Yahoo Slapped with Spyware Syndication Fraud Suit
By Ryan Naraine
May 3, 2006
http://www.eweek.com/article2/0,1895,1957200,00.asp
Anti-spyware activist Ben Edelman has filed a class-action lawsuit against Yahoo, accusing the online media giant of partnering with spyware purveyors to perpetrate syndication fraud against advertisers.
The bombshell suit, filed in the U.S. District Court in New Jersey, also alleges that Yahoo used its Overture pay-per-click advertising network to make money from the practice of typo-squatting, in which slight variations of popular URLs are registered so as to serve ads to users who type in misspelled versions of domain names.
A Yahoo spokesperson declined comment on the suit. "We will vigorously defend our position," the company said in a statement sent to eWEEK.
The suit comes less than a month after Edelman blew the lid off a spyware-powered click-fraud scam using the Yahoo-owned Overture pay-per-click network to swindle advertisers. Yahoo has also been closely linked to Direct Revenue, an adware vendor that was recently sued by the New York attorney general's office.
According to Edelman's suit, Yahoo has routinely breached agreements with advertisers and placed advertising in spyware programs that serve annoying pop-up ads. Instead of "highly targeted" ads being placed on "high-quality" sites, Edelman alleged, ads are actually routed to low-quality sites without bona fide content, constituting syndication fraud.
To read more about a spyware-powered click fraud that was linked to Yahoo, click here.
The suit also alleges that Yahoo's pay-per-click network is easily abused when competitors click on an advertiser's ad for the sole purpose of hiking that advertiser's cost.
"[Instead] of safeguarding against such abuse, finding such practices and diligently putting a stop to them, [the] defendants have actually engaged in such abuses," the complaint said.
Another explosive claim in the suit is that Yahoo "knowingly manipulated" the weaknesses in its Overture advertising system by increasing the volume of improper ad displays during financial reporting periods when the company was at risk of failing to meet investor expectations.
"Advertisers want no part of spyware-delivered advertising," the suit said. "Staff of the FTC and the New York attorney general's office have repeatedly instructed advertisers to be wary of spyware-delivered advertising. Furthermore, advertisers recognize spyware for the scourge that it is, and they therefore seek to keep their ads out of spyware," it said.
In Yahoo's case, the suit noted that Yahoo's own policies make it clear that syndication partners must not place ads in pop-ups or pop-unders, two ad-serving methods.
The suit referred to existing litigation against adware vendors Direct Revenue and Intermix, where it was disclosed that Yahoo places advertising in spyware provided by those companies.
In the Direct Revenue case, the New York attorney general released financial statements to show that the adware firm earned $226,964 from showing Yahoo Overture pay-per-click advertising during April 2005, with similar amounts for May and June 2005.
The class-action suit lawsuit also drew attention to Yahoo's association with typo-squatters who deliberately take control of misspelled domains for the sole purpose of serving cost-per-click advertising.
"Particularly egregious is that defendants even charge their advertising customers for ads shown on typo-squatting sites targeting those customers' own names," the suit alleged.
Yahoo Overture ads served on domain parking and bulk registration sites are also included in the suit.
Google's domain parking service is also known to be serving pay-per-click ads to thousands of typo-squatting sites. Researchers at Microsoft have identified a large-scale typo-squatting scheme that uses multilayer URL redirection to game Google's AdSense for domains program.
Microsoft has since released a lightweight tool called Strider URL Tracer help pinpoint large-scale typo-squatters.
=============================================
Spyware-Powered Click Fraud Traced to Yahoo
http://www.eweek.com/article2/0,1895,1946001,00.asp
By Ryan Naraine
April 7, 2006
Anti-spyware critic Ben Edelman has published evidence of a spyware-powered click-fraud scam using Yahoo's Overture pay-per-click network to swindle advertisers.
Anti-spyware activist Ben Edelman has flagged a spyware-powered click-fraud scam using Yahoo's Overture advertising service to fleece advertisers.
Edelman, a security researcher renowned for his meticulous work exposing the dark side of the adware business, has published a detailed report that documents a complicated syndication network that ends with a spyware program faking a click on an advertisement.
This causes Yahoo to charge a PPC (pay-per-click) fee to advertisers even though no user actually clicked on the advertising.
Click fraud, which occurs when automated scripts and computer programs are used to simulate a human clicking, has emerged as a hot-button topic after search engine giant Google announced a $90 million settlement of a class-action suit filed by advertisers.
In Yahoo's case, Edelman said the problems stem from the company's syndication relationships with a number of notorious spyware programs that receive payments directly and indirectly from the Overture network. "Yahoo pays numerous other companies to show these ads via syndication relationships. So when a spyware vendor can't find advertisers to buy its ad inventory directly, the spyware vendor can show Yahoo ads instead," Edelman explained.
The relationship means that Overture's ads are served on pop-ups from 180solutions, Claria, Direct Revenue, eXact Advertising, IBIS and SideFind, he said, claiming there are "many dozens" of different examples of Yahoo pay-per-click ads shown within spyware programs.
Edelman, a Ph.D. candidate at the Department of Economics at Harvard University and a student at Harvard Law School, presented video along with screen shots and packet log proof to show how spyware vendors and ad syndicators defraud Yahoo's advertisers.
"On a test PC with 180solutions, I browsed Nashbar.com, a popular bicycling retailer. I received a pop-up that immediately forwarded traffic to a Yahoo Overture PPC link—faking a click on that link, and charging an advertiser as if a user had clicked on that link, even though I had not actually done so," Edelman said.
One packet log example shows the network effect of how the money moves from Yahoo to three different adware vendors. "All these payments are predicated on a user purportedly clicking an ad—but in fact no such click ever occurred. Because advertisers are charged for pay-per-click 'clicks' without any such click actually taking place, this is an example of click fraud," he said.
Edelman also found Overture advertising embedded as "extraneous hyperlinks" in third-party Web sites. This comes from a Yahoo syndication partnership with Qklinkserver, an adware program that modifies Web sites on the fly with links to Yahoo-powered advertising. A screen shot posted by Edelman showed an extra hyperlink inserted into the lead article listed on the New York Times site. However, if a user surfs to the site with an uninfected PC, there are no such links, he explained.
Edelman said the latest findings point to several problems with Yahoo's practices, including click fraud, untargeted traffic, self-targeting traffic, improper labeling of ads, low-quality traffic and unethical spyware-sourced traffic.
He also decried what he called Yahoo's "Whack-A-Mole" approach to dealing with the issue. "The many bad partners in Yahoo's network make fraud particularly hard to block: When Yahoo terminates one fraudster, that fraudster's partners find another way to continue operations," Edelman said.
"Yahoo's enforcement difficulties are also borne out in its unsuccessful attempts to sever ties with 180solutions and Direct Revenue. After I highlighted these vendors in my August report, it seems Yahoo attempted to terminate its relationships with them. Yet 180 continued not just to show Yahoo ads, but also to perform click fraud," he declared.
"Furthermore, as recently as February 2006, I have continued to see Direct Revenue serving pop-ups that ultimately show Yahoo PPC ads. So even when Yahoo seeks to sever relationships with a partner as well-known as 180solutions or Direct Revenue, it seems Yahoo is unable to do so," Edelman added.
He called on the Sunnyvale, Calif.-based media giant to limit its exposure to fraud by scaling back its partner network, thoroughly vetting partners, and prohibiting its partners from further resyndicating Yahoo's ads.
"Alternatively, Yahoo could try to detect fraud more thoroughly and more quickly by implementing aggressive and robust testing methods to find more examples like [I found], and like the dozens more examples I have on file. I tend to think both strategies are appropriate; in combination, they might serve to blunt this growing problem. But merely ignoring the issue is not a reasonable option; Yahoo's advertisers pay top dollar for Yahoo PPC ads, and they deserve better," Edelman argued.