A new email extortion campaign is actively being targeted against those publishers who’re serving banner ads. The malicious group has been warning publishers to drive unusual traffic to their sites, causing Google to flag fake and ban them eventually. Google has responded to this campaign and said they’re defending such threats with their tools and would help potential victims to safeguard themselves.
Serving ads via AdSense is a primary source of income for any regular blogger. Ads could garner significant revenue besides affiliates and subscriptions, so this couldn’t be ignored by a publisher. But a nightmare as Google’s notice to suspend or even ban their site from serving ads could scare them enough. And here’s one such attack in wild, demanding publishers to send $5000 worth bitcoin in exchange for not bombarding their sites with fake traffic.
Driving traffic to flag them suspicious
The unknown attackers have been warning few publishers by emails and warning them of their attacks. An excerpt from one such email sourced by Krebs read,
“Very soon the warning notice from above will appear at the dashboard of your AdSense account undoubtedly! This will happen due to the fact that we’re about to flood your site with a huge amount of direct bot-generated web traffic with 100% bounce ratio and thousands of IP’s in rotation — a nightmare for every AdSense publisher. More also we’ll adjust our sophisticated bots to open, in an endless cycle with different time duration, every AdSense banner which runs on your site.”
Google’s algorithms constantly review the traffic obtained by sites. And if they find anything suspicious, as a sudden rise in traffic, they may flag the publisher to be using tools or self clicking on ads to increase views, and suspend or even ban him from serving ads.
To this campaign, Google responded as, “We hear a lot about the potential for sabotage, it’s extremely rare in practice, and we have built some safeguards in place to prevent sabotage from succeeding. For example, we have detection mechanisms in place to proactively detect potential sabotage and take it into account in our enforcement systems.”