Click fraud declined in the first quarter of 2009 to 13.8 percent, according to Click Forensics’ Click Fraud Index.
That’s down from the all-time high of 17.1 percent reported for the fourth quarter of 2008 and from the 16.3 percent rate reported for the first quarter of 2008.
Click fraud traffic from malicious scripted programs increased in the first quarter of 2009. Unlike botnets or malware, these new threats exist as simple JavaScript programs that execute upon a page view or site visit. Ad networks were found to be especially vulnerable to these attacks during the quarter.
In Q1 2009, the greatest percentage of click fraud coming from countries outside the U.S. came from Canada, United Kingdom and Germany.
“It appears that the drop in keyword Cost Per Clicks (CPCs) and the progress Yahoo! and Google made blocking click fraud from botnet sources contributed to the decline in the overall click fraud rate this quarter,” said Tom Cuthbert, president of Click Forensics.
“However, we also saw an increase in scripted attacks aimed at ad networks, which are historically more vulnerable to such threats. Advertisers should pay close attention to traffic from these sources over the next year.”
The data also found that click fraud schemes are increasingly complex, sophisticated, and more difficult to detect. One new type of fraud discovered this quarter was carried out by malicious scripts that execute when a visitor views a web page disguised as relevant content or search results.
The script initiates “Zero-iframe” or off-screen clicks that route the visitor session through an alias referrer website, and on to unsuspecting advertisers who pay for the phantom click. This occurs transparently to offending site’s visitor; they never see the ad or visit the advertiser, and their computer is not infected with any type of malware.