DOCSLIB.ORG

Effective Approach to Detect Clickjacking Attacks 1K

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Effective Approach to Detect Clickjacking Attacks 1K International Journal of Engineering Science Invention Research & Development; Vol. III ,Issue I, July 2016 www.ijesird.com, e-ISSN: 2349-6185 EFFECTIVE APPROACH TO DETECT CLICKJACKING ATTACKS 1K. Joylin Bala, 2Dr.E.Babu Raj M.E., Ph.D, 1 Research Scholar, Department of Computer Science, Research and Development Centre, Bharathiar University, Coimbatore – 641 046 2Professor, Department of Computer Science Engineering, Narayanaguru College of Engineering, Chittadavu Estate, Manjalumoodu P.O, Kanyakumari Dist – 629151 ABSTRACT:- Today’s world revolves around internet Clickjacking is a security threat for web technologies. Numerous internet applications and services are available to the users to make life simpler. In this work, we applications discovered by Jeremiah Grossman and propose to detect and prevent clickjacking attacks by means of Robert Hansen in 2008 [3]. This technique strives establishing a trustworthy map between the user interface and to draw the attention of the user to click on an the web application. This is accomplished by the exploitation of agents. There are three agents proposed in this paper. They are element of the web page [4]. The attacker employs tracking agent, detection agent and action agent. The tracking an iframe, which is a html tag to embed a html agent checks for the count and the positional coordinates of the document over another document. clickable controls and saves it in local memory. The detection agent compares the loaded webpage and the local memory with respect to the count of clickable controls and the positional coordinates. In case of mismatch, the action agent throws warning to the user. The main objective of this work is to provide a secure web application by means of a secure browser. The results of the proposed work are found to be satisfactory. Key terms:- clickjack, agents. 1. INTRODUCTION Today’s world revolves around internet technologies. Numerous internet applications and services are available to the users to make life Fig 1: Clickjack attack handling system simpler. Cloud computing and internet technologies To exemplify the concept of clickjacking, are closely associated to each other. E-mail, social consider a normal webpage that possesses a networks, online banking and online shopping have clickable element. On the other hand, the adversary gained substantial spotlight. On the other hand, due designs a webpage with a clickable element for to the advent of cloud computing, all the data are triggering malicious activity. The malicious activity outsourced to cloud service providers. The reason is done by superimposing the adversary created for data outsourcing is to save memory and to webpage over the normal webpage. Thus, when a escape from the issue of data management. user attempts to click on the normal user interface However, the issue of data privacy and security element, the click operation has been done on the come into play. Thus, it becomes necessary to attacker’s user interface element. formulate countermeasures for data protection. In this work, we propose to detect and prevent The most serious threat for web applications is clickjacking attacks by means of establishing a cross-site scripting (XSS), which injects malicious trustworthy route between the user interface and the scripts into a trustworthy website [1, 2]. These web application. This is accomplished by the attacks aim at collecting data so as to crack the exploitation of agents. The main objective of this account of legitimate users, steal cookies etc. The work is to provide a secure web application by contemporary web applications suffer from means of a secure browser. The results of the clickjacking, which is more serious. proposed work are found to be satisfactory. K. Joylin Bala and Dr.E.Babu Raj ijesird , Vol. III Issue I ,July 2016/ 9 International Journal of Engineering Science Invention Research & Development; Vol. III ,Issue I, July 2016 www.ijesird.com, e-ISSN: 2349-6185 2. REVIEW OF LITERATURE can be done using CSS z-index or using Flash Player objects that are made topmost with Window In this section, we discuss known attacks Mode property [9] set to wmode=direct. and defenses for clickjacking, and compare them to Furthermore, a target element could be partially our contributions. Below, we assume a victim user overlaid by an attacker’s popup window [10]. is visiting a clickjacking attacker’s page, which Cropping: Alternatively, the attacker may crop the embeds and manipulates the target element residing target element to only show a piece of the target on a different domain, such as Facebook’s Like element, such as the “Pay” button, by wrapping the button or PayPal’s checkout dialog. target element in a new iframe that uses carefully chosen negative CSS position offsets and the Pay 2.1 EXISTING CLICKJACKING ATTACKS button’s width and height [11]. An extreme variant We classify existing attacks according to of cropping is to create multiple 1x1 pixel three ways of forcing the user into issuing input containers of the target element and using single commands out of context: (1) compromising target pixels to draw arbitrary clickable art. display integrity, the guarantee that users can fully see and recognize the target element before an input 2.1.2 Compromising pointer integrity action; (2) compromising pointer integrity, the Proper visual context requires not only the guarantee that users can rely on cursor feedback to target element, but also all pointer feedback to be select locations for their input events; and (3) fully visible and authentic. Unfortunately, an compromising temporal integrity, the guarantee that attacker may violate pointer integrity by displaying users have enough time to comprehend where they a fake cursor icon away from the pointer, known as are clicking. cursorjacking. This leads victims to misinterpret a click’s target, since they will have the wrong 2.1.1 Compromising target display integrity perception about the current cursor location. Using Hiding the target element: Modern the CSS cursor property, an attacker can easily hide browsers support HTML/CSS styling features that the default cursor and programmatically draw a allow attackers to visually hide the target element fake cursor elsewhere [12], or alternatively set a but still route mouse events to it. For example, an custom mouse cursor icon to a deceptive image that attacker can make the target element transparent by has a cursor icon shifted several pixels off the wrapping it in a div container with a CSS opacity original position [13]. value of zero; to entice a victim to click on it, the Another variant of cursor manipulation attacker can draw a decoy under the target element involves the blinking cursor which indicates by using a lower CSS z-index [5]. Alternatively, the keyboard focus (e.g., when typing text into an input attacker may completely cover the target element field). Vulnerabilities in major browsers have with an opaque decoy, but make the decoy allowed attackers to manipulate keyboard focus unclickable by setting the CSS property pointer- using strokejacking attacks [14, 15]. For example, events:none [6]. A victim’s click would then fall an attacker can embed the target element in a through the decoy and land on the (invisible) target hidden frame, while asking users to type some text element. into a fake attacker-controlled input field. As the Partial overlays: Sometimes, it is possible victim is typing, the attacker can momentarily to visually confuse a victim by obscuring only a switch keyboard focus to the target element. The part of the target element [7, 8]. For example, blinking cursor confuses victims into thinking that attackers could overlay their own information on they are typing text into the attacker’s input field, top of a PayPal checkout iframe to cover the whereas they are actually interacting with the target recipient and amount fields while leaving the “Pay” element. button intact; the victim will thus have incorrect context when clicking on “Pay”. This overlaying 2.1.3 Compromising temporal integrity K. Joylin Bala and Dr.E.Babu Raj ijesird , Vol. III Issue I ,July 2016/ 10 International Journal of Engineering Science Invention Research & Development; Vol. III ,Issue I, July 2016 www.ijesird.com, e-ISSN: 2349-6185 Attacks in the previous two sections API [3], stolen victims’ location information [17], manipulated visual context to trick the user into and injected content across domains (in an XSS sending input to the wrong UI element. An spirit) by tricking the victim to perform a drag and orthogonal way of achieving the same goal is to drop action [29, 30]. manipulate UI elements after the user has decided to click, but before the actual click occurs. Humans 3. PROPOSED APPROACH typically require a few hundred milliseconds to react to visual changes [16, 17], and attackers can This work aims at providing a trustworthy web take advantage of our slow reaction to launch service by means of a secured web browser. The timing attacks. For example, an attacker could architecture of the proposed approach relies on move the target element (via CSS position three different agent tracking agent, detection agent properties) on top of a decoy button shortly after the and action agent. This work is based on the victim hovers the cursor over the decoy, in assumption that the attacks happen only after the anticipation of the click. To predict clicks more page load. Overview of the proposed work is effectively, the attacker could ask the victim to presented below. repetitively click objects in a malicious game [18, 3.1 TRACKING AGENT: 19, 17, 20] or to double-click on a decoy button, The tracking agent tracks the web pages and moving the target element over the decoy the user interface controls. Clickable controls are immediately after the first click [21, 22]. given much importance rather than other controls.
Load more

Recommended publications
  • IYIR for HTML
    INFOSEC UPDATE 2006 Student Workbook Norwich University June 19-20, 2006 M. E. Kabay, PhD, CISSP-ISSMP Assoc. Prof. Information Assurance Program Director, MSIA BSIA Division of Business Management Norwich University [email protected] Copyright © 2006 M. E. Kabay. All rights reserved. Page 1 INFOSEC UPDATE 2006 -- June 19-20, 2006 01 Introduction Category 01 Introduction 2006-06-12 Introduction M. E. Kabay, PhD, CISSP WELCOME Welcome to the 2005 edition of the Information Security Year in Review (IYIR) project. In 1993 and 1994, I was an adjunct professor in the Institute for Government Informatics Professionals in Ottawa, Canada under the aegis of the University of Ottawa. I taught a one-semester course introducting information security to government personnel and enjoyed the experience immensely. Many of the chapters of my 1996 textbook, _The NCSA Guide to Enterprise Security_ published by McGraw-Hill were field-tested by my students. In 1995, I was asked if I could run a seminar for graduates of my courses to bring them up to date on developments across the entire field of information security. Our course had twenty students and I so enjoyed it that I continued to develop the material and teach the course with the NCSA (National Computer Security Association; later called ICSA and then eventually renamed TruSecure Corporation and finally CyberTrust, its current name) all over the United States, Canada, Europe, Asia and the Caribbean. After a few years of working on this project, it became obvious that saving abstracts in a WordPerfect file was not going to cut it as an orderly method for organizing the increasing mass of information that I was encountering in my research.
    [Show full text]
  • Clickjacking
    Security Now! Transcript of Episode #168 Page 1 of 18 Transcript of Episode #168 ClickJacking Description: Steve and Leo discuss yet another challenge to surfing safely in the web world: Known as "ClickJacking," or more formally as "UI Redressing," this class of newly popular threats tricks web users into performing web-based actions they don't intend by leading them to believe they are doing something else entirely. High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-168.mp3 Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-168-lq.mp3 INTRO: Netcasts you love, from people you trust. This is TWiT. Leo Laporte: Bandwidth for Security Now! is provided by AOL Radio at AOL.com/podcasting. This is Security Now! with Steve Gibson, Episode 168 for October 30, 2008: Clickjacking. It's time for Security Now!, the show where we cover everything you'd ever want to know about security. And we do it with a guy who is the king, really, as far as I'm concerned, the man who discovered spyware, named spyware, wrote some of the most used security utilities out there, including ShieldsUP!, Mr. Steve Gibson of GRC.com. Hi, Steve. Steve Gibson: Yes, in fact sometimes we're discussing things that you'd rather wish weren't the case. I mean... Leo: Well, lately it's been kind of bleak because it's like, there's bad stuff, and there doesn't really seem like there's any cure. Steve: Yes, that's true.
    [Show full text]
  • A Semi-Automated Security Advisory System to Resist Cyber-Attack in Social Networks
    A Semi-Automated Security Advisory System to Resist Cyber-attack in Social Networks Samar Muslah Albladi and George R S Weir University of Strathclyde, Glasgow G1 1XH, UK {samar.albladi; george.weir}@strath.ac.uk Abstract. Social networking sites often witness various types of social engi- neering (SE) attacks. Yet, limited research has addressed the most severe types of social engineering in social networks (SNs). The present study in- vestigates the extent to which people respond differently to different types of attack in a social network context and how we can segment users based on their vulnerability. In turn, this leads to the prospect of a personalised security advisory system. 316 participants have completed an online-ques- tionnaire that includes a scenario-based experiment. The study result re- veals that people respond to cyber-attacks differently based on their de- mographics. Furthermore, people’s competence, social network experience, and their limited connections with strangers in social networks can decrease their likelihood of falling victim to some types of attacks more than others. Keywords: Advisory System, Social Engineering, Social Networks. 1 Introduction Individuals and organisations are becoming increasingly dependent on working with computers, accessing the World Wide Web and, more importantly, sharing data through virtual communication. This makes cyber-security one of today’s greatest issues. Pro- tecting people and organisations from being targeted by cybercriminals is becoming a priority for industry and academia [1]. This is due to the huge potential damage that could be associated with losing valuable data and documents in such attacks. Previous research focuses on identifying factors that influence people’s vulnerability to cyber-attack [2] as the human has been characterised as the weakest link in infor- mation security research.
    [Show full text]
  • Financial Fraud and Internet Banking: Threats and Countermeasures
    Report Financial Fraud and Internet Banking: Threats and Countermeasures By François Paget, McAfee® Avert® Labs Report Financial Fraud and Internet Banking: Threats and Countermeasures Table of Contents Some Figures 3 U.S. Federal Trade Commission Statistics 3 CyberSource 4 Internet Crime Complaint Center 4 In Europe 5 The Many Faces of Fraud 6 Small- and large-scale identity theft 7 Carding and skimming 8 Phishing and pharming 8 Crimeware 9 Money laundering 10 Mules 10 Virtual casinos 11 Pump and dump 12 Nigerian advance fee fraud (419 fraud) 12 Auctions 14 Online shopping 16 Anonymous payment methods 17 Protective Measures 18 Scoring 18 Europay, MasterCard, and Visa (EMV) standard 18 PCI-DSS 19 Secure Sockets Layer (SSL) and Transport Secured Layer (TLS) protocols 19 SSL extended validation 20 3-D Secure technology 21 Strong authentication and one-time password devices 22 Knowledge-based authentication 23 Email authentication 23 Conclusion 24 About McAfee, Inc. 26 Report Financial Fraud and Internet Banking: Threats and Countermeasures Financial fraud has many faces. Whether it involves swindling, debit or credit card fraud, real estate fraud, drug trafficking, identity theft, deceptive telemarketing, or money laundering, the goal of cybercriminals is to make as much money as possible within a short time and to do so inconspicuously. This paper will introduce you to an array of threats facing banks and their customers. It includes some statistics and descriptions of solutions that should give readers—whether they are responsible for security in a financial organization or a customer—an overview of the current situation. Some Figures U.S.
    [Show full text]
  • Click Fraud,' Personal, Non-Commercial Use Only
    April 6, 2005 PAGE ONE Traffic Jam DOW JONES REPRINTS This copy is for your In 'Click Fraud,' personal, non-commercial use only. To order presentation-ready copies Web Outfits Have for distribution to your colleagues, clients or customers, use the Order A Costly Problem Reprints tool at the bottom of any article or visit: www.djreprints.com. Marketers Worry About Bills Inflated by People Gaming • See a sample reprint in PDF format . The Search-Ad System • Order a reprint of this article now. Mr. McKelvey Turns Detective RELATED ARTICLE By KEVIN J. DELANEY • Internet Firms Face Legal Test on Staff Reporter of THE WALL STREET JOURNAL Advertising Fees3 April 6, 2005; Page A1 Nathan McKelvey began to worry about foul play when Yahoo Inc. refunded him $69.28 early last year. He grew more suspicious when a $16.91 refund arrived from Google Inc. The refunds were for "unusual clicks" and "invalid click activity" and they suggested someone was sabotaging Mr. McKelvey's advertising strategy. He pitches his charter-jet brokerage the way companies increasingly do: contracting with Yahoo and Google to serve up small text ads to anyone searching the Web using certain words, such as "private jet" or "air charter." He pays the search companies a fee every time someone clicks on his ads. But Yahoo and Google determined someone was clicking on CharterAuction.com Inc.'s ads with no intention of doing business, thus unfairly driving up the company's advertising costs. Mr. McKelvey, turning detective, combed through lists of "IP" addresses, the identifying codes supplied by computers when they access Web sites.
    [Show full text]
  • Clickjacking: Attacks and Defenses
    Clickjacking: Attacks and Defenses Lin-Shung Huang Alex Moshchuk Helen J. Wang Carnegie Mellon University Microsoft Research Microsoft Research [email protected] [email protected] [email protected] Stuart Schechter Collin Jackson Microsoft Research Carnegie Mellon University [email protected] [email protected] Abstract such as a “claim your free iPad” button. Hence, when Clickjacking attacks are an emerging threat on the web. the user “claims” a free iPad, a story appears in the user’s In this paper, we design new clickjacking attack variants Facebook friends’ news feed stating that she “likes” the using existing techniques and demonstrate that existing attacker web site. For ease of exposition, our description clickjacking defenses are insufficient. Our attacks show will be in the context of web browsers. Nevertheless, the that clickjacking can cause severe damages, including concepts and techniques described are generally applica- compromising a user’s private webcam, email or other ble to all client operating systems where display is shared private data, and web surfing anonymity. by mutually distrusting principals. We observe the root cause of clickjacking is that an Several clickjacking defenses have been proposed and attacker application presents a sensitive UI element of a deployed for web browsers, but all have shortcomings. target application out of context to a user (such as hiding Today’s most widely deployed defenses rely on frame- the sensitive UI by making it transparent), and hence the busting [21, 37], which disallows a sensitive page from user is tricked to act out of context. To address this root being framed (i.e., embedded within another web page).
    [Show full text]
  • A Case Study on Clickjacking Attack and Location Leakage
    International Journal of Scientific & Engineering Research, Volume 5, Issue 7, July-2014 190 ISSN 2229-5518 A Case Study on Clickjacking Attack and Location Leakage Lim Chin Nei, Loo Yow Cherng, Manmeet Mahinderjit Singh Abstract— The advanced in technologies such as mobile devices, GSP, WIFI, and 3G has encourage the information sharing using social media. The large amount of information shared on social media often lead to security issues which are unaware by the users. This information may include sensitive information such as a person’s name, location, relationship status and many more and can be dangerous if is put in a wrong hand. In this research, we provide a review on the type of social media ad what are the current threat in social media. We then focus on two specific threat namely clickjacking and location leakage, and proposed a solution for each of it as well as the evaluation of the solution. Index Terms—Security; Social media; Attack; Defense Machine, Clickjacking, Location leakage —————————— —————————— 1 INTRODUCTION This rapid shift of technologies in this era of informa- media. With this large amount of information shared online, tion and communication has dramatically boosted the usage the social media actually has become a perfect platform for of the social media. With the advanced in technologies such hackers to find their victims. The information shared using as smart mobile devices, GPS, WIFI, and 3G services, user social media often contain sensitive and private information were able to connect to the internet regardless of time and which can be easily compromised by the hackers.
    [Show full text]
  • Cisco 2017 Midyear Cybersecurity Report
    Cisco 2017 Midyear Cybersecurity Report 1 Executive Summary Table of Contents Executive Summary ..........................................................03 Vulnerabilities update: Rise in attacks following key disclosures ................................................................ 47 Major Findings ..................................................................05 Don’t let DevOps technologies leave the Introduction ......................................................................07 business exposed ............................................................ 50 Attacker Behavior .............................................................09 Organizations not moving fast enough to patch Exploit kits: Down, but not likely out ................................. 09 known Memcached server vulnerabilities ......................... 54 How defender behavior can shift attackers’ focus ...........11 Malicious hackers head to the cloud to shorten the path to top targets ..................................................... 56 Web attack methods provide evidence of a mature Internet ............................................................. 12 Unmanaged infrastructure and endpoints leave organizations at risk ......................................................... 59 Web block activity around the globe ................................ 13 Security Challenges and Opportunities Spyware really is as bad as it sounds............................... 14 for Defenders ...................................................................61
    [Show full text]
  • Online Advertising Security: Issues, Taxonomy, and Future Directions
    IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. XX, NO. NN, XX 2021 1 Online Advertising Security: Issues, Taxonomy, and Future Directions Zahra Pooranian, Senior Member, IEEE, Mauro Conti, Senior Member, IEEE, Hamed Haddadi, Member, IEEE and Rahim Tafazolli, Senior Member, IEEE Abstract—Online advertising has become the backbone of over time. Also, mobile advertising has become one of the the Internet economy by revolutionizing business marketing. It fastest-growing industries with the advent of smartphones [6]. provides a simple and efficient way for advertisers to display Millions of mobile applications are registered in various ap- their advertisements to specific individual users, and over the last couple of years has contributed to an explosion in the plication platforms such as Google Play Store, Apps Store, income stream for several web-based businesses. For example, etc., which contain at least one advertising library that allows Google’s income from advertising grew 51.6% between 2016 and mobile advertising [7]. According to [8], in 2019, total mobile 2018, to $136.8 billion. This exponential growth in advertising advertising spending worldwide has reached $189 billion and revenue has motivated fraudsters to exploit the weaknesses of will surpass $240 billion by 2022. the online advertising model to make money, and researchers to discover new security vulnerabilities in the model, to propose Online advertising uses the same mechanisms that are countermeasures and to forecast future trends in research. applied to manage other “traditional” advertising channels, Motivated by these considerations, this paper presents a such as newspapers, radio or TV, but is much more creative in comprehensive review of the security threats to online advertising providing targeted and personalized advertisements [9], [10].
    [Show full text]
  • Comparisons of Machine Learning Techniques for Detecting Malicious Webpages ⇑ H.B
    Expert Systems with Applications 42 (2015) 1166–1177 Contents lists available at ScienceDirect Expert Systems with Applications journal homepage: www.elsevier.com/locate/eswa Comparisons of machine learning techniques for detecting malicious webpages ⇑ H.B. Kazemian , S. Ahmed Intelligent Systems Research Centre, School of Computing, London Metropolitan University, United Kingdom article info abstract Article history: This paper compares machine learning techniques for detecting malicious webpages. The conventional Available online 16 September 2014 method of detecting malicious webpages is going through the black list and checking whether the web- pages are listed. Black list is a list of webpages which are classified as malicious from a user’s point of Keywords: view. These black lists are created by trusted organizations and volunteers. They are then used by modern K-Nearest Neighbor web browsers such as Chrome, Firefox, Internet Explorer, etc. However, black list is ineffective because of Support Vector Machine the frequent-changing nature of webpages, growing numbers of webpages that pose scalability issues Naive Bayes and the crawlers’ inability to visit intranet webpages that require computer operators to log in as authen- Affinity Propagation ticated users. In this paper therefore alternative and novel approaches are used by applying machine K-Means Supervised and unsupervised learning learning algorithms to detect malicious webpages. In this paper three supervised machine learning techniques such as K-Nearest Neighbor, Support Vector Machine and Naive Bayes Classifier, and two unsupervised machine learning techniques such as K-Means and Affinity Propagation are employed. Please note that K-Means and Affinity Propagation have not been applied to detection of malicious web- pages by other researchers.
    [Show full text]
  • UI Redressing and Clickjacking: About Click Fraud and Data Theft
    Introduction Attack vectors Counteractive measures Conclusion and outlook UI Redressing and Clickjacking: About click fraud and data theft Marcus Niemietz [email protected] Ruhr-University Bochum Chair for Network and Data Security 25th of November 2011 Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors Counteractive measures Conclusion and outlook Short and crisp details about me Studying \IT-Security/Information Technology", RUB \Computer Science", Distance University Hagen B.Sc. in \IT-Security/Information Technology" Books Authentication Web Pages with Selenium ≥Feb. 2012: Clickjacking und UI-Redressing International speaker Work: RUB, Pixelboxx, ISP and IT-Security, Freelancer (trainings, penetration tests) Twitter: @mniemietz Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors Counteractive measures Conclusion and outlook Contents 1 Introduction UI redressing Clickjacking 2 Attack vectors UI redressing Round up Clickjacking Tool 3 Counteractive measures Frame busting Busting frame busting Clickjacking statistics 4 Conclusion and outlook Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors UI redressing Counteractive measures Clickjacking Conclusion and outlook Introduction Google Inc. can generate a profit of over $8.5 billion in 2010 Interesting for commercial companies to offer web applications shopping banking share status messages New attacks available that can bypass existing protection mechanisms CSRF
    [Show full text]
  • Click Fraud: Interest in Using the Internet As a Marketing Tool Continues to Grow
    Click fraud: Interest in using the Internet as a marketing tool continues to grow. Paid search engine, or pay-per-click advertising (when companies pay for keyword ads listed on a search engine), has what does it become the fastest-growing segment of online advertising.1 By 2010, U.S. advertisers will 2 mean for spend an estimated $7.5 billion on paid search ads compared to $3 billion in 2004. Not only has interest in pay-per-click advertising grown, but so too has click fraud. Click fraud occurs marketers? when a person or software program creates or misrepresents actual clicks. These fraudulent or inaccurate clicks result in additional charges to the advertiser. Industry consultants estimate as many as 20% of clicks on paid search engine ads are fraudulent, costing advertisers more than $1 billion annually—larger than the total magnitude of credit card fraud in the U.S.3 A study of click fraud: a growing, costly issue for advertisers About the study4 from 5MetaCom Legitimate Alleged In a 2006 study, an online clicks fraudulent clicks market research firm evalu- 29.5% (10,268 clicks) ated three paid search engine ad campaigns 9.8% (Google AdWordsீ). The (1,257 clicks) companies advertising paid a fee for each user who clicked on their ad. 8.3% The advertiser with the (349 highest cost per click ($1- clicks) 2) suffered the highest number of alleged fraudu- lent clicks (29.5%), result- 34,763 total clicks ing in bogus charges of 12,790 total clicks $15,395. The other cam- paigns had significantly 4,184 total clicks lower cost per click rates and encountered lower rates of click fraud.
    [Show full text]