A new email-base extortion scam is on the horizon that demands bitcoin form website owners, threating them to flood their websites with bot and junk traffic in case of not paying the extortion money.
According to report published by KrebsonSecurity on February 17, the scam targets web site serving banner ads through Google’s AdSense program.
The fraudsters behind the scam demand $5,000 worth of bitcoin from owners to prevent web sites form the bot attack.
These kinds of attacks sends a large amount of junk and fraudulent traffic on a website that lead to suspension of the user’s AdSense account for suspicious traffic.
According to the report, an owner who maintains several websites shared an email with the KrebsonSecurity team that reads:
“Very soon the warning notice from above will appear at the dashboard of your AdSense account undoubtedly! This will happen due to the fact that we’re about to flood your site with huge amount of direct bot generated web traffic with 100% bounce ratio and thousands of IP’s in rotation — a nightmare for every AdSense publisher. More also we’ll adjust our sophisticated bots to open, in endless cycle with different time duration, every AdSense banner which runs on your site.”
The Google AdSense traffic assessment algorithm will detect this large amount of traffic as fraudulent that could suspended AdSense temporarily.
But if this happens on continues bases, could result in permanent ban. The email message goes on:
“Next an ad serving limit will be placed on your publisher account and all the revenue will be refunded to advertisers. This means that the main source of profit for your site will be temporarily suspended. It will take some time, usually a month, for the AdSense to lift your ad ban, but if this happens we will have all the resources needed to flood your site again with bad quality web traffic which will lead to second AdSense ban that could be permanent!”
The message demands $5,000 worth of Bitcoin to pre-empt the attack. The owner told the team that he ignored the message considering it a baseless threat, but the review of recent AdSense traffic statistics showed that detections in his AdSense invalid traffic report from the past month had increased substantially.
The Google, in a statement, said that it has tools to prevent publishers form invalid traffic. There is also a form for publishers to contact Google if they believe they are the victims of these kinds off attacks.
The attacks on web sites involving Bitcoin isn’t new as Crypto Economy reported, the City of Johannesburg’s website was hacked in October last year and the hackers demanded a ransom of four bitcoins.
Google’s Policy Towards Ads
Google’ had had a chequered history with Ads coming from crypto currencies and this new development may force Google to further tighten regulations on how crypto currencies can advertise.
Google took a tough stance on decentralization, with many experts arguing that this was a move to reduce risking its Ad revenue.
An update to Google’s Financial Services Policy in 2018, did not affect the rise of Bitcoin’s value and Google had to step back and allow limited ads.