On Thursday, Microsoft’s security division announced a new initiative to fight cybercriminals pushing malware that makes them money via click fraud. More specifically, the Microsoft Malware Protection Center (MMPC) has teamed up with the Microsoft Online Forensics team at the Microsoft AdCenter (now simply called Bing Ads).
The company’s reasoning is simple: hit them where it hurts. In an ideal world, if malware becomes unprofitable, cybercriminals won’t make it anymore. While a world without malware is extremely unlikely, Microsoft is hoping to at least cut it down.
Here’s what the company has up its sleeve:
We are intersecting large data sets between malware telemetry and ad-clicks to detect anomalous behavior correlated to malware. And we are taking two relatively disparate domains of expertise and tools, namely malware and online advertising, and creating prevention systems and processes for identifying the entire chain of benefactors of click-fraud malware. In this way, we’re stopping the flow of illicit money at the AdCenter level.
To understand what’s happening here, let’s back up a little. One of the biggest ways people make money online is through ads. Pay-per-click (PPC) advertising, meaning advertisers only pay when potential customers click on an ad, was created in 1998. Soon after, click-fraud, the fake generation of a click that doesn’t originate from a potential customer, was born.
While anyone can do this (create a site, put PPC ads on it, and start clicking), there are of course ways for advertisers to fight back, such as checking who is clicking to make sure it’s not just a few individuals. When the fraudulent clicks come from various geographies all over the world, each behaving as unique as an individual while browsing the Internet, things can get much more complicated (there’s no simple way to track who benefits directly from a malicious click).
That’s exactly where malware comes in. When threats that push click fraud spread to countless computers, however, everyone loses: users have their computers hijacked and advertisers have to deal with fraudulent clicks. There’s a broader effect, too, as Microsoft explains:
Consumers pay more, albeit fractionally, for products whose marketing revenue is stolen by spurious clicks. Apps and services that are offered free of charge (such as search engines and smart phone games) are supported by online advertising. The overall health of digital commerce depends upon having a safe and secure market place where businesses can thrive.
Cybercriminals meanwhile make a killing if they plan everything out right. Malware authors may make very little money for a single fraudulent click, but if they link up enough publishers, affiliates, and syndication schemes, it can add up and be quite lucrative. In fact, they make millions, which is exactly why they keep doing it.
To further justify all this, Microsoft cites a statistic from NSS Labs: 60 percent to 70 percent of malware today has been written in a way to take advantage of some form of click fraud. So far, Microsoft says it has identified three malicous software families monetizing from click fraud and “has recouped those ill-gotten gains from the benefactors.”
That’s not exactly huge, but it’s definitely a solid start. It almost makes you wonder why Microsoft didn’t do this before: after all, both its security teams and its advertising teams will benefit if they can cut down on malware authors making money from click fraud.
See also – Microsoft’s security team is killing it: Not one product on Kaspersky’s top 10 vulnerabilities list and Study finds IE9 is better at blocking malware than Chrome, Safari, and Firefox combined
Image credit: Christa Richert