SlideShare a Scribd company logo

2012 ab is-your-browser-putting-you-at-risk-pt2

Комсс Файквэе
Комсс Файквэе

This document discusses click fraud in online advertising. Some key points: - Click fraud costs the US online advertising industry (worth $155 billion in 2011) millions as fraudsters generate fraudulent clicks to steal ad revenue. - Click fraud most directly harms ad buyers who pay for these fraudulent clicks. It can also damage the reputation of ad publishers. - Individual users are indirectly harmed as click fraudsters fund malware campaigns, infecting many users' devices which are then used to generate fraudulent clicks while also distributing additional malware like banking trojans. - Internet Explorer was found to have the highest click fraud rate of 96.6%, while Chrome, Firefox and Safari had much lower rates below 2

Technology
1 of 6
Download to read offline
  ANALYSIS  BRIEF  –  September  2012   IS  YOUR  BROWSER  PUTTING  YOU  AT  RISK?     PART  2  –  CLICK  FRAUD     Authors  -­‐  Francisco  Artes,  Stefan  Frei,  Ken  Baylor,  Jayendra  Pathak,  Bob  Walder     Overview   1 The  US  online  advertising  market  in  2011  was  approximately  $155  billion  USD .  Fraudsters  utilize  click  fraud  to   deflect  some  of  this  money  to  them  or  to  deplete  their  competitors  marketing  budgets.  In  the  process,  millions  of   consumer  and  corporate  users  are  infected  by  malware  as  a  byproduct  of  this  war  between  ad  buyers,  ad   publishers  and  fraudsters.   Click  fraud  is  a  type  of  Internet  crime  that  abuses  pay-­‐per-­‐click  online  advertising  for  the  purpose  of  generating  a   charge  per  click,  of  which  the  criminal  is  paid  a  percentage  of  the  ad  revenue.    The  effects  of  click  fraud  can  be   devastating  for  small  business  owners  and  very  costly  for  big  budget  ad  buyers.     For  individuals  and  enterprise  users,  the  effects  of  click  fraud  itself  are  malignant,  as  click  fraudsters  fund  many   malware  campaigns.  These  campaigns  lead  to  multiple  malware  infections  such  as  banking  trojans  that  typically   accompany  each  click  fraud  software  installation.     NSS  Lab  Findings:   • Click  fraud  itself,  causes  minimal  direct  harm  to  the  typical  end  user,  as  the  ultimate  target  is  the  ad   buyer.       • Consumer  and  corporate  users  are  infected  by  additional  malware  as  a  byproduct  of  click  fraud   installation.   • Click  fraud  catch  rates  are  Chrome  1.6%,  Firefox  0.8%,  Internet  Explorer  96.6%,  and  Safari  0.7%.   • Services  are  available  that  may  help  ad  buyers  identify  click  fraud.    However,  service  contracts  with  ad   2 networks  may  contain  clauses  that  restrict  ad  buyers’  ability  to  recover  damages  for  click  fraud.     • The  average  lifespan  of  a  click  fraud  URL  was  32  hours  with  over  50%  expiring  within  54  hours.                                                                                                                                           1  http://www.marketingcharts.com/direct/internet-­‐advertising-­‐revenues-­‐continue-­‐growth-­‐20257/   2  https://www.google.com/intl/en_us/adwords/select/TCUSbilling0806.html  Section  5.  
NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     NSS  Labs  Recommendations:   Ad  buyers  should:   • Put  pressure  on  Google  to  increase  the  click  fraud  protection  capabilities  of  Chrome  and  the  SafeBrowsing   API.   • Consider  the  use  of  click  fraud  forensics  to  reduce  the  amount  of  click  fraud  damages.   • Check  and  challenge  contract  clauses  that  may  limit  damages  or  restrict  ability  to  recover  damages.   • Prepare  for  major  growth  of  click  fraud  in  2013.       Analysis   Who  is  Affected  By  Click  Fraud?   Primary  victims:   Ad  buyers.  Ad  buyers  purchase  ads  from  ad  publishers  and  are  impacted  by  click  fraud  directly,  as  they  pay  for  the   total  number  of  clicks  (valid  clicks  and  undetected  click  fraud).     Secondary  victims:   Ad  Publishers:  The  existence  of  click  fraud  has  the  potential  to  damage  both  the  reputation  of  ad  publishers  and   general  confidence  in  the  online  advertising  economy.  Most  attempt  to  identify  click  fraud  and  actively  reduce  it   via  the  use  of  fraud  detection  engines,  thus  combating  negative  perceptions.     Consumers  and  Corporate  Users:  As  ad  publishers'  fraud  detection  engines  become  more  sophisticated,  fraudsters   evolve  creative  methods  of  simulating  'undetectable  traffic'.  One  method  is  to  infect  millions  of  unsuspecting   consumers  and  enterprise  users  with  click  fraud  malware,  which  will  convert  their  machines  into  bots.  As  these   fraudsters  have  a  strong  cash  flow,  they  finance  many  pay-­‐per-­‐install  campaigns.  Unfortunately,  other  malware  is   frequently  packaged  with  the  click  fraud  malware,  leaving  victims  open  to  intellectual  property  and  account  theft.   Beneficiaries:       Criminals:    Authors  of  click  fraud  malware  may  benefit  through  direct  sales  of  exploits  or  via  ad  revenue  from   fraudulent  clicks.  Organized  crime  syndicates  are  known  to  establish  websites  with  the  express  intent  of   perpetrating  click  fraud.  One  common  method  is  to  infect  unsuspecting  consumers  and  enterprise  users  with  a   combination  of  click  fraud  and  other  malware,  turning  their  machines  into  bot  networks  that  serve  as  launching   pads  for  other  criminal  activities.   Web  Site  Owners:    Web  site  owners  may  perpetrate  click  fraud  as  they  get  paid  a  proportion  of  ad  revenue  when   users  click  ads  that  are  displayed  on  their  site.  This  includes  organized  crime  syndicates  that  establish  websites   with  the  express  intent  of  perpetrating  click  fraud.  Business  rivals  may  purposely  use  click  fraud  to  deplete  their   competitors  marketing  budget.     Ad  Publishers:  Ad  publishers  passively  benefit  from  click  fraud,  as  they  earn  a  portion  of  revenue  every  time  one  of   their  ads  is  clicked,  fraudulently  or  not.  They  also  benefit  as  click  fraud  artificially  inflates  click  rates,  reducing   confidence  in  their  competitors  and  causing  ad  purchasers  to  defect  to  their  ad  network.   ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     2      
NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     According  to  Adometry,  an  organization  specializing  in  click  forensics  and  click  fraud  detection,  “In  an  environment   where  more  clicks  equals  more  money,  limiting  total  clicks  implicitly  means  ad  networks  reduce  revenue.”3       Test  Results   The  average  lifespan  of  a  click  fraud  URL  was  32  hours  with  over  50%  expiring  within  54  hours.    This  shows  us  that   click  fraud  is  distributed  via  quick  strike  campaigns.    Protection  technologies  must  respond  within  this  timeframe  in   order  to  be  effective.   Decay  of  Malicious  URLs  Over  Time.   100% Percent  URLs  Expired  /  ReTred   80% 57% 60% 40% 20% 0% 0 20 40 60 80 100 120 LifeTme  in  Hours     Figure  1  -­‐  Cumulative  Distribution                                                                                                                                                           3 http://www.adometry.com/blog/?p=682 ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     3      
NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     Figure  2  -­‐  Block  Rate  Unique  Payload  (MD5),  highlights  the  browser  block  rates  by  class  of  malware  purpose.   Internet  Explorer  exhibits  the  highest  block  rate,  followed  by  Google  Chrome,  and  then  either  Firefox  or  Safari.     However,  there  is  significant  difference  in  the  ability  of  each  browser  to  block  the  different  types  of  malware.    This   report  applies  to  click  fraud  only,  and  should  not  be  used  as  the  sole  basis  for  browser  selection.     Block Rate Unique Payload (MD5) Firefox Chrome Internet Explorer Safari ClickFraud 0.8% 1.6% 96.6% 0.7% Not ClickFraud 6.3% 25.9% 92.4% 6.6%   0.7% Safari 6.6% 96.6% Internet Explorer 92.4% 1.6% Chrome 25.9% 0.8% Firefox 6.3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%   Figure  2  -­‐  Block  Rate  Unique  Payload  (MD5)     While  it  is  apparent  from  these  results  that  click  fraud  is  a  leading  purpose  of  browser  malware,  it  is  surprising  and   concerning  that  there  is  such  a  large  difference  between  blocked  rates  for  other  malware  types  vs.  click  fraud  from   browser  to  browser.    As  seen  in  Figure  2,  NSS  Labs  found  Chrome  blocked  only  1.6%  of  click  fraud  as  compared  to   its  block  rate  of  other  malware  of  25.9%.     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     4      
NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     Impact   70%   60%   Internet  Explorer   50%   Firefox   40%   30%   Chrome   20%   Safari   10%   Opera   0%   2009-­‐09   2009-­‐11   2010-­‐01   2010-­‐05   2010-­‐07   2010-­‐09   2010-­‐11   2011-­‐01   2011-­‐05   2011-­‐07   2011-­‐09   2011-­‐11   2012-­‐01   2012-­‐05   2012-­‐07   2010-­‐03   2011-­‐03   2012-­‐03   Other     Figure  3  -­‐  Market  Share  by  Browser   4 Chrome’s  adoption  rate  has  established  it  as  the  leader  in  overall  browser  market  share   as  of  the  latter  half  of   2012.    Unless  Chrome  improves  its  protection  against  click  fraud,  NSS  predicts  an  increase  in  fraudulent  click   transaction  rates  given  Chrome’s  dominant  and  increasing  market  share.   35%   30%   25%   20%   Firefox     15%   Safari     10%   Chrome     5%   Internet  Explorer     0%   2009-­‐09   2009-­‐11   2010-­‐01   2010-­‐05   2010-­‐07   2010-­‐09   2010-­‐11   2011-­‐01   2011-­‐05   2011-­‐07   2011-­‐09   2011-­‐11   2012-­‐01   2012-­‐05   2012-­‐07   2010-­‐03   2011-­‐03   2012-­‐03         Figure  4  -­‐  Click  fraud  downloads  by  browser   This  graph  represents  the  overlay  of  our  test  results  when  applied  to  the  change  in  market  share  of  each  of  the   tested  browsers  since  2009.    NSS  predicts  an  increase  in  fraudulent  click  transaction  rates  given  Chrome’s   increasing  market  share.   With  the  growth  of  online  advertising  revenues,  the  profitability  of  click  fraud,  and  the  weakness  of  leading   browsers  to  protect  end-­‐users,  NSS  Labs  predicts  major  growth  in  click  fraud  in  2013.                                                                                                                                       4  http://gs.statcounter.com     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     5      
NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud         Contact  Information   NSS  Labs,  Inc.   6207  Bee  Caves  Road,  Suite  350   Austin,  TX  78746  USA   +1  (512)  961-­‐5300   info@nsslabs.com   www.nsslabs.com       This  analysis  brief  was  produced  as  part  of  NSS  Labs’  independent  testing  information  services.  Leading  products   were  tested  at  no  cost  to  the  vendor,  and  NSS  Labs  received  no  vendor  funding  to  produce  this  analysis  brief.   ©  2012  NSS  Labs,  Inc.  All  rights  reserved.  No  part  of  this  publication  may  be  reproduced,  photocopied,  stored  on  a  retrieval     system,  or  transmitted  without  the  express  written  consent  of  the  authors.       Please  note  that  access  to  or  use  of  this  report  is  conditioned  on  the  following:     1.    The  information  in  this  report  is  subject  to  change  by  NSS  Labs  without  notice.     2.    The  information  in  this  report  is  believed  by  NSS  Labs  to  be  accurate  and  reliable  at  the  time  of  publication,  but  is  not   guaranteed.  All  use  of  and  reliance  on  this  report  are  at  the  reader’s  sole  risk.  NSS  Labs  is  not  liable  or  responsible  for  any     damages,  losses,  or  expenses  arising  from  any  error  or  omission  in  this  report.   3.    NO  WARRANTIES,  EXPRESS  OR  IMPLIED  ARE  GIVEN  BY  NSS  LABS.  ALL  IMPLIED  WARRANTIES,  INCLUDING  IMPLIED   WARRANTIES  OF  MERCHANTABILITY,  FITNESS  FOR  A  PARTICULAR  PURPOSE,  AND  NON-­‐INFRINGEMENT  ARE  DISCLAIMED  AND   EXCLUDED  BY  NSS  LABS.  IN  NO  EVENT  SHALL  NSS  LABS  BE  LIABLE  FOR  ANY  CONSEQUENTIAL,  INCIDENTAL  OR  INDIRECT   DAMAGES,  OR  FOR  ANY  LOSS  OF  PROFIT,  REVENUE,  D ATA,  COMPUTER  PROGRAMS,  OR  OTHER  ASSETS,  EVEN  IF  ADVISED  OF  THE   POSSIBILITY  THEREOF.   4.    This  report  does  not  constitute  an  endorsement,  recommendation,  or  guarantee  of  any  of  the  products  (hardware  or   software)  tested  or  the  hardware  and  software  used  in  testing  the  products.  The  testing  does  not  guarantee  that  there  are  no   errors  or  defects  in  the  products  or  that  the  products  will  meet  the  reader’s  expectations,  requirements,  needs,  or   specifications,  or  that  they  will  operate  without  interruption.     5.    This  report  does  not  imply  any  endorsement,  sponsorship,  affiliation,  or  verification  by  or  with  any  organizations  mentioned   in  this  report.     6.    All  trademarks,  service  marks,  and  trade  names  used  in  this  report  are  the  trademarks,  service  marks,  and  trade  names  of   their  respective  owners.     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     6      

Recommended

Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Trademob whitepaper click-fraud
Trademob whitepaper click-fraudTrademob whitepaper click-fraud
Trademob whitepaper click-fraudDenis Verloes
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
 
2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-risk2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-riskКомсс Файквэе
 
754 Newport Avenue
754 Newport Avenue754 Newport Avenue
754 Newport AvenueGreg Skoutas, CCIM
 
Marketing
MarketingMarketing
MarketingThanh Tam
 
Accelerating data-intensive science by outsourcing the mundane
Accelerating data-intensive science by outsourcing the mundaneAccelerating data-intensive science by outsourcing the mundane
Accelerating data-intensive science by outsourcing the mundaneIan Foster
 

Recommended

Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Trademob whitepaper click-fraud
Trademob whitepaper click-fraudTrademob whitepaper click-fraud
Trademob whitepaper click-fraudDenis Verloes
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
 
2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-risk2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-riskКомсс Файквэе
 
754 Newport Avenue
754 Newport Avenue754 Newport Avenue
754 Newport AvenueGreg Skoutas, CCIM
 
Marketing
MarketingMarketing
MarketingThanh Tam
 
Accelerating data-intensive science by outsourcing the mundane
Accelerating data-intensive science by outsourcing the mundaneAccelerating data-intensive science by outsourcing the mundane
Accelerating data-intensive science by outsourcing the mundaneIan Foster
 
Andrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011presAndrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011presAmarjyoti Sarkar
 
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...Air Vice Marshal Alester Mohan De Zoysa
 
100 pap messieurs
100 pap messieurs100 pap messieurs
100 pap messieurscnrnatation
 
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...mike_asby_985
 
FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016Gaurav Khanna
 
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERAPresentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERAJedaxbarrera
 
Media Relations Plan Final Copy
Media Relations Plan Final CopyMedia Relations Plan Final Copy
Media Relations Plan Final CopyAmy Sue Hendrickson
 
Triple Net Lease Property for Sale
Triple Net Lease Property for SaleTriple Net Lease Property for Sale
Triple Net Lease Property for SaleThe Boulder Group
 
Antiquity of Term Hindu
Antiquity of Term HinduAntiquity of Term Hindu
Antiquity of Term HinduKarsevak India
 
Eric and bright
Eric and brightEric and bright
Eric and brightUppsala University
 
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...mike_asby_985
 
pwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnershipspwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnershipsbrandsynapse
 
2015 RCA Office Report
2015 RCA Office Report2015 RCA Office Report
2015 RCA Office ReportJustin B. Smith
 
Témoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répondTémoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répondJean-Jacques PUGIN
 
The Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategiesThe Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategiesUtai Sukviwatsirikul
 
Members-Details
Members-DetailsMembers-Details
Members-DetailsSandip Garg
 
Startups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumniStartups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumniShilpi Sharma
 
HCMC CBD Market Report | May 2014
HCMC CBD Market Report | May 2014 HCMC CBD Market Report | May 2014
HCMC CBD Market Report | May 2014 Colliers International | Vietnam
 
Design Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different takeDesign Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different takeManoj Kothari
 
Innovation blueprints#101
Innovation blueprints#101 Innovation blueprints#101
Innovation blueprints#101 Nils vesk
 
IAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud FinalIAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud FinalDr. Augustine Fou - Independent Ad Fraud Researcher
 
Targeted Online Advertising
Targeted Online AdvertisingTargeted Online Advertising
Targeted Online AdvertisingGautam Verma
 

More Related Content

Viewers also liked

Andrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011presAndrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011presAmarjyoti Sarkar
 
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...Air Vice Marshal Alester Mohan De Zoysa
 
100 pap messieurs
100 pap messieurs100 pap messieurs
100 pap messieurscnrnatation
 
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...mike_asby_985
 
FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016Gaurav Khanna
 
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERAPresentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERAJedaxbarrera
 
Triple Net Lease Property for Sale
Triple Net Lease Property for SaleTriple Net Lease Property for Sale
Triple Net Lease Property for SaleThe Boulder Group
 
Antiquity of Term Hindu
Antiquity of Term HinduAntiquity of Term Hindu
Antiquity of Term HinduKarsevak India
 
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...mike_asby_985
 
pwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnershipspwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnershipsbrandsynapse
 
Témoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répondTémoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répondJean-Jacques PUGIN
 
The Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategiesThe Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategiesUtai Sukviwatsirikul
 
Startups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumniStartups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumniShilpi Sharma
 
Design Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different takeDesign Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different takeManoj Kothari
 
Innovation blueprints#101
Innovation blueprints#101 Innovation blueprints#101
Innovation blueprints#101 Nils vesk
 

Viewers also liked (20)

Andrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011presAndrew sayer lancaster university july2011pres
Andrew sayer lancaster university july2011pres
 
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
Possible Basis for GOSL ban on LTTE Front Organizations and Persons affiliate...
 
100 pap messieurs
100 pap messieurs100 pap messieurs
100 pap messieurs
 
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
C74 ken-watanabe-reichen-lehmkuhl-michel-camilo-josh-rupe-annie-potts-adrian-...
 
FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016FundooParty.Com Company Profile June 2016
FundooParty.Com Company Profile June 2016
 
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERAPresentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
Presentacion moodle FERNANDO COLLAHUAZO DANIA BARRERA
 
Media Relations Plan Final Copy
Media Relations Plan Final CopyMedia Relations Plan Final Copy
Media Relations Plan Final Copy
 
Triple Net Lease Property for Sale
Triple Net Lease Property for SaleTriple Net Lease Property for Sale
Triple Net Lease Property for Sale
 
Antiquity of Term Hindu
Antiquity of Term HinduAntiquity of Term Hindu
Antiquity of Term Hindu
 
Eric and bright
Eric and brightEric and bright
Eric and bright
 
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
C11 herbert-hart-brian-hunter-placido-polanco-walter-kichel-richard-demuth-pe...
 
pwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnershipspwc cii-pharma_summit_enhancing value through partnerships
pwc cii-pharma_summit_enhancing value through partnerships
 
2015 RCA Office Report
2015 RCA Office Report2015 RCA Office Report
2015 RCA Office Report
 
Témoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répondTémoins de jéhovah yahouh leur répond
Témoins de jéhovah yahouh leur répond
 
The Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategiesThe Pharma 2020 series : PWC Pharma-success-strategies
The Pharma 2020 series : PWC Pharma-success-strategies
 
Members-Details
Members-DetailsMembers-Details
Members-Details
 
Startups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumniStartups founded by Indian Institute Technology (IIT) alumni
Startups founded by Indian Institute Technology (IIT) alumni
 
HCMC CBD Market Report | May 2014
HCMC CBD Market Report | May 2014 HCMC CBD Market Report | May 2014
HCMC CBD Market Report | May 2014
 
Design Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different takeDesign Thinking - how does it add value - a different take
Design Thinking - how does it add value - a different take
 
Innovation blueprints#101
Innovation blueprints#101 Innovation blueprints#101
Innovation blueprints#101
 

Similar to 2012 ab is-your-browser-putting-you-at-risk-pt2

Targeted Online Advertising
Targeted Online AdvertisingTargeted Online Advertising
Targeted Online AdvertisingGautam Verma
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats- Mark - Fullbright
 
A radical solution for broken digital advertising
A radical solution for broken digital advertisingA radical solution for broken digital advertising
A radical solution for broken digital advertisingMando Liussi
 
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...EMC
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising Mohd Arif
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryDistil Networks
 
Bot detection deck 042514 final
Bot detection deck 042514 finalBot detection deck 042514 final
Bot detection deck 042514 finalVindicoGroup
 
Trademob whitepaper click-fraud
Trademob whitepaper click-fraudTrademob whitepaper click-fraud
Trademob whitepaper click-fraudThierry Pires
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
Android mobile platform security and malware
Android mobile platform security and malwareAndroid mobile platform security and malware
Android mobile platform security and malwareeSAT Publishing House
 
Android mobile platform security and malware survey
Android mobile platform security and malware surveyAndroid mobile platform security and malware survey
Android mobile platform security and malware surveyeSAT Journals
 
Mystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleMystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleShailin Dhar
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksdinCloud Inc.
 
Ad fraud & Programmatic
Ad fraud & ProgrammaticAd fraud & Programmatic
Ad fraud & ProgrammaticNeeraj Mishra
 

Similar to 2012 ab is-your-browser-putting-you-at-risk-pt2 (20)

IAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud FinalIAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud Final
 
Targeted Online Advertising
Targeted Online AdvertisingTargeted Online Advertising
Targeted Online Advertising
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fou
 
A radical solution for broken digital advertising
A radical solution for broken digital advertisingA radical solution for broken digital advertising
A radical solution for broken digital advertising
 
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...
Analyst Report: EMA - The Industrialization of Fraud Demands a Dynamic Intell...
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad Inventory
 
Bot detection deck 042514 final
Bot detection deck 042514 finalBot detection deck 042514 final
Bot detection deck 042514 final
 
Trademob whitepaper click-fraud
Trademob whitepaper click-fraudTrademob whitepaper click-fraud
Trademob whitepaper click-fraud
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
Android mobile platform security and malware
Android mobile platform security and malwareAndroid mobile platform security and malware
Android mobile platform security and malware
 
Android mobile platform security and malware survey
Android mobile platform security and malware surveyAndroid mobile platform security and malware survey
Android mobile platform security and malware survey
 
Mystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleMystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification Bubble
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacks
 
Google And The Click Fraud Menace
Google And The Click Fraud MenaceGoogle And The Click Fraud Menace
Google And The Click Fraud Menace
 
W verb68
W verb68W verb68
W verb68
 
Ad fraud & Programmatic
Ad fraud & ProgrammaticAd fraud & Programmatic
Ad fraud & Programmatic
 
ComplianceBrief
ComplianceBriefComplianceBrief
ComplianceBrief
 
WeDo Technologies Blog 2014
WeDo Technologies Blog 2014WeDo Technologies Blog 2014
WeDo Technologies Blog 2014
 

More from Комсс Файквэе

Rp data breach-investigations-report-2013-en_xg
Rp data breach-investigations-report-2013-en_xgRp data breach-investigations-report-2013-en_xg
Rp data breach-investigations-report-2013-en_xgКомсс Файквэе
 
Hta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijackingHta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijackingКомсс Файквэе
 

More from Комсс Файквэе (20)

Ksb 2013 ru
Ksb 2013 ruKsb 2013 ru
Ksb 2013 ru
 
Rp quarterly-threat-q3-2013
Rp quarterly-threat-q3-2013Rp quarterly-threat-q3-2013
Rp quarterly-threat-q3-2013
 
Rp data breach-investigations-report-2013-en_xg
Rp data breach-investigations-report-2013-en_xgRp data breach-investigations-report-2013-en_xg
Rp data breach-investigations-report-2013-en_xg
 
Apwg trends report_q2_2013
Apwg trends report_q2_2013Apwg trends report_q2_2013
Apwg trends report_q2_2013
 
Mobile threat report_q3_2013
Mobile threat report_q3_2013Mobile threat report_q3_2013
Mobile threat report_q3_2013
 
Scimp paper
Scimp paperScimp paper
Scimp paper
 
Ey giss-under-cyber-attack
Ey giss-under-cyber-attackEy giss-under-cyber-attack
Ey giss-under-cyber-attack
 
Hta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijackingHta t07-did-you-read-the-news-http-request-hijacking
Hta t07-did-you-read-the-news-http-request-hijacking
 
Analitika web 2012_positive_technologies
Analitika web 2012_positive_technologiesAnalitika web 2012_positive_technologies
Analitika web 2012_positive_technologies
 
B istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-usB istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-us
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
B intelligence report-08-2013.en-us
B intelligence report-08-2013.en-usB intelligence report-08-2013.en-us
B intelligence report-08-2013.en-us
 
Dtl 2013 q2_home.1.2
Dtl 2013 q2_home.1.2Dtl 2013 q2_home.1.2
Dtl 2013 q2_home.1.2
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
 
Kaspersky lab av_test_whitelist_test_report
Kaspersky lab av_test_whitelist_test_reportKaspersky lab av_test_whitelist_test_report
Kaspersky lab av_test_whitelist_test_report
 
The modern-malware-review-march-2013
The modern-malware-review-march-2013 The modern-malware-review-march-2013
The modern-malware-review-march-2013
 
Dtl 2012 kl-app_ctl1.2
Dtl 2012 kl-app_ctl1.2Dtl 2012 kl-app_ctl1.2
Dtl 2012 kl-app_ctl1.2
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012
 
H02 syllabus
H02 syllabusH02 syllabus
H02 syllabus
 
Course reader-title
Course reader-titleCourse reader-title
Course reader-title
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

2012 ab is-your-browser-putting-you-at-risk-pt2

  • 1.   ANALYSIS  BRIEF  –  September  2012   IS  YOUR  BROWSER  PUTTING  YOU  AT  RISK?     PART  2  –  CLICK  FRAUD     Authors  -­‐  Francisco  Artes,  Stefan  Frei,  Ken  Baylor,  Jayendra  Pathak,  Bob  Walder     Overview   1 The  US  online  advertising  market  in  2011  was  approximately  $155  billion  USD .  Fraudsters  utilize  click  fraud  to   deflect  some  of  this  money  to  them  or  to  deplete  their  competitors  marketing  budgets.  In  the  process,  millions  of   consumer  and  corporate  users  are  infected  by  malware  as  a  byproduct  of  this  war  between  ad  buyers,  ad   publishers  and  fraudsters.   Click  fraud  is  a  type  of  Internet  crime  that  abuses  pay-­‐per-­‐click  online  advertising  for  the  purpose  of  generating  a   charge  per  click,  of  which  the  criminal  is  paid  a  percentage  of  the  ad  revenue.    The  effects  of  click  fraud  can  be   devastating  for  small  business  owners  and  very  costly  for  big  budget  ad  buyers.     For  individuals  and  enterprise  users,  the  effects  of  click  fraud  itself  are  malignant,  as  click  fraudsters  fund  many   malware  campaigns.  These  campaigns  lead  to  multiple  malware  infections  such  as  banking  trojans  that  typically   accompany  each  click  fraud  software  installation.     NSS  Lab  Findings:   • Click  fraud  itself,  causes  minimal  direct  harm  to  the  typical  end  user,  as  the  ultimate  target  is  the  ad   buyer.       • Consumer  and  corporate  users  are  infected  by  additional  malware  as  a  byproduct  of  click  fraud   installation.   • Click  fraud  catch  rates  are  Chrome  1.6%,  Firefox  0.8%,  Internet  Explorer  96.6%,  and  Safari  0.7%.   • Services  are  available  that  may  help  ad  buyers  identify  click  fraud.    However,  service  contracts  with  ad   2 networks  may  contain  clauses  that  restrict  ad  buyers’  ability  to  recover  damages  for  click  fraud.     • The  average  lifespan  of  a  click  fraud  URL  was  32  hours  with  over  50%  expiring  within  54  hours.                                                                                                                                           1  http://www.marketingcharts.com/direct/internet-­‐advertising-­‐revenues-­‐continue-­‐growth-­‐20257/   2  https://www.google.com/intl/en_us/adwords/select/TCUSbilling0806.html  Section  5.  
  • 2. NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     NSS  Labs  Recommendations:   Ad  buyers  should:   • Put  pressure  on  Google  to  increase  the  click  fraud  protection  capabilities  of  Chrome  and  the  SafeBrowsing   API.   • Consider  the  use  of  click  fraud  forensics  to  reduce  the  amount  of  click  fraud  damages.   • Check  and  challenge  contract  clauses  that  may  limit  damages  or  restrict  ability  to  recover  damages.   • Prepare  for  major  growth  of  click  fraud  in  2013.       Analysis   Who  is  Affected  By  Click  Fraud?   Primary  victims:   Ad  buyers.  Ad  buyers  purchase  ads  from  ad  publishers  and  are  impacted  by  click  fraud  directly,  as  they  pay  for  the   total  number  of  clicks  (valid  clicks  and  undetected  click  fraud).     Secondary  victims:   Ad  Publishers:  The  existence  of  click  fraud  has  the  potential  to  damage  both  the  reputation  of  ad  publishers  and   general  confidence  in  the  online  advertising  economy.  Most  attempt  to  identify  click  fraud  and  actively  reduce  it   via  the  use  of  fraud  detection  engines,  thus  combating  negative  perceptions.     Consumers  and  Corporate  Users:  As  ad  publishers'  fraud  detection  engines  become  more  sophisticated,  fraudsters   evolve  creative  methods  of  simulating  'undetectable  traffic'.  One  method  is  to  infect  millions  of  unsuspecting   consumers  and  enterprise  users  with  click  fraud  malware,  which  will  convert  their  machines  into  bots.  As  these   fraudsters  have  a  strong  cash  flow,  they  finance  many  pay-­‐per-­‐install  campaigns.  Unfortunately,  other  malware  is   frequently  packaged  with  the  click  fraud  malware,  leaving  victims  open  to  intellectual  property  and  account  theft.   Beneficiaries:       Criminals:    Authors  of  click  fraud  malware  may  benefit  through  direct  sales  of  exploits  or  via  ad  revenue  from   fraudulent  clicks.  Organized  crime  syndicates  are  known  to  establish  websites  with  the  express  intent  of   perpetrating  click  fraud.  One  common  method  is  to  infect  unsuspecting  consumers  and  enterprise  users  with  a   combination  of  click  fraud  and  other  malware,  turning  their  machines  into  bot  networks  that  serve  as  launching   pads  for  other  criminal  activities.   Web  Site  Owners:    Web  site  owners  may  perpetrate  click  fraud  as  they  get  paid  a  proportion  of  ad  revenue  when   users  click  ads  that  are  displayed  on  their  site.  This  includes  organized  crime  syndicates  that  establish  websites   with  the  express  intent  of  perpetrating  click  fraud.  Business  rivals  may  purposely  use  click  fraud  to  deplete  their   competitors  marketing  budget.     Ad  Publishers:  Ad  publishers  passively  benefit  from  click  fraud,  as  they  earn  a  portion  of  revenue  every  time  one  of   their  ads  is  clicked,  fraudulently  or  not.  They  also  benefit  as  click  fraud  artificially  inflates  click  rates,  reducing   confidence  in  their  competitors  and  causing  ad  purchasers  to  defect  to  their  ad  network.   ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     2      
  • 3. NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     According  to  Adometry,  an  organization  specializing  in  click  forensics  and  click  fraud  detection,  “In  an  environment   where  more  clicks  equals  more  money,  limiting  total  clicks  implicitly  means  ad  networks  reduce  revenue.”3       Test  Results   The  average  lifespan  of  a  click  fraud  URL  was  32  hours  with  over  50%  expiring  within  54  hours.    This  shows  us  that   click  fraud  is  distributed  via  quick  strike  campaigns.    Protection  technologies  must  respond  within  this  timeframe  in   order  to  be  effective.   Decay  of  Malicious  URLs  Over  Time.   100% Percent  URLs  Expired  /  ReTred   80% 57% 60% 40% 20% 0% 0 20 40 60 80 100 120 LifeTme  in  Hours     Figure  1  -­‐  Cumulative  Distribution                                                                                                                                                           3 http://www.adometry.com/blog/?p=682 ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     3      
  • 4. NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     Figure  2  -­‐  Block  Rate  Unique  Payload  (MD5),  highlights  the  browser  block  rates  by  class  of  malware  purpose.   Internet  Explorer  exhibits  the  highest  block  rate,  followed  by  Google  Chrome,  and  then  either  Firefox  or  Safari.     However,  there  is  significant  difference  in  the  ability  of  each  browser  to  block  the  different  types  of  malware.    This   report  applies  to  click  fraud  only,  and  should  not  be  used  as  the  sole  basis  for  browser  selection.     Block Rate Unique Payload (MD5) Firefox Chrome Internet Explorer Safari ClickFraud 0.8% 1.6% 96.6% 0.7% Not ClickFraud 6.3% 25.9% 92.4% 6.6%   0.7% Safari 6.6% 96.6% Internet Explorer 92.4% 1.6% Chrome 25.9% 0.8% Firefox 6.3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%   Figure  2  -­‐  Block  Rate  Unique  Payload  (MD5)     While  it  is  apparent  from  these  results  that  click  fraud  is  a  leading  purpose  of  browser  malware,  it  is  surprising  and   concerning  that  there  is  such  a  large  difference  between  blocked  rates  for  other  malware  types  vs.  click  fraud  from   browser  to  browser.    As  seen  in  Figure  2,  NSS  Labs  found  Chrome  blocked  only  1.6%  of  click  fraud  as  compared  to   its  block  rate  of  other  malware  of  25.9%.     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     4      
  • 5. NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud     Impact   70%   60%   Internet  Explorer   50%   Firefox   40%   30%   Chrome   20%   Safari   10%   Opera   0%   2009-­‐09   2009-­‐11   2010-­‐01   2010-­‐05   2010-­‐07   2010-­‐09   2010-­‐11   2011-­‐01   2011-­‐05   2011-­‐07   2011-­‐09   2011-­‐11   2012-­‐01   2012-­‐05   2012-­‐07   2010-­‐03   2011-­‐03   2012-­‐03   Other     Figure  3  -­‐  Market  Share  by  Browser   4 Chrome’s  adoption  rate  has  established  it  as  the  leader  in  overall  browser  market  share   as  of  the  latter  half  of   2012.    Unless  Chrome  improves  its  protection  against  click  fraud,  NSS  predicts  an  increase  in  fraudulent  click   transaction  rates  given  Chrome’s  dominant  and  increasing  market  share.   35%   30%   25%   20%   Firefox     15%   Safari     10%   Chrome     5%   Internet  Explorer     0%   2009-­‐09   2009-­‐11   2010-­‐01   2010-­‐05   2010-­‐07   2010-­‐09   2010-­‐11   2011-­‐01   2011-­‐05   2011-­‐07   2011-­‐09   2011-­‐11   2012-­‐01   2012-­‐05   2012-­‐07   2010-­‐03   2011-­‐03   2012-­‐03         Figure  4  -­‐  Click  fraud  downloads  by  browser   This  graph  represents  the  overlay  of  our  test  results  when  applied  to  the  change  in  market  share  of  each  of  the   tested  browsers  since  2009.    NSS  predicts  an  increase  in  fraudulent  click  transaction  rates  given  Chrome’s   increasing  market  share.   With  the  growth  of  online  advertising  revenues,  the  profitability  of  click  fraud,  and  the  weakness  of  leading   browsers  to  protect  end-­‐users,  NSS  Labs  predicts  major  growth  in  click  fraud  in  2013.                                                                                                                                       4  http://gs.statcounter.com     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     5      
  • 6. NSS  Labs   Analysis  Brief  –  Is  Your  Browser  Putting  You  At  Risk?  Pt  2  –  Click  Fraud         Contact  Information   NSS  Labs,  Inc.   6207  Bee  Caves  Road,  Suite  350   Austin,  TX  78746  USA   +1  (512)  961-­‐5300   info@nsslabs.com   www.nsslabs.com       This  analysis  brief  was  produced  as  part  of  NSS  Labs’  independent  testing  information  services.  Leading  products   were  tested  at  no  cost  to  the  vendor,  and  NSS  Labs  received  no  vendor  funding  to  produce  this  analysis  brief.   ©  2012  NSS  Labs,  Inc.  All  rights  reserved.  No  part  of  this  publication  may  be  reproduced,  photocopied,  stored  on  a  retrieval     system,  or  transmitted  without  the  express  written  consent  of  the  authors.       Please  note  that  access  to  or  use  of  this  report  is  conditioned  on  the  following:     1.    The  information  in  this  report  is  subject  to  change  by  NSS  Labs  without  notice.     2.    The  information  in  this  report  is  believed  by  NSS  Labs  to  be  accurate  and  reliable  at  the  time  of  publication,  but  is  not   guaranteed.  All  use  of  and  reliance  on  this  report  are  at  the  reader’s  sole  risk.  NSS  Labs  is  not  liable  or  responsible  for  any     damages,  losses,  or  expenses  arising  from  any  error  or  omission  in  this  report.   3.    NO  WARRANTIES,  EXPRESS  OR  IMPLIED  ARE  GIVEN  BY  NSS  LABS.  ALL  IMPLIED  WARRANTIES,  INCLUDING  IMPLIED   WARRANTIES  OF  MERCHANTABILITY,  FITNESS  FOR  A  PARTICULAR  PURPOSE,  AND  NON-­‐INFRINGEMENT  ARE  DISCLAIMED  AND   EXCLUDED  BY  NSS  LABS.  IN  NO  EVENT  SHALL  NSS  LABS  BE  LIABLE  FOR  ANY  CONSEQUENTIAL,  INCIDENTAL  OR  INDIRECT   DAMAGES,  OR  FOR  ANY  LOSS  OF  PROFIT,  REVENUE,  D ATA,  COMPUTER  PROGRAMS,  OR  OTHER  ASSETS,  EVEN  IF  ADVISED  OF  THE   POSSIBILITY  THEREOF.   4.    This  report  does  not  constitute  an  endorsement,  recommendation,  or  guarantee  of  any  of  the  products  (hardware  or   software)  tested  or  the  hardware  and  software  used  in  testing  the  products.  The  testing  does  not  guarantee  that  there  are  no   errors  or  defects  in  the  products  or  that  the  products  will  meet  the  reader’s  expectations,  requirements,  needs,  or   specifications,  or  that  they  will  operate  without  interruption.     5.    This  report  does  not  imply  any  endorsement,  sponsorship,  affiliation,  or  verification  by  or  with  any  organizations  mentioned   in  this  report.     6.    All  trademarks,  service  marks,  and  trade  names  used  in  this  report  are  the  trademarks,  service  marks,  and  trade  names  of   their  respective  owners.     ©  2012  NSS  Labs,  Inc.  All  rights  reserved.     6