Earlier today, I logged into my web host’s control panel. I noticed that this month’s bandwidth usage was much higher than usual. Traffic to the sites hosted there has been steady, so I started to investigate. I soon found that there were a lot of requests coming in from three unknown domains. I looked at those websites, and found something very peculiar. Something that I think reeks of fraud. Here’s what I found.
- All three were rather unassuming sites, obviously not very high-traffic.
- All three had multiple banner positions filled through “Ad Agency X”.
- All three domains were also owned by Agency X.
This got me thinking. Why would an ad agency own a series of sites, running their own ads? So of course, I dug deeper.
- All three sites were WordPress, and had my WP-Cumulus plugin running.
- Cumulus has a “noflash” link to my blog, which is “hidden”, and is usually very rarely clicked.
- On all three sites, this link was being clicked tens of thousands of times a day.
- All of these requests were not logged by my Analytics program.
I can’t possibly tell what exactly is going on here, but I imagine it’s something like this:
- Agency X sells ad space on their network of publishers.
- Clients pay either per impression or click, so Agency X stand to gain from large numbers of page impressions or ad clicks.
- Agency X puts the ads on sites they control.
- Agency X lets loose a script that randomly “clicks” links on said sites.
- Agency X charges their customers for these bogus clicks and impressions.
Unfortunately, they seem to have missed the links to my site, or didn’t fine-tune the script to skip those. So I now have server logs that show 150,000 requests a day to my homepage from these three referring domains. Sites that would never get that much traffic themselves, let along that many click-throughs. All I need to figure out now is what I’m going to do with this info. Suggestions? I’m not really in a position to prove any of this, nor am I one of the potential victims. Still, I’d like to do something…