According to a Wall Street Journal report, dozens of big-name marketers and Internet companies have been duped by the yet-to-be identified organizers who’ve used URLs including HqTubeVideos.com and Pornoxo.com to launch the click fraud.
The way it works is that when a user opens the bogus porn site page, software automatically launches dozens of “invisible” pages with tame names like RelaxHealth.com that link the user to advertisers’ ads — in some cases hundreds of times.
The hidden page can be as small as a single pixel on the porn home page.
The scam perpetrators then collect commissions from the legitimate advertisers based on the traffic sent.
Some of the reported victims include sites like web portal Lycos, video sites Mevio, Current TV and others. The report said that big advertisers, including Verizon Communications and TD Ameritrade are paying for ads that were never displayed to users and that they weren't aware they were collecting money for ads that weren't shown.
Ron Bloom, co-founder and chairman of Mevio.com told the WSJ, "We have a 100 percent zero tolerance policy for that.” And cable TV channel Current TV said it has filters in place to block traffic to its website from porn sites, and the traffic it received wasn't authorized.
According to AdSafe, an online-ad security firm, more than 1,000 websites were possibly affected and in some instances it found more than 5,000 "invisible ads" being shown to an individual consumer after one visit to a porn site over the last several months.
"The criminal enterprise is very sophisticated," said Matthew Scott, an executive at AdSafe Media, a digital-ad protection company that says it discovered the scam that hit some of its clients. "There has been explosive growth in the online advertising space, and at the same time, fraud and scams are evolving."
The report said that AdSafe has notified the FBI and a spokesman said the bureau doesn't comment on specific investigations but "is generally aware of these types of scams and is actively investigating a wide range of fraudulent cybercrime."
Despite the fact that the new hoax enlists a more sophisticated and complex scheme than past fraudulent attempts, Google said its systems blocked the scam and it has contacted authorities to share the details of its investigation.
"Occasionally a bad actor will circumvent even the best systems," Google spokesman Rob Shilkin said.
Double Verify, an online advertising fraud prevention company said about 31 percent of the monthly $100 million of online ad spending it monitors is wasted on fraudulent ads and ads linked to wrong locations.
"These guys pop up like mushrooms, they change their names and location and sites and come up with a new fraud and a new site with a different name. It is a cycle where we always have to chase them down," said Oren Netzer, chief executive of Double Verify.
