Skip to main content

Web extortion scam threatens to flag sites to Google as spam

(Image credit: Image Credit: Shutterstock)

Website owners serving ads through Google AdSense are falling victim to a new email-based extortion scheme.

Extortionists are threatening to flood websites with fake traffic, thereby triggering Google’s anti-fraud system, unless the victim surrenders $5,000 in bitcoin.

If the anti-fraud system detects high volumes of invalid traffic, the site owner’s Google AdSense account is automatically suspended, cutting off all ad revenue from bona fide traffic.

Extortion scam

In an effort to safeguard its systems from manipulation, Google recently announced plans to bolster algorithms responsible for identifying invalid traffic before ads are served.

The company defines invalid traffic as “clicks or impressions generated by publishers clicking their own live ads,” which includes the use of automated clicking tools and traffic sources.

The scammers behind this new scheme are threatening to “flood [the AdSense user’s site] with huge amounts of direct bot-generated web traffic, with 100 percent bounce ratio and thousands of IPs in rotation.”

“Next an ad serving limit will be placed on [the user’s] publisher account and all the revenue will be refunded to advertisers,” the scammers go on to claim.

AdSense suspensions can take a significant amount of time to lift, even if applied to an account without cause. The extortion scheme operates on the assumption a one-time $5,000 pay off will prove cheaper overall than the loss of weeks worth of advertising revenue.

In an attempt to allay concerns, Google has emphasised the measures in place to protect AdSense users from scams such as this.

“We hear a lot about the potential sabotage. It’s extremely rare in practice, and we have built some safeguards to prevent sabotage,” the company said in a statement.

“We encourage publishers to disengage from any communication or further action with parties that signal they will drive invalid traffic to their web properties. If there are concerns about invalid traffic, they should communicate that to us,” it advised.

Via KrebsOnSecurity