Google AdSense Ransom Extortion Emails For Invalid Traffic

Feb 18, 2020 • 7:14 am | comments (1) by twitter | Filed Under Google AdSense
 

Krebs on Security posted about new AdSense based extortion and ransom emails going out to Google AdSense publishers. Telling them if they do not pay $5,000 in bitcoins within 72-hours, they will send invalid traffic to the site, thus removing the AdSense earnings Google pays the publisher.

Here is the email Krebs on Security posted on its blog:

click for full size

I don't believe these types of emails are actually all that new but now it seems to be making some mainstream news. Of course, if you receive one of these, you should send it to Google. Of course, do not pay the ransom. This is what they said when they tried to speak to Google about this:

Google declined to discuss this reader’s account, saying its contracts prevent the company from commenting publicly on a specific partner’s status or enforcement actions. But in a statement shared with KrebsOnSecurity, the company said the message appears to be a classic threat of sabotage, wherein an actor attempts to trigger an enforcement action against a publisher by sending invalid traffic to their inventory.

“We hear a lot about the potential for sabotage, it’s extremely rare in practice, and we have built some safeguards in place to prevent sabotage from succeeding,” the statement explained. “For example, we have detection mechanisms in place to proactively detect potential sabotage and take it into account in our enforcement systems.”

Google said it has extensive tools and processes to protect against invalid traffic across its products, and that most invalid traffic is filtered from its systems before advertisers and publishers are ever impacted.

“We have a help center on our website with tips for AdSense publishers on sabotage,” the statement continues. “There’s also a form we provide for publishers to contact us if they believe they are the victims of sabotage. We encourage publishers to disengage from any communication or further action with parties that signal that they will drive invalid traffic to their web properties. If there are concerns about invalid traffic, they should communicate that to us, and our Ad Traffic Quality team will monitor and evaluate their accounts as needed.”

With link spam ransom, Google says you can ignore it. But there you have some tools to protect yourself?

In any event, I assume Google is hearing about these issues now in a much bigger way. Hopefully they are taking this seriously.

Forum discussion at WebmasterWorld.

Previous story: Daily Search Forum Recap: February 17, 2020
 
blog comments powered by Disqus