Google, Facebook and chums launch web blacklist to nail ad scammers

New tricks nix fake clicks

Tech big wigs including Facebook and Yahoo! have forged a giant blacklist to block fake web traffic contributing to advertising fraud, said Google ad man Vegard Johnsen.

The Trustworthy Accountability Group (TAG) pilot program will nix bot traffic using a blacklist which could cut a significant portion of web traffic; Google's DoubleClick blacklist alone blocked some 8.9 per cent of traffic.

"The newly shared blacklist identifies web robots that are being run in data centres but that avoid detection by the IAB/ABC International Spiders and Bots List," Johnsen said.

"By pooling our collective efforts and working with industry bodies, we can create strong defenses against those looking to take advantage of our ecosystem.

"We look forward to working with the TAG Anti-fraud working group to turn this pilot program into an industry-wide tool."

Johnsen added that some publishers will do anything to inflate clicks including running tools in data centres that generate fake ad impressions.

Trustworthy Accountability Group chief executive Mike Zaneis declared the pilot would tackle fake advertising head on.

“This program is another piece of the interlocking set of solutions TAG is building to fight fraud across the entire ecosystem," Zaneis said.

"The industry is galvanising its efforts and we will win the war against fraud.”

Johnsen outlined two examples of toolkits mongrel marketers will use including UrlSpirit that serves as a form of botnet. Nominated URLs are distributed among Internet Explorer instances running on mostly data centre boxes that operate the software. Google found some 6,500 installations generating 500 million requests or 2,500 ad requests per instance per day.

HitLeap is larger with 4,800 installations of which 16 per cent are operating in data centres.

"Not only were these publishers collectively responsible for billions of automated ad requests, but their websites were also often extremely deceptive. For example, of the top 10 webpages visited by HitLeap bots in June, nine of these included hidden ad slots – meaning that not only was the traffic fake, but the ads couldn’t have been seen even if they had been legitimate human visitors."

Not all fake clicks were malicious; one legitimate unnamed organisation had generated a whopping 65 per cent as detected by DoubleClick of automated data centre clicks by merely probing ads and ad landing pages across the internet. ®


Biting the hand that feeds IT © 1998–2017