tag:blogger.com,1999:blog-6569681.post4218935581551055194..comments2024-03-24T10:38:16.997-07:00Comments on Geeking with Greg: Google on Clickbot.AGreg Lindenhttp://www.blogger.com/profile/09216403000599463072noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-6569681.post-23649647438666904342007-05-02T08:59:00.000-07:002007-05-02T08:59:00.000-07:00I recently read about hackers using ads to get peo...I recently <A HREF="http://www.schneier.com/blog/archives/2007/05/google_ad_hack.html" REL="nofollow">read </A>about <A HREF="http://blog.washingtonpost.com/securityfix/2007/04/virus_writers_taint_google_ad.html" REL="nofollow">hackers using ads</A> to get people to visit there sites and attack the browser. It is made possible because any pay-per-click ad system requires that the click first go to the ad server (for accounting) then be redirected to the advertiser's site. Since the user can never see the destination of the ad, it is easy for attackers to create ads that the user will want to follow, then insert their own site that provides thier attack, then redirect to the site the user wants without the user realizing they've been attacked. With click fraud making pay-per-click more risky for advertisers and hack ads making clicking on ads more dangerous for users, pay-per-click advertising has serious work to do to remain viable.Davidhttps://www.blogger.com/profile/15026602026490038278noreply@blogger.com