The role of malware in click fraud
The majority of modern malware has been designed with malicious intent; to cause damage to a computer’s operating system or its data; or to steal information from a user, or increasingly, from online advertisers.
As you will have seen, many large websites rely on advertising for their revenue. The amount of money spent on online advertising is growing rapidly with more than $32 billion spent in the US alone during 2011. Advertisers like online advertising because it can be relatively cheap compared to a printed advertisement and because software allows for individuals to be targeted with specific adverts for products they are likely to buy.
The most common type of advertising is ‘pay per click’ where advertisers only pay the owners of a site when a user clicks on an advert. This system can be subverted by either generating clicks that don’t come from genuine customers, or by hijacking a click intended for a genuine advertiser. This is known as click fraud, it accounts for more than 20% of all clicks and it can be aided by malware. Computers all around the world, operating as a botnet, can generate false clicks, siphoning money from advertisers through multiple layers of publishers and redistributors to hide its eventual destination.
While an individual click will only raise a tiny amount of money, done millions of times, click fraud can raise serious amounts of money. In 2011, the FBI broke a click fraud operation based in Estonia that had infected more than four million computers in 100 countries and stolen in excess of $14 million from advertisers.