Adsense Click Fraud

By : Joseph Tierney

Your probably reading this article because you use Google Adwords to bring traffic to your website, or your a click fraudster yourself, wanting to see what kind of information I have for you. Most of you click fraudsters will think that I have no idea what I am talking about, and that I do not know your methods. Well, trust me buddy, I KNOW ALL ABOUT YOU AND WHAT YOU DO.

If you are new to the click fraud scene, here is an example:

1. Scumbag puts Google Adsense ads on his website.
2. The scumbag then proceeds to cheat Google Adsense by creating false clickthroughs and impressions,
   in return earning him a pretty nice profit, because he isn’t even working on his website, just generating false traffic.

All of you people that run campaigns through Google Adwords are thinking, “This guy has no idea what he is talking about, Google has everything under control and they even state so publicly!”. WOW! What kind of pay per click company would admit that they DO NOT have click fraud under control? I wonder what would happen to their business immediately following that statement.

Estimates say that nearly 20% of all clicks for Adsense are illegitimate. In my honest opinion I believe this number to be around 30-35% from some of the things I have seen.

Alrite, now the big question, how are they doing it?
There are a number of ways that people are cheating, including the ‘click groups’ from India that click on your ads for you and create big pay checks as long as you pay them their $0.50 an hour so they can buy bread for their family. But I’m going to show you the technical way that Google Adsense is cheated, not poor people clicking ads. I’m talking about extremely smart programmers that create hitbots to cheat Adsense. And, NO, I’m not talking about that piece of garbage ‘CACA’ or Clicking Agent that you find on Google. I am talking about PRIVATE programs and scripts that are only used by private groups.

How do these scripts get away undetected you ask?
Simple, let’s actually take a look at Google’s click fraud protection (This is what I have summed up, I seriously don’t believe they have anything other protection because people are still cheating using these methods as you read this article.). If you actually take a look at Google’s Adsense code when it is on your webpage you will find the URL that is used to retrieve ads. (Right-Clck your ad Iframe and click ‘View Page Information’ or something similar.)

Here is an example of the URL that you will find:

http://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2521202633232871
dt=1124847235453
lmt=1124631699
format=468x60_as
output=html
url=http://www.yoursite.com/
color_bg=ECF8FF
color_text=000000
color_link=0033FF
color_url=0033FF
color_border=DDAAAA
cc=59
u_h=768
u_w=1024
u_ah=738
u_aw=1024
u_cd=32
u_tz=-240
u_java=true

Now let’s decode this up a little bit, shall we?
client=ca-pub-2521202633232871 - Your client code, this tells Google who to assign the click-through money to.
dt=1124847235453 - Javascript, if you use the command google_date = new Date(); document.write(google_date.getTime()) — Which generates 1124847235453.

This shows you the number of milliseconds since midnite January 1, 1970. This is what seems to be Google’s biggest automated proxy clicker fraud prevention. Doesn’t seem too hard to generate with 2 lines of code now does it?

lmt=1124631699 - The last time your webpage was updated. LMT stands for Last Modified Time, pretty easy Javascript to generate this one too - document.write(document.lastModified); — Which generates 1124631699.

(Notice I’m skipping a bunch, that’s because they are just showing the type of ad, colors, and size that you are using.)
cc=59 - Seems to be some random number based on the screen width, height, and color scheme.
I’ve seen this number go from 20 all the way up to 400. I’m sure they don’t use this to reliably track click fraud.


u_h=768 - Height of your screen settings.
u_w=1024 - Width of your screen settings.
u_ah=738 - Your available screen height.
u_aw=1024 - Your available screen width.
u_cd=32 - Color scheme on windows, e.g. 32-bit.
u_tz=-240 - Your monitor refresh rate or something else that isn't important, I've never seen it not -240.
u_java=true - Just seeing if you have java enabled.

There are some other variables that are sometimes in the URL such as ‘u_his=’ this means how many pages you have visited since you started up your browser. There’s also some MIME type checks and how many plugins you have installed, but these variables come up very rarely. I think they are only meant for Netscape/Firefox browsers.

Now that we have ‘decoded’ the supposed unbeatable Google Adsense code, what do you think about click fraud? You still think it is rare? After randomizing all the data and sending an automated query to their Adsense URL, all the scumbag has to do is parse out all of Google’s click URL’s and click one of them, giving him a click through. This can all be easily faked with even a Visual Basic program. A newbie programmer could in-fact cheat Google Adsense without much knowledge. Alrite you say, they beat the javascript code detection but doesn’t Google use cookies so they can’t do this?

No, Google does not use cookies for Adsense.
Well what about IP-tracking? Someone can’t have that many proxies! There are click groups that leave these programs running on their computer. They each randomly click each other’s URL’s automatically.

The person running the program doesn’t even have to do anything, but he is still contributing to the success of their group and himself. Does that sound too far-fetched? I am telling you that there are click groups that do this now and have been since the old Linkshare PPC days in 1999. Yes, if you were an advertiser on Linkshare back around 1999-2002, you got RAPED. And that isn’t all. I have read on the internet that there is currently over 100,000 people infected in the United States alone with trojan proxy servers. These proxy servers run on random ports so that Google can’t just do a simple port 8080 or 80 check on it to see if it’s a proxy.

The majority of these proxy servers are used for credit card fraud,
but a lot of them are also used to cheat Google Adsense and other pay per click programs.
These proxies are at-home users that look like normal dial-up, cable, and dsl users from all across the world, but mainly United States.

There is NO WAY to prove that they are a proxy.
Random User-Agent strings is another tactic that is often used by click fraudsters.
This makes Google think that a lot of different browsers are clicking the links, just keeping them further from finding out the truth. On a side note, you may be thinking that the new Yahoo! pay per click program may be the way to go. I checked into their protection and guess what? They are only using ONE of Google’s protections and that is the Javascript GetTime.

They are still in Beta though and this may change, but who knows?To the cheaters: The benefits of cheating are short. Eventually you will be caught for what you are doing and maybe even sued by Google. There is a ton of money to be made legally with Adsense and I suggest that you stop cheating. Who am I to tell you to stop? I use to be one of you! Back when I was 13-14 I was making programs like the ones you guys are using now. You guys probably used one of my programs at one time. I am happy to say that those days of mine are all in the past now, and I am making a good amount of money LEGALLY with Adsense and other affiliate programs. Work hard guys and you will reap the benefits 100 times what you make cheating.

To the advertisers: You people that use Google Adwords now see that it is actually not very hard to cheat you out of your money, so be careful and MAKE SURE that you use a click fraud protection script such as ClickDefense. To lower most of your click fraud, just don’t put your ads in the Content Network, only stay on Google’s sponsored search results. Only Google gets paid when someone clicks the search results sponsored ads and nobody wants to cheat to make Google anymore money do they? Check the stock, it’s currently at 279.58 a share.

To summarize my article I just want to state that no one should use this information for cheating Adsense and I am not responsible for your actions if you choose to do so. You will be caught because Google will evolve and get smarter, eventually.

About the author:
Joseph Tierney is the owner of Auction Fraud Protection - www.stopauctionfraud.com. A user-generated database of auction fraudsters. He is 2005 high school graduate and is currently studying for a computer science degree in college.

What is The Google AdSense?

Kids in High School are making thousands of dollars a month with Adsense… Housewives, Retiree’s, Mom and Pop’s who’ve never made a dime on the Internet have created full time incomes by simply placing AdSense Ads on their web site or blog.

Then you have the “Super AdSense” earners. We have all heard of them… the Elite few who are on track to make half a million dollars a year or more promoting AdSense sites.

Do not be mistaken though… these people are not building like your Mom and Pop’s do. They have systems in place that create sites for them… people who build sites for them… they have outsourced and automated many of the tedious tasks such as posting to blogs and searching for keywords.

While most people cannot emulate everything these Super AdSense earners do… many of them you can.


Here are 7 Required Steps you can implement today to copy their success.

1. Starting today… treat your AdSense business like it is a REAL business and track what you do.

Begin tracking what you are doing that works… as well as what you are doing that does not work. This will keep you from making the same mistakes over and over, and you can repeat the steps that have worked in the past. As simple as this step seems… most people do not know the reason(s) to their success or failure.
2. Utilize the latest tools and software available.

The Super AdSense earners are not any smarter than your average person. I know many people think they are… but for the most part, they are regular non techie people.

They are smarter in one respect though… they use the latest tools available to them to automate most of the tasks involved with researching and creating sites. They use the latest keyword, site creation and search engine optimization tools available. The tools they use are their secret weapons.
3. Quit chasing the Mega Dollar keywords.

You cannot compete with the search engine experts who create sites for the $80 payout keywords. You may get lucky every now and then… but in the long run, you are better off building sites for the low to mid range payout keywords. The competition is less, and your chance of success is much higher over the long term.
4. Choose broad niches and break it down.

Choose a broad subject as your main theme (lets use computers for an example). From there… break it down into as many sub niches as possible.

Using Computers as the example… you could build sub niches/sites like laptop computers, computer hard drives, computer keyboards, etc, etc. You could literally build hundreds of sites around one major theme and stay totally focused. Once you have exhausted every possible sub niche of that major theme… choose another main theme and repeat the process.
5. KISS

Keep your sites easy to navigate and forget the fancy graphics that distract your visitors attention. Unless you are just building AdSense sites for the fun of it and to impress your friends… the purpose of having the site is to have people click on one of the ads, right? Then keep the site layout simple… dump the scrolling banners, dancing chickens and colored scroll bars… they are distractions.
6. What is the purpose of your web site?

Your web site cannot be everything to everybody. If you have a full fledged ecommerce site, with products for sale… links to other products, it is not a good site for AdSense. If the primary focus of the site is to sell products… let it do that.

Do not distract or confuse your visitor with to many options or choices. The best AdSense sites are AdSense only content sites that sell nothing. They are sites that “Tell”… not “Sell.”
7. Be consistent.

This is not one of those deals where you build one site and you are done. Refer back to Step #4. You must continuously build in order to be successful.

Think of it as planting a crop that you will harvest in a month or two, and the sites you build are seeds. Once the seeds have grown and matured… you will reap the harvest. The more seeds you plant… the larger the harvest.

To sum it up… utilize the tools available to automate as much of the process of building sites - doing research and building keyword lists as you can. This alone will help keep you organized and on track. Be consistent in building… treat it like the business it is and you will reap the rewards of your harvest.