Yahoo Implicated In Spyware Click Fraud

    April 4, 2006
    WebProNews Staff

Advertisers who expect their Overture ad campaigns to run with certain Yahoo Searches may be surprised to find their ads running in syndicated spyware applications that render each impression as an ad click the advertiser must pay.

Yahoo Implicated In Spyware Click Fraud
Pointing The Click Fraud Finger At Yahoo

Ben Edelman has again made some damning claims about Yahoo and its relationship with spyware vendors. Have your Overture campaigns seen behavior that looks like click fraud? Tell us more at WebProWorld.

When that click is paid, according to spyware researcher Ben Edelman, Yahoo and the spyware vendor split the revenue. Edelman has followed up his August 2005 research into spyware receiving payments from Yahoo’s Overture by noting an increase in this possible syndication fraud.

“In my August syndication fraud examples, an advertiser only pays Yahoo if a user clicks the advertiser’s ad. Not so for three of today’s examples. Here, spyware completely fakes a click — causing Yahoo to charge an advertiser a “pay-per-click” fee, even though no user actually clicked on any pay-per-click link. This is “click fraud,” Edelman wrote.

Edelman documented three examples where actual click fraud took place. He named 180solutions, Nbcsearch, and Look2me/Ad-w-a-r-e as culprits in presenting popup ads that defrauded advertisers with Yahoo.

“Spyware syndication falls within the general problem of syndication-based click fraud. Suppose X, the Yahoo partner site, hires a spyware vendor to send users to its site and to make it appear as if those users clicked X’s Yahoo ads. Then advertisers will pay Yahoo, and Yahoo will pay X, even though users never actually clicked the ads,” said Edelman.

His examples of this click fraud are not guesswork and assumptions. For each case, Edelman provided a full packet log, annontated screenshots, and video of the spyware-based click fraud taking place.

A fourth example of nefarious practices taking place involves the practice of inserting pay-per-click links into text without the consent of the publisher. Edelman displayed one example of this, a story about Iraq from the New York Times website that had a third-party link inserted.

Edelman believes that Overture is the sole funding source for, which inserted the link. He diagrammed the process that took place with this insertion:

(T)he net effect of these practices is that advertisers pay Yahoo, then Yahoo pays Intermix (Sirsearch), then Intermix pays which pays /

Intermix, the parent of MySpace, is now owned by News Corp. Intermix has been implicated in spyware schemes in the past, when the company was investigated by New York Attorney General Eliot Spitzer’s office before News Corp purchased it.

While News Corp has been publicly cleaning up MySpace, it may need to take a harder look at some of Intermix’s other businesses. And Yahoo should be doing these types of audits itself, instead of waiting for Edelman or someone else to do them before correcting a problem.

Add to | DiggThis | Yahoo! My Web |

Drag this to your Bookmarks.

David Utter is a staff writer for WebProNews covering technology and business.