Google AdSense ransomware emails for invalid traffic
Krebs on Security published an article about new AdSense-based extortion and ransomware emails sent to Google AdSense publishers. They tell them that if they don't pay $5,000 in bitcoins within 72 hours, they'll send invalid traffic to the site, which will remove the AdSense revenue Google pays the publisher.
Here is the email that Krebs on Security published on its blog:
I don't think these types of e-mails are all that new, but it seems that they've become part of the news. Of course, if you receive one of these messages, you should send it to Google. Of course, don't pay the ransom. That's what they said when they tried to talk to Google about it:
Google declined to discuss the reader's account, claiming that its contracts prevent it from commenting publicly on the status of a specific partner or enforcement action. But in a statement shared with KrebsOnSecurity, the company said the message appears to be a classic sabotage threat, in which an actor attempts to trigger an enforcement action against a publisher by sending invalid traffic to their inventory.
"We hear a lot about the potential for sabotage, it's extremely rare in practice, and we've put certain safeguards in place to prevent sabotage from succeeding," explains the release. "For example, we have implemented detection mechanisms to proactively detect potential sabotage and account for it in our application systems."
Google said it has extensive tools and processes to protect against invalid traffic across all its products, and that most invalid traffic is filtered from its systems before advertisers and publishers are ever affected.
"We have a help center on our website with tips for AdSense publishers on sabotage," the release continues. "There is also a form we make available for publishers to contact us if they believe they are a victim of sabotage. We encourage publishers to disengage from any further communication or action with parties who report that they will drive invalid traffic to their web properties. If they have any concerns about invalid traffic, they should let us know and our ad traffic quality team will monitor and evaluate their accounts if necessary."
When it comes to link spam ransomware, Google says you can ignore it. But do you have some tools to protect yourself?
Anyway, I guess Google is hearing about these problems now in a much bigger way. Let's hope they take it seriously.
Discussion on the forum WebmasterWorld.