In The News‎ > ‎

Click Fraud case study

posted Jan 29, 2015, 11:55 AM by Craig Cox   [ updated Jan 29, 2015, 11:58 AM ]
When a business advertises on the web, it usually pays an online ad agency a few pennies for each time someone clicks on the ad to see their product.  Click fraud is the practice of running up those click numbers, whether an interested customer is looking or not.

The Symantec blog has a long, detailed entry on a scam where people are tricked into clicking a link in an email, which (long story short) causes the computer to spend more time clicking for ad revenue than doing whatever the legitimate owner wanted to do.

Here's why this is important:  Many times I hear the comment "Hackers don't want my computer, there's nothing important on it."  This is why hackers want "unimportant" computers -- those unimportant computers can be busy pretending to be interested customers, bilking ad agencies (or the business being advertised, depending on how the fraud is set up).  They could also be sending out the malicious emails the hackers want others to open.

Computer security expert Brian Krebs has a much longer list of things a hacked PC can be doing for the bad guys.

The usual defenses apply:
  • Be suspicious about odd, unexpected emails (or social media posts, for that matter)
  • Keep your operating system up to date
  • Keep your antivirus package up to date
  • Keep your add-on packages like Java, Flash, and your PDF viewer up to date
  • Keep good backups; once in a while, even the most vigilant get compromised
On college-owned computers we do the updates and backups for you, but please keep up with them at home -- and please be skeptical about attachments and links at all times!