! Today it's Hip to capitalize random Words. It means that Word is more Important than the rest. Or that the Writer didn't ProofRead his Work before posting it.

Maybe its time for a new name

[Anonymous Coward]

Does anyone else find it funny that spyware is trying to clean up its image? Maybe they should start with the name. The very name SPY WARE isn't very clean. Maybe they should change their name to "used to spy now trying to decieve ware"

Re:

[PhxBlue]

They could call it Digital Consumer Enablement!

Oh, wait ...

Re:

[noidentity]

How about "pretextware"?

Re:

[muellerr1]

Pretextware.

Ewww

[Dachannien]

Part of the problem is that online advertising has for a long time essentially been one gigantic circle-jerk, and in these cases, the original advertisers end up cleaning up the mess. Companies pay other companies to source advertising, who pay other affiliate networks and other websites a pittance to carry the advertising. There are enough middle men to make one's head spin. The original advertisers end up having no idea who they're dealing with.

Less outsourcing, and contracts that demand less second-degree outsourcing, would help the advertisers tremendously. I doubt that it would do much for the spyware victims, though, because there'll always be another scam right around the corner.

After working at a free newspaper for some time...

[erroneus]

...I arrived at the unshakeable conclusion that people in marketing businesses are relentless assholes who can only see things with dollar signs and care nothing about collateral damage they may cause. You can apply this to printed free papers who often litter the streets of many urban and suburban neighborhoods with their distribution boxes and papers flying through the air. You can apply this to spammers who are still convinced among themselves that they are not bad people and only annoy people a little. Just about anywhere there are marketing people, you will see them pushing over the edge of what is acceptable practices and behavior... not every marketer is like this, but the "successful" ones are definitely of that breed.

Whew!!!

[tickticker]

Glad I cleaned up that spyware before I read this, otherwise pop-ups would have gotten in the way!

--
Ticks are people too.

Heh. Online advertising.

[lewp]

"Internet Marketing" and "Online Advertising" are pretty much the most corrupt and shady businesses you can involve yourself with. Seriously, if you're thinking about getting into it, but have some morals, go check out being an arms dealer or something. The only legitimate dealings I've seen in this space are between large advertisers (not networks, I'm talking blue chip companies doing actual 1-to-1 advertising agreements) and large publishers (generally run by large media companies) with lots of lawyers i

Only one way to clean up their image

[Anonymous Coward]

The only way Spyware vendors will "clean up their image" is by not making spyware anymore.