Congratulations to the newlyweds… after a long, long courtship Microsoft and Yahoo finally managed to get together (the prenuptials are still being sorted out!).  I have been in favor of this union for sometime now.  Google owns a ridiculous share of the pay per click advertising market and desperately needs a competitor.  Microsoft + Yahoo = Competition.  As I have said for the last several years, the lens we look through at Click Forensics is that of the advertiser.  Competition is always good for the advertiser.  

The growth of online advertising, in particular pay per click advertising, has been meteoric. It is a great model and one that has proven hugely successful for hundreds of thousands of advertisers large and small.  It is a model that will continue to grow as large advertisers shift more dollars from unmeasureable and less effective traditional media.  It will grow because it uses context, targeting and relevancy to the highest level.  Yahoo’s audience enhanced by Microsoft’s technology will mean innovation and efficiency.  There is no doubt; Google will continue to have success.  But the new partnership will make the online world even more attractive for advertisers.

Today there are standards in place to help hold the search providers accountable.  There are better reporting, campaign management and keyword tools to add to the efficiency.  I see a world in the near future where display advertising will begin to make significant gains from the data that exists in search. Context, targeting and relevance can improve every medium and this partnership will leverage that data to a much higher level than before.

So congrats to you both for a new start.  The entire advertising community is pulling for you and expecting big things. I do need to warn you… expectations are high and the honeymoon is short.  

Over the past week four major players in the online media space have announced accreditation to the Interactive Advertising Bureau’s Click Measurement Guidelines.  This list includes Yahoo!, Google, Microsoft and Business.com.  I wanted to take a moment and explore why you should care about this development and what accreditation means for advertisers.

The IAB is a publisher-focused organization that has led the process to develop click measurement guidelines.  The task force is made up of thirty or so companies representing the online advertising community.  Click Forensics has been a member since day one and participated in every step of the process.

There are three main benefits for advertisers and conversely, three concerns advertisers need to keep in mind associated with the entire process.  First, the benefits;

IAB Accreditation Represents a Commitment
The process to become accredited to the IAB guidelines is time consuming and certainly not free.  At Click Forensics, we have first hand knowledge of this and can assure you that any company that takes time and spends the money to become accredited is committed to their customers.  The level of detail the auditors go into is amazing.  Our community is fortunate to have auditors that have demonstrated a deep commitment to both the development of the process and the implementation of the guidelines.

IAB Accreditation Demonstrates Leadership
The IAB established a gating period to allow member companies and others to become accredited to the guidelines.  The companies mentioned above were the first to announce compliance.  This is important because it represents a sense of urgency among these four that enhances the urgency for others.  As an advertiser, you should reward these leaders with business.  They were first out of the gate and in my book that demonstrates leadership.

IAB Accreditation Means Better Quality Traffic
The IAB Guidelines are a lengthy narrative of “best practices” and rules in delivering quality traffic to advertisers.  While it is not intended to be a complete list, it serves as a firm foundation and includes practical steps to help ensure advertisers get what they pay for.  By working with an accredited ad provider, advertisers will be assured that the clicks they are buying have met the guidelines established by the industry.  This is a good thing and an excellent first step.

While we applaud the efforts of the IAB, Media Rating Council and member companies who participated in this process, there are things advertisers need to keep in mind.  There was a great deal of discussion and debate during the nearly three years of meetings it took to develop these guidelines.  In that process, there were a lot of valuable and important items that fell to the floor.  This is a good start, not a perfect process.  Keep in mind the following;

IAB Accreditation is a “Moment in Time” Process
The process for an ad provider to become accredited is a long one.  The auditor is invited in for a pre-assessment then the actual audit begins.  At the end of the process accreditation is awarded.  The problem is there is no mechanism for ongoing compliance.  When we buy gas at the gas station there is a meter that is routinely calibrated to ensure that when we fill our tank with 20 gallons of gasoline, we get 20 gallons.  This approach is not taken nor addressed in the guidelines.  While an annual audit is suggested in the guidelines, it is still important for advertisers to be monitoring their campaigns and holding the ad providers feet to the fire for every click.

IAB Accreditation Does Not Cover Everything
The 27 page Guideline document is quite comprehensive.  Our task force worked hard to ensure that both the guidelines are made clear and that the standard for measurement is defined.  However, when you consider that the dominant constituency in this process was multibillion-dollar ad providers, you might imagine not everything met their liking.  A few examples of chaff that hit the threshing room floor included:

Click ID – Each click should have a unique identifier so investigations can be “apples to apples”
Persistent Cookie – It’s important that ad providers can identify unique visitors to ensure they are billed for only once.
Standards for Investigation – Advertisers deserve to feel confident that they get what they pay for.  By setting an investigation format and agreeing to a timeline, ad providers can build trust with customers.

IAB Accreditation is a Roadmap
There is a Japanese proverb that says, “Beginning is easy and continuing is hard”.  There is truth in this as it relates to the guidelines.  We have begun the process.  We have released guidelines that will make the world of online advertising a better place.  Now we should look to leadership to take the next step and continue what we have begun.  The current guidelines will serve as a roadmap to the future standards.  We need to examine the items removed, listen to the community and think of better ways to ensure advertisers get what they pay for in the future.  The roadmap has been built.  Now we need to move on.

In January of 2006 as Click Forensics was just beginning as a company, I wrote the following challenge to our industry:

“Define standards for what an unwanted click looks like. We believe that there are certain characteristics or attributes that are common to a large percentage of click fraud. We are working with publishers and advertisers to agree on common ground and work together to expose it. Once this is developed it should be published so that the entire community can benefit from it.”

Today, over three years later, we have the cooperation of community leaders, the foundation of technical standards and the desire to continue to improve on what we have built.  I invite you, to join us as we build a future of ongoing growth and improving effectiveness by enhancing the process of online advertising.  I can assure you that both the Click Quality Council and Click Forensics will continue to support the work of the IAB and other industry organizations to work together to make our community a better place.  Let’s not stop with the foundation.

Wow!  Click fraud is real?  Click fraud costs online advertisers millions of dollars?  Click fraud can be uncovered and the perpetrators caught and punished?   Who knew?   Well, we did.

This week Microsoft filed the a complaint in U.S. District Court (Microsoft v. Lam, et. al., case number 09-cv-0815) seeking injunctive relief and damages from a group of people found to be perpetrating click fraud through the Microsoft adCenter platform.  This is only the second time (Google sued Auctions Expert International in 2004) that a search provider has ever caught and sued an individual (or a family, in this case) for click fraud.  We congratulate Microsoft for their efforts to root out this activity and encourage them in their pursuit of relief.  Online advertisers should appreciate knowing that click fraud does not always go undetected or unpunished.

For those not familiar with the case, it’s an example of what we call “competitor click fraud.”  The motivation of the perpetrators was simply to obtain higher-placed ad positions for lower bid amounts by depleting the daily budget of their competitors.  The verticals affected were auto insurance and the online role-playing game World of Warcraft.  Microsoft identified two brothers and their mother who controlled adCenter accounts that benefited from this fraud.  They believe that this scheme affected more than just adCenter advertisers, but also the advertisers on competitive search engines.

Microsoft’s complaint, now public information, is so well written it could be used as a tutorial on click fraud detection.  The most fascinating section describes the nearly year long game of cat-and-mouse played with the defendants.  Reading from the complaint: “When Microsoft took steps to mitigate these automated attacks, the perpetrators followed by implementing countermeasures to Microsoft’s actions.  A cycle of events ensued whereby the Defendants would update their attack methods to bypass the fixes implemented by Microsoft, and Microsoft would take additional steps to combat the new click fraud attacks.”

The lessons here are pretty clear:  Click fraud is still a problem and solving it requires constant vigilance.  The online advertising community needs to work together – search engines, ad networks, advertisers, and third-party auditors – to protect ourselves from this threat.

From spyware to bots to viruses and other unimaginable hazards… the web can be a scary place.  As far back as Prodigy in the early days of the online world, scams have been a part of the party.  The Internet is simply a new way for the bad guys to rip off unsuspecting consumers.  The key difference though is that the reach is enormous and the damage can spread to more people, more quickly than ever before.

Enter scareware, new way to trick unsuspecting consumers into parting with their money.  USA Today recently had an article  about the tricks and tactics used to perpetrate this latest rip off.  Unfortunately, online advertising has become an accomplice to the crime.

Scareware is worthless software that allegedly removes viruses from your computer.  Anyone who has surfed the web knows how easy it can be to become infected with a virus.  The damage to the users computer is often measured in slowed performance, unwanted clicking and potentially even more nefarious things like key logging and password swiping.  Now, the bad guys are selling “scareware” to solve a problem that may not actually exist.

The first such program was called “SpySheriff,” built by a team of cyber crooks from Russia.  The Anti-Phishing Working Group recently reported that scareware infections rose 48% in the second half of 2008.  The growth is tied to the ease of distribution and weaknesses in online advertising and the web in general.

There are several ways these fake products are being distributed.  Phony pages are created using hot search key words such as “American Idol” or “iPhone” and drive the unsuspecting consumer to the infected page.  Recently the Facebook email scam was used to send people to a page by promoting things like “best video.”  Since these emails came from your friends, millions clicked.  Twitter has become a vehicle for distribution. Phony Twitter accounts are created and enticing titles of posts encourage people to click.
 
Additionally, the bad guys are simply buying display or search ads.  They rotate in infected pages to the landing page.  It is virtually impossible for an ad provider to scan every ad impression and linking page.  This loophole creates an opportunity for the bad guys to drive significant traffic to infected pages at a very low cost.  Microsoft reported finding 4.4M installations of one such program, so the scale is enormous.  Do the math… at $49 or $79, that is big business.

Once someone lands on the page, getting off is nearly impossible.  Immediately upon landing, a “system scan” begins.  The results are, of course, showing that your computer is infected with a number of viruses.  Conveniently you can buy the product at that point and they take your money and run.  If you try to move away from the page, or cancel, an endless number of scans take over your screen.  Essentially, users must “control/alt/delete” their way out or restart.

The danger in this scam is not limited to monetary damage to the consumer.  These type of pages and methods to attract clicks are the same methods used to install spyware, malware and perpetrate click fraud.  To their credit, USA Today has done a good job over the last few years of highlighting the dangers of the web to the average consumer.

The FTC is cracking down.  They have identified products like WinFixer, DriveCleaner and XP AntiVirus as worthless and they are going after the owners.  The problem is that like the click fraud crooks, these guys are in remote locations and move their servers often. Tracking them is a full time job and extremely difficult.  The search engines are trying to help as well.  Bing has a neat feature that highlights “at risk” url’s.  Yahoo has similar product built with McAfee.

 
Trust is what keeps consumers clicking on ads.  Without stepped up industry efforts from organizations, like the Anti Phishing Working Groups and others, trust could be diminished.  Like click fraud, scareware is damaging trust.  It takes a community effort to stay after the problem and build solutions to take the scare out of the internet.

Depending on whom you ask, search marketing is either in a world of hurt or faring pretty well. While the mainstream media is quick to highlight the decline in online advertising, their focus is usually on display (banner) advertising and the plummeting CPM rates that publishers and ad networks can command. By almost all accounts, 2009 will be a difficult year for display advertising. But search advertising (CPC) continues to be a bright spot that will continue to shine for the foreseeable future.

Prior to Google’s and Yahoo’s earnings reports, the estimates for Q4 search spending were all over the map. An Efficient Frontier study concluded that search advertising spending had dropped by 8% in the most recent quarter. Another SEM firm, SearchIgnite, reported that search spending by retailers was up 12%. And yet another search marketing solution, Clickable, reported that Q4 search advertising spending saw “marginal search … spending increases” in the same quarter. So based on data from three leading solution providers, search advertising spending in Q4 either decreased, increased, or stayed about the same. Thanks, guys.

We now have earnings results from Google, Yahoo, and Microsoft and the picture from these Tier 1 search providers is pretty clear.

Results from Microsoft’s online and Yahoo’s search businesses were relatively flat, which isn’t all that bad in an economy where a 10% decline is often viewed as “good news.”  But Google’s results showed an 18% growth in paid clicks and revenue. That’s just stellar.  Since Google controls the large majority of the search market and 98+% of Google’s revenue comes from paid search, this means two things. One, Google is increasing market share. No news there. Two, the market as a whole is still growing at double-digit rates. That’s the real surprise and the truly good news.

Sure, we all have fond memories of the days when the CPC market was growing at 100% and new ad networks and business models were sprouting every week. Heck, that was only last year! But it’s important to remember that in a world where the unemployment rate in California exceeds 9% and even Google is cutting costs and laying off employees, the CPC market is still healthy and growing.

This week we released the Click Fraud Index® numbers for Q4 2008 and they showed a surprising uptick in the click fraud rate last quarter. I say surprising because the overall Index had been trending slightly down for almost a year.  But in bad times, fraudsters become more active. I think it’s healthy for an industry to pause from time-to-time to focus on the downside of business, to make sure proper controls are in place, that people get what they pay for. That’s the point of the Click Fraud Index. After all, no one was focused on Bernie Madoff when the market was going up, right?

Today we announced the Q4 2008 Click Fraud Index numbers (Industry Click Fraud Rate Higher Than Ever).  Click fraud traffic from botnets grew to 31.4 percent.  This seems to be just one byproduct of the economic downturn and increase in cybercrime (State of Internet Security).

Key findings from data reported for Q4 2008 include:

• The overall industry average click fraud rate grew to 17.1 percent for Q4 2008. That’s up from 16.0 percent in Q3 2008 and from the 16.6 percent rate reported for Q4 2007.
• The average click fraud rate of PPC advertisements appearing on search engine content networks, including Google AdSense and the Yahoo Publisher Network, was 28.2 percent. That’s up from the 27.1 percent rate reported for Q3 2008 and down slightly from the 28.3 percent rate reported for Q4 2007.
• Traffic from botnets was responsible for 31.4 percent of all click fraud traffic in Q4 2008. That’s up from the 27.6 percent rate reported for Q3 2008 and the 22.0 percent rate reported for Q4 2007.
• In Q4 2008, the greatest percentage of click fraud originating from countries outside the U.S. came from Canada (7.4 percent), Germany (3.0 percent) and China (2.3 percent).

The three biggest red flags that point to the economy having an impact on the growth of click fraud are:

• The Q4 click fraud rate jumped a percentage point when it was steady most of the year.
• We saw a higher than usual jump in the botnet rate (14 percent this quarter) and the botnet rate rose to its highest level ever at over 30 percent.
• We noticed a re-emergence of click farms when they had all but disappeared.

In over four years of reporting the Click Fraud Index, the overall industry click fraud average is at its highest threat yet.  With click farms and botnets on the rise, advertising campaigns are taking the hit.  It seems that the online advertising industry is feeling the pressure of the inconsistent economy in more ways than one.