Topics
Adobe
AJAX
Alexandru
Blogging
Google
InterAKT
MAX
Web 2.0
Blogosphere
What I do
Search:
AdSense
Login
Login here to be able to
  • post comments (everybody)
  • insert articles (administrator only)
Subscribe

I want to receive notification when new comments are posted
E-mail address:
                     

 

Google > The Anatomy of a Google AdSense Scam (reloaded)
Published: June 23, 2005 12:13 PM
google, adsense, adwords, scam

Yes another tactics used by scammers to fool Google. I wonder why Google don't react or know about this ...

The approach is very simple - Copy/Paste Google generated code in your pages, and then you'll have successful "hits" that might bring you lots of money. I haven't tested it yet, but I'll try to describe how "I think" they are doing...

Let's see how this works. Normally, to activate Google Adsense, you have to include a JavaScript code section in your page. As you can see, this code just do a call to the Google web services, which will determine the current site, and that will deliver the right and uptodate ads for the curreent site content.

<script type="text/javascript"><!--
google_ad_client = "pub-9654545106692959";
google_ad_width = 120;google_ad_height = 600;
google_ad_format = "120x600_as";google_ad_channel ="";
//--></script>
<script type="text/javascript"  src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</script>

However, it seems that the inventive minds of the evil scammers has discovered a way to trick this technique, and the approach is simple - they just copy/paste the HTML code generated by Google AdWords in any of their pages. This way, I can do with ease a site with empty content, and start pasting ads from anybody I want, making good money out of it.

Step 1 - get a good domain name - something that people often mistake when writing

www.mosforge.net is a "fake" copy of http://www.osforge.com/ (I think :). It seems that they are doing fake advertising, and they can paste legit AdWords content in their fake pages and then benefit of this :(

Step 2 - get an AdSense account

This can be easy done here - https://www.google.com/adsense/?sourceid=ASO&subid=US-HA-Jan0605

Step 3 - checkout some expensive Ads around here

You can do this in several ways.

  1. Get an google Adwords account, and start looking for some popular keywords (you can use their keywords suggest tool to get keywords, and use their price estimates/day to see which of them are expensive - hint - you have to try different prices per click, the see your rank in the page to see if others are bidding on the same term
  2. Check out this site - it's pretty cool - www.googspy.com (check out how PHAkt advertising goes :) - http://www.googspy.com/SearchTerm.aspx?id=5318)
  3. in my case, I will test with HTMLarea

Step 4 - search for those terms on the Internet

You have to be creative doing this - I don't have a solution yet ... Anyway - probably you can put your ads online for a while and see the sites that hit you as referres. Then crawl these sites to search for other's ads.

Step 5 - retrieve the Google Generated code

Firefox + DomInspector - it's very easy to retrieve the Google generated code in a specific site, just by peeking inside the page HTML content. Two screenshots to proove you this.

For example, our ad on www.htmlarea.com brings in the following GoogleAdsense URLs

  • /pagead/iclk?adurl=http://www.interaktonline.com/Products/KTML/Overview/%3Ffrom%3Dgg_ktml&sa=l&ai=BM6<snip>Y29tLw&num=2&client=ca-pub-5454961553038759

  • /pagead/iclk?adurl=http://www.interaktonline.com/Products/KTML/Overview/%3Ffrom%3Dgg_ktml&sa=l&ai=B0dWe<snip>&num=2&client=ca-pub-5454961553038759

As we can see, Google IS using some kind of unique number per each display - the "ai" parameter. It looks like a hash function.

An (working) example of a Google Scam...

Let's take this link for example http://events.mosforge.net/search/webarchiv.php4?task=search&adtype=2&query=Htmlarea&userofferid=5412647&language=e&searchsession=7f19253255e2e02cf423

Inside the page, there is NO CONTENT whatsoever that might point to our KTML product (expect for a fake search for "htmlarea" - which is a keyword we monitor), but in the main content area there is one of our AdWords ads. Looks Googlish, behaves Googlish (the JS code looks older, though).

Even the links sends the same AdSense parameters to a redirect.php page

/search/redirect.php?sid=7f19253255e2e02cf423&id=5412647&t=017320&forward=http%3A%2F%2Fwww.google.com%2Fpagead%2Ficlk%3Fadurl%3Dhttp%3A%2F%2Fwww.interaktonline.com%2FProducts%2FKTML%2FOverview%2F%253Ffrom%253Dgg_ktml%26sa%3Dl%26ai%3DBS<snip>yAEB%26num%3D1&pos=1&r=0.03&surl=http%3A%2F%2Fwww.interaktonline.com&kid=1027031

We see several parameters included in this page:

  • sid - probably a session id
  • id - another id
  • t - some other id
  • forward - our google Ads URL
  • ai - some huge hash very similar to Google
  • pos - the ad position in the page
  • r - some "relevance", maybe?
  • surl - the url to show when onMouseOver
  • kid - probably another id

The page will target "/search/redirect.php", and this php page will probably be in charge with processing and sending the parameters to Google. A.k.a "faking the process".

Subsequest requests to this page will return different "ai" parameters. So the ad is valid and will probably work on GoogleAds, "stealing" my money.

What's happening? I suppose that one of the following answers is correct:

a) Google has a non-JavaScript, server side AdSense version, that can be positioned by anybody on any site - regardless the site content - this is really EVIL of Google

b) these guys know how to "fake" AdSense view - this would be really EVIL of them

Who has some free time to experiment? I really want this to stop.

Alexandru

PS - in AdWords, you have the possibility to disable your ads to show on various domains. I've just disabled mosforge.net. Surprise! my ad is still there :)


Comments for this article:
To add a comment to this article, click here.
Your name*:
Your email*:
Your comment*:
Word verification*:
This is a captcha-picture. It is used to prevent mass-access by robots.
Type the characters you see in the picture above
 
I found that the quality of potential customers were better when from google search then from the outside sites using adsense, so I shut off all ads but from google itself. We get almost as much traffic, but better quality traffic and much less likely to be botted or scammed by competitors/hackers/etc.

Basically, in the settings I turned off the content network. Not perfect, but maybe something you want to do until google takes care of the issue?

I am surprised that the hashed item isn't the domain name allowed for the adsense account, then it can authenticate it once clicked and verify it comes from the account holder.
» Posted by Joshua on June 24, 2005 3:56 PM
i requested for adsense but it seems like google doesnt like my site n stuffs.y aint dey accepting my site??
» Posted by flappy on August 01, 2005 8:05 AM
Hi,

I just came across this report that's spreading
like wildfire across the internet marketing community!

Someone finally stepped up to the plate and told the truth
about Google AdSense.

It's no wonder we haven't been making the kind of income we thought.

Check this out! He's making $50,000 a month and giving away
his method!

Go here:
http://www.thedeathofadsense.com/cgi-bin/go.cgi/33947
there's no spaces between the words the death of adsense. Google doesnt want you to know so they blocked the link.

Let me know what you think!

john
» Posted by johnny on September 26, 2006 10:01 PM
You can give keywordspy a try.
KeywordSpy.com is a Keyword Research Tool that helps identify what keywords competitors use, with results actually reflecting what advertisers are using at the current time. - http://www.keywordspy.com
» Posted by michelle on October 05, 2007 12:27 PM
Powered by Macromedia Dreamweaver MX & MX Kollection