January 11, 2017 | by Vuk Stan

The Real Face Of Click Fraud

Over its time in existence, internet marketing has been victim to many scams. A common one that costs the industry literally billions of dollars a year is known as click fraud. This refers to the practice of falsifying interactions with advertisements online. It can take different forms.

One approach is to harness the malicious power of robotics to cause chaos to advertising budgets. This might sound like the stuff of science fiction, but we're not talking about Arnold Schwarzenegger and his bionic exoskeleton here. We're referring instead to the use of covert software, allowing the automation and control of other users' PCs.

This software, known as malware, infects unknowing computer and mobile phone users and can be used for many purposes. When you consider how great the annual cost of click fraud is to advertisers, it's hardly surprising that hackers are targeting such campaigns with their bots.

 

But what is a hacker really? We've all heard about them. Hackers leaking data, performing credit card fraud, and playing juvenile pranks on some of the largest online entities in the world. Their existence is one of secrecy, disguising themselves with sophisticated VPN systems, alternate servers, and other such devious means to drift through the web causing havoc undetected.

It's rare that we ever get to meet a hacker, or even click fraudster, face to face. However, they do, from time to time, get caught. When they do their carefully created aura of intrigue and mystery comes crashing down around them, exposing their misdemeanors and crimes for all the public to see.

 

A Real Life Hacker

Meet Vladimir Tsastin, a real life hacker from Estonia. Unfortunately (for him at least), Vlad's criminal empire came crashing down in 2015 after he was found guilty of operating a huge click fraud scam. It is estimated that the scheme had been running since 2006 and had caused harm to over four million victims, costing a massive $14 million.

 

The scam was simple enough. The ring of hackers, lead by our man Vlad, set up online publishing companies (notably Rove Data) and made arrangements with advertisers to show their material on the pages they published. Nothing strange about this, so far.

All sounds quite legitimate. However, with the deals in place, phase two of the click fraud scam could be enacted. The team built an advanced piece of malware, allowing them to change domain name settings on infected machines. This in turn allowed for the creation of fake clicks on advertisers' campaigns.

 

The cost of the campaign was great, but fortunately Vlad was eventually brought to justice in 2015. He was sentenced to over seven years in prison by US District Judge Lewis Kaplan after pleading guilty of engaging in computer fraud. Tsastsin was also required to repay $2.5 million, somewhat less than the figure that some have estimated his scam raked in.

 

The most important lesson to draw from examples like Vlad's is to understand that the threat against advertisers is both a costly one, and an evolving one. The tactics used, and cracked down upon today, are the tactics of yesterday for the hackers. Their knowledge and know-how of systems allows for a constantly upgrading barrage of weaponry against online advertisers. One thing is for sure from this case, it's certainly a troubling time to be involved in internet marketing.