Categories: I don't have an account anymore: Disabled accounts :

The crash course emergency strategy for click bombing attacks

Showing 1-305 of 305 messages
The crash course emergency strategy for click bombing attacks Publisher1 6/14/10 12:50 PM
I've posted earlier on how I survived a major click bombing attack.  However, I realize that people who have not prepared adequately can suddenly be hit and am writing this note for readers who may encounter this situation.  It provides a step-by-step approach which should increase your chance of surviving the click bombing and allow you to preserve/maintain your account.  NOTE:  This advice won't help you if your account has been disabled:  You must act right away if you sense a click bombing occurs.

1.   Watch your account.
If you notice a surge in revenue which either you cannot explain or (b) follows some sort of threat to you, you are possibly/probably dealing with a click bomber. 
2.  Remove ALL sites but one "hidden" location and ensure NO AdSense ads are reachable on sites within your  Allowed Sites list.  Now is not the time to see money pouring into your account.  As long as the click bomber is in the picture, you want Zero revenue, at least until you know what is the cause and can isolate it.
3.  Figure out the source of your problem.  You have two approaches.  If you haven't already done it, install a stats counter resource to monitor your site(s) with greater depth.  I use statcounter.com (it is free) but you can use other services.  Secondly, although not instantly useful, you can monitor the "allowed sites" function and see where the traffic is arising.  If it is from a strange site not your own, you will know the source of the problem.
4.  Then you need to isolate and stop the click bombing.  If you operate your site/blog from a server which you host/control, you can block specific IP addresses and domains and you may be able to put code on your site even if you are using blogger or other sites to restrict access.
5.  You should report your actions to Google as soon as you notice problems, advising of the steps you are taking.  The prompt removal of your sites from the "allowed sites" function will generally avoid problems as AdWords advertisers will not be payng for the malicious clicks.  https://www.google.com/adsense/support/bin/request.py?contact=appeal_form

(unknown) 6/15/10 2:10 AM <This message has been deleted.>
Re: The crash course emergency strategy for click bombing attacks PeggyK 6/16/10 2:01 PM
Thanks Publisher1.

I don't think it requires 24/7 monitoring - once a day should be enough to spot abnormal activity starting up.
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/16/10 4:28 PM
You don't need to watch every minute.  One, two or maybe three checks a day at most is all you need unless you have concern something odd is happening.  You are simply looking for irregular extra revenue and clicks on your account; so you don't even need to proe into stats or other detailed research at this stage.

The point is, when you see the problem, you must ensure that AdWords advertisers don't pay "you" for your bonber's initiative.  You can do this by removing all of your sites (but one hidden place, because you need one site "active") on the Allowed Sites function.  The bomber than can click, click and click some more, and no damage is really done except to your legitimate potential daily revenue for the time it takes to figure out the source and deal with the problem.

And that loss is a whole lot less than your loss if you lose your AdSense account.
Re: The crash course emergency strategy for click bombing attacks webmaster2002itc 6/17/10 8:16 AM
I think I am currently under attack and was referred to this string.

I removed all GA ads from my site yesterday after seeing an abnormal spike in clicks.  However, I'm still seeing clicks today even though I thought all of the ads on that site had been removed.  Is it possible for one of these click bombers to "recreate" an ad with my information and then click on it so it still registers under my account?
Re: The crash course emergency strategy for click bombing attacks Gracey 6/17/10 8:23 AM
Not if you are using the allowed sites function. Only sites listed in the allowed sites list will accrue earnings in your adsense account.

So, if some bum comes along, grabs your code places on some empty blog and clicks their brains out...all they are doing is clicking their brains out.

AdSense won't recognize those clicks and doesn't attribute them to you. Because that blog isn't in your allowed sites list.
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/17/10 8:23 AM
have you removed your sites from the allowed sites list?

Are you showing clicks but no revenue?  If that is the case, you are okay.  The click bomber can click and click but no harm will be done to AdWords advertisers.

Some bad guys will "steal" your code and put it on their own sites. (This certainly happened to me in the most recent attack.) The "allowed sites" function should prevent this problem from causing danger to your account.   By removing your own sites from the allowed sites list as well you ensure 100 per cent that there is no chance of invalid revenue flowing to your account or any damage to AdWords advertisers.  You can also monitor the allowed sites report to see if the activity is arising from any strange site(s) out of your control and then take measures to block or isolate the problem.

Re: The crash course emergency strategy for click bombing attacks webmaster2002itc 6/17/10 8:36 AM
Thank you all so much.  I had never used the Allowed Sites function before.  I've now taken the site being attacked off the allowed list.  Whew!  I feel better already.
Re: The crash course emergency strategy for click bombing attacks Easthampton 6/29/10 7:01 AM
This is GREAT!  Can you discuss a little more fully this part,
 
"2.  Remove ALL sites but one "hidden" location and ensure NO AdSense ads are reachable on sites within your  Allowed Sites list.  Now is not the time to see money pouring into your account.  As long as the click bomber is in the picture, you want Zero revenue, at least until you know what is the cause and can isolate it."
 
I'm completely in the dark about how to even "remove a site" or how to tell if " NO AdSense ads are reachable on sites within your  Allowed Sites list".
 
I agree with the poster who said that people at Google get paid mucho dinero to figure out this stuff, so it's kind of hard to expect someone like me to do this, I'm just the little...
 
Madwoman of Easthampton
Re: The crash course emergency strategy for click bombing attacks Gracey 6/29/10 7:09 AM
A hidden location would be a site that is most likely to NOT be found by doing any sort of search for you, your name, your associated sites, etc.

For instance, in blogger you can create many blogs within your one dashboard. If your blogs contain your profile link (this is a default setting when creating a new blog) all a person has to do is click that link to find all your other blogs because they'll be listed in your profile.

You can purchase a .com domain name, but if you don't pay for the "privacy" setting then your real name is associated with that .com domain.

If you know a person's real name, sites they own can be found by doing "whois" searches to find out how many and what domains that person owns.

If you place links from any of your sites or online profiles to any of your other sites, they'll be easy to find.

A hidden site would be one where the registry information is private and has no links from any of your sites to it and makes no mention anywhere of your or your common nicname.

Purchasing a .com domain via blogger provides a hidden registration without additional cost, which is nice.


Re: The crash course emergency strategy for click bombing attacks fijinet 6/30/10 6:09 PM
Publisher1, great post. I just saw this one now which was related to your other one "FACING AND BEATING ....." 
Gracey Thanks for posting the links on your Blog in your post "Adsense - How Do I Protect Myself". Bookmarked! :D

This is really great info and shows how important it is for us Publishers to protect Adwords advertisers and in turn, our Adsense account. Being proactive in dealing with these issues is absolutely vital IMO if you're an Adsense Publisher.

Thanks again! 
Re: The crash course emergency strategy for click bombing attacks StevenG 7/3/10 12:56 AM
I don't see why Google can't stop displaying ads to specific ip's that are click bombing/frauding.

I mean besides that they are trying very hard to keep their invalid click detection filters and alerts a secret, the publishers gets punished for something that's not their fault (unless they're doing the clicks themselves).

If you use this turn on, turn off method, all you're going to do is paint yourself as a target as whoever is running the bot will see that your account later is still active and continue the attack then. So each time you turn on the ads back on, they'll attack once more until they see that no Google ads have been showing up for quite some time.

The best you can do is perhaps create a script where no google ads display when somebody has clicked too many times on the ads from a single ip. I don't see why Google won't just create an option in adsense so we can set ad thresholds to stop people from sitting there and clicking on ads all day. Like if a single ip has clicked X times in X minutes disable ads for that ip for X minutes. So this way Google doesn't give up any of their click fraud detection secrets, and then the people who write the bots in the first place know if the ads shut off it's not because Google detected the fraud necessarily, but it could be the publisher has set a threshold themselves to prevent abuse.

Now there is an upgrade I would appreciate from Adsense over the new look.
How about they spend more time on helping publisher's rather than alienating them?
Re: The crash course emergency strategy for click bombing attacks Zoilter 7/4/10 5:18 PM
@StevenG

I totally agree with you. Those on/off of your Adsense ads whenever you detect click bombing cannot help you out of this malicious attacker. I am once a victim of this click bomber and again 2 days ago I was hit again with this activity. I just use my friends name to create Adsense account. If this account will disable again I don't know what other alternative I can make to display Adsense again.

Google must act also to protect publisher and not only the advertiser.

I hope google will listen to your suggestion.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/4/10 7:51 PM
There are different ways in dealing with click bombers.  I realize that if you don't get to the root of the problem, you can have a recurring nightmare, but the "allowed sites" feature will generally deal with most situations once you know the problem's source.  Some click bombers may be exceptionally sophisticated but most have access to only a limited number of IP addrsses/sites and once you know where they are, you simply make sure they are not on the "allowed sites" list and/or use blocking software on your server to control or limit their access.

Things can get more complicated if you are dealing with an organized bot-net from multiple locations.  At the height of the attack against my account, the bomber used proxy servers to set me up as a victim of these nets.  I tracked down the network service operator and he co-operated in cutting off the attacker.

In the end, I had to reach hard and far to get to the root of the problem but I took it as my responsibility, not Google's, to solve the problem. 

However, aI agree that the click detection/fraud tools available to Google should be able to size up organized attacks and withh proper screening, respond to them accordingly.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/4/10 10:14 PM
You have to think of it as this is an attack on Google as when one site's account is suspended/banned, the bots will be on to the next one, and so on, and so on. It's not my responsibility to defend a billion dollar corporation's software, nor could they reasonably expect me to do so. I don't have the time or money to do so, while they have nothing but.

There is an ordnance in Los Angeles where the store owners are responsible for removing graffiti from their walls and could be fined, but when they remove the graffiti, people come back and put more graffiti on the walls. So it ends up becoming more like legal racketeering for the city to fine businesses who are having a hard time removing graffiti from their walls. You would think the city would setup cameras and possibly increased police patrols, but instead, they would rather fine the business and let the business owners have to deal with the expense of cleaning up a mess that they did not create and can not stop on their own. So that said, I feel it's like Google is saying "we're going to kill your income if you don't protect our system". Why does Google want to make it our responsibility to secure their system? Your bank doesn't do that, does it? If your account gets hacked, does your bank tell you to go somewhere else because you weren't there to stop the hackers?

So if Google wants me to be take part in helping prevent click fraud, give me the tools to do so and I'll give it my best shot, but to expect us to do it without their help is ridiculous.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/10 4:50 AM
StevenG, actually, in my situation, Google was helpful and I had direct communication with an AdSense Pro in part because of a complication that stumped everyone (I am certainly not sharing specific details in a public forum).

Yes, I needed to be aggressive in uncovering the click bomber but I applied several resources to solve the problem.  I couldn't expect nor would I ask Google to do this for me. 

As a rule, if you follow the advice at the start of the thread, you can protect your account without much time and effort by combining account/stats monitoring and effective use of the Allowed Sites function.  You will of course also cut your AdSense income to zero. 

The specific methods to overcome the click bomber will depend on a variety of circumstances and I expect the best approach to take will depend on these circumstances.  If you are dealing with a determined bomber who will fire again even when you take measures to stop him, I expect no technological solution (either from you or Google) will solve the problem.  One person familiar with the ways of the world in this community wisely told me:  "You will have to get to the bomber personally and communicate with him the serious consequences if he doesn't stop."  Again, I won't share in a public forum how I managed to achieve that result in this situation, but I actually had a couple of options available and used the simplest and most effective one available to me. 

In other words, even if Google can improve its resources to help in a click bombing situation (I think Google can) we must still have primary responsibility to guard our account and in the end we will need to take appropriate personal action to have the bomber(s) stop.  The problem after all is human, not technological, at core.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/5/10 11:33 AM
Now I'm confused......with the allowed sites list, if you exclude one of your sites it still allows the ads to show, and clicks to happen, but you don't earn anything from the clicks?
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/10 11:59 AM
That's correct.  The click bomber will think he is causing "damage" but you won't cause any harm to advertisers and he will be puzzled about why the account is never disabled despite repeated clicks.

The allowed sites provision is your first line of defense especially if the bomber is attacking from multiple sites which you cannot easily block.  Obviously you need to solve the problem or you won't make any money with AdSense, but your account is safe as long as you "ban yourself" from collecting revenue while the problem is unresolved.  And that self-action just takes a few minutes to implement.


Re: The crash course emergency strategy for click bombing attacks StevenG 7/5/10 12:11 PM
I never knew that.
Ya learn something new every so often by visiting here often I guess.
I mean I knew it would prevent a site from earning income from using your publisher ID, but I never knew it would do it like that.
I don't see why Google doesn't make it mandatory that everybody use it that way. Are they awake over there?
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/10 12:16 PM
It is our responsibility to know these solutions.  This is why I started this thread.  The AdSense Pro invited me to share observations here to help others out (as others in this community including several top contributors helped me).  The click bombing experience I went through turned out to be one of the most serious I think anyone around these parts has experienced.  The bad guy threw everything at me -- but could not damage my account as I proactively prevented him from causing harm to any of the AdWords advertisers.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/5/10 3:16 PM
But at the same time, you were giving out free traffic to advertisers.

That's what upsets me, a bot could cost me thousands of dollars and tho my adsense account would remain in good standing, it still would cost me revenue while giving free traffic to Adwords advertisers. I mean what if this went on for a whole month. It would cost Google bandwidth, and lost revenue on their end as well.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/10 3:21 PM
The challenge with clickbombing is that the nature of the problem varies.  Obviously, an alogrithmic solution to notify publishes and control the situation would be ideal -- but for now, we need to deal with it ourselves.  Recognize as well that the publisher more than Google is likely to know and/or trace the source as the clickbomber either knows or has some sort of relationship with the publisher to cause the malice.  So, ultimately, publishers are best equipped to track and cure the problem.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/5/10 3:47 PM
This is where I disagree, but it doesn't mean we can't remain friends.

Bots are more likely to hop by ip address to the next site than target a specific site on purpose.

It's the new version of war dialing, and the bots use sequential ip addresses rather than sequential phone numbers to dial up.

Google looks at traffic as a whole, so after one site got attacked if the same ip attacked another site Google knows it's an attack before the webmaster of the site does. Even if it uses another ip (proxy site anyone?), usually Google will see a pattern so that it can determine it's a bot and not a person. They could disallow the site temporarily from earning income, thus protecting the advertisers while not even alerting the publisher or anybody else. Oh gee, wait, they already do that don't they, but instead of simply turning off the income fountain and not alerting anybody that Google became wise to the bot, they ban the site, thus telling the bot owner...."congratulations, you succeeded in getting the account suspended."

I think we all can agree that most publishers get their account suspended for click fraud without even realizing what's going on.

Take my account for example, can I really police 10,000+ visitors a day across multiple sites in my network and reasonably even find the click fraudsters if they were using my sites so they can test Google's click fraud detection abilities so that they can find a way to remain undetected and then use the same techniques on their own sites to try and game the system? When my site doesn't get shut down, they can then reasonably assume the same techniques will work on their site, but if it does get shut down, then they go back to testing their methods on yet another site. This way they're not risking their own Adsense account and can test their fraud abilities on the next site on the ip list if the bot finds adsense on it.

It's not just about shutting down a site, it's about figuring out how to remain undetected for some. So of course they're not going to risk their own account at first. They'll risk yours or mine.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/10 5:51 PM
StevenG, I think most clickbombers are unsophophisticated  idiots with an axe to grind,  a score to settle, or a specific competitor they want knocked out.  Conversely, some fraudsters are much more sophisticated and I'm sure the ones who are smart play across many domains/sites for small amounts per site.  A very small number may play the testing game you describe but I think that group is even rarer in proportion to disabled AdSense account holders who win their account back on appeal.  It happens, but rarely.

I'm sure Google can improve their systems and in fact in my case, we uncovered some issues which will challenge Google's software engineers.  (I am not going to share the details openly.)

Click bombing is different than "click fraud" in that bombing is an assertive attack against site(s) which is very easy to see.  Good fraudsters want to be undetected for as long as they can, at least until they can rake in enough money.  I'm sure some very sophisticated fraud rings are operating but we won't know they are there if they are having any kind of success.  These rings presumably would be Google's biggest priority, not some sloppy AdSense account holders who allow a personal grudge and perhaps some greed (seeing the "unearned income arriving) to cause them not to take the simple measures to protect their account while they figure out and correct the problem.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/5/10 6:29 PM
Well then it all goes back to tools, and it appears that Google has provided one that we all should be using, the allowed site list.

At least there is that. They just need to add thresholds that can be set so that sites will be temporarily removed from the allowed list, like if one ip was clicking X times in X seconds, remove the site from the allowed list for X minutes, or if X clicks were detected within X minutes, remove that site for X minutes, etc.

Something like that.
Re: The crash course emergency strategy for click bombing attacks SDchecks 7/6/10 3:54 AM
Great and very helpful post indeed.
I am using stat counter and analytics on my two blogs. I would like to know how to trace ad click activity through stat counter? How shall I copy the IP address data of those clicked ads?
Thanks a lot for a delighting post.
Re: The crash course emergency strategy for click bombing attacks tenergy 7/25/10 12:27 AM
I am sorry but this all points back to google.  They have the money to create the programmers to stop this.  Publishers should be left to publishing, not spending time on finding ways to stop people from destroying their published website.  

come on google, it is simple to set up, if an ip clicks an ad more than a few times a month, stop validating the click and don't punish the webmasters.  

How simple does this need to be?

Re: The crash course emergency strategy for click bombing attacks Publisher1 7/25/10 3:06 AM
Can (and should) Google improve its processes?  Yes.  Can we manage our situation rather than wait/assume for Google o catch the problem for us?  Yes, too.  Is it wise to expect your client (Google) to take the responsibility of solving the problem of click bombing on your site/account when you have a tool that will (a) solve the problem and (b) validate your sincere and comprehensive effort to resolve it.  No.

As I noted before click bombings (compared to organized click fraud systems) are individual attacks mounted against individual sites and/or AdSense account holders.  As publishers, we are far more likely to be able to see and control the issue than Google and, based on what I've seen, the fraud detection system moves into high gear not immediately but closer to payout time.  This means if we see income that doesn't seem right and can track the source we can proactively respond (a) by cutting the unwanted income off at the head by using the "allowed sites" function effectively and (b) by reporting it before anything gets too far out of hand.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/25/10 12:59 PM
They have a team devoted to fraud prevention. They have the resources to prevent this. They simply don't want to. It's not hurting their bottom line much, so really why should Google bother? They're not going to make much additional money from the publishers that seem to be most affected by this (under $100 a month publishers). I mean honestly, it's not like you hear much of people saying they had their accounts disabled due to invalid click activity and were making $10,000+ a month, do you? Ok, maybe that one guy recently, but his site was junk.

It's like how 2 cents worth of a chemical per bottle would stop pets from thinking car anti-freeze tastes good. It took a few states to pass laws that required the additive to be put into the product before the manufacturers would do so. That's what Google is doing to us. Not putting their 2 cents worth of computer engineers to solve our issue we all have with the way they handle invalid click activity on legit publishers. They treat the publisher like a criminal and that's just wrong.

To be honest, I wish somebody would attack Google's ad servers directly instead of attacking the publisher's website.
I mean if there is a choice, I choose Google over the publisher. Make them spend thousands of dollars an hour because they have to bring in security experts and all sorts of people to figure out who's doing it and how to stop it.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/25/10 1:02 PM
I'd also like to add, what's to stop an advertiser from targeting a site with advertising and then click bombing through anonymous proxy sites in hopes that any valid clicks that occurred from that site will be deemed invalid, along with all the other invalid clicks and thus free advertising when the publisher's account is banned and the money returned?
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/25/10 1:58 PM
StevenG, on your last point, you are dealing with hypotheticals.  It would require quite a bit of structuring for a very small amount of 'free advertising" to pull a stunt like that, and if it happened to any scale, I'm confident Google's fraud team would give it a truly high priority and could isolate the issue.

On your first point, again, we have to look at the economics of small AdSense accounts.  Google sends 70 cents on the dollar to the publishers -- meaning it has $30 to pay all its operating costs (including fraud detection and management).  For the very small accounts approaching the $100 threshold or thereabouts, logically the one time for the automated fraud detection systems to kick in is at payout time.  The signal for fraud is the accumulated amounts of money and activity and when trigger wires hit, wham, out goes the account.  I am not disputing that the systems could be accelerated but again, sometimes it takes a few days to know that a bombing is under-way.  (The first day of the attack, I saw the possibility of problems but equally the possibility that the person was legitimately interested in my site.)  We have a trade-off here; if Google acts too quickly it may disable accounts before publishers can resolve the issue, if it is too slow, click fraud might become a greater problem as lazy publishers tempt fate on the argument that Google should "see" the problem and stop it before they take independent defensive action.

My point is we have the responsibiity to manage and understand our clients and our users.  I started this thread to show other publishers the tactical solution to click bombing attacks because I know the experience can be harrowing and agonizing.  Certainly systems need to be improved -- the attack on my account uncovered some rather serious issues (which I won't share in public) that need to be resolved.    But effective use of the "allowed sites" function is our first line of defense and, in my case, it worked the way it should have done -- and saved my account.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/25/10 3:47 PM
Actually the economics of small adsense accounts is what I'm looking at.
Google is basically saying that with smaller publishers they are doing nothing but costing them money, so when they saw this invalid click activity, they decided to shut the account down rather than to deal with the problem any further. Not a real solution as the click bomber goes to another site, and yet another site, and then another site. Laughing to his friends on the underground hacker's message board to his buddies about how many site's running Adsense that he got shut down.

Since you caught it in time, how much did you actually loose?
Did Google pay you on what it thought were valid clicks, or did they take everything away?

Re: The crash course emergency strategy for click bombing attacks Publisher1 7/25/10 4:49 PM
StevenG, as I noted before, click bombers usually attack specific sites for revenge or direct competitive reasons.  They don't earn any money for their trouble (they certainly don't get paid for the clicks) so the reason for click bombing is psychological rather than economic (except in the case of a direct business competitor).

I didn't actually lose anything.  I'm not sure exactly how the differential was calculated, but it looks like Google discounted the "revenue" that obviously originated from the clickbombing and left my regular income alone.  Of course, I lost some real income for the days I put all of my sites "off" the allowed sites list.  But I don't consider that the biggest price to pay.  It was the stress of dealing with a truly intense and multi-faceted "experience".

But there is a payoff even from difficulties; I certainly have a really good understanding of the AdSense program now.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/25/10 5:21 PM
No, I understand that click bombers are not doing it for financial gain.

It's usually some hacker that wants to brag to his or her friends about how many site's they got banned from using Adsense.
It's like a game to them. Who's got the highest number.
Re: The crash course emergency strategy for click bombing attacks Procrastinator 7/29/10 3:51 PM
StevenG, thanks for sticking up for the little publishers. What is being promoted here as the solution is a pipe dream, a distraction from the real solution, which is Google creating if not the program then the 'internal review system' to aide publishers. Google is the giant but news agencies say it's dominance is being threatened.    http://tech.fortune.cnn.com/2010/07/29/google-the-search-party-is-over/?section=magazines_fortune. Good relations with your customers goes a long way.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/29/10 4:23 PM
Well, Procastinator and StevenG, I am actually a "little publisher" too.  My monthly income from AdSense will hardly feed the family and, yes, I've been disabled.  For some reason (perhaps a characteristic throughout my life) I find ways to work around problems and grow through the process.  This is my first actual post as a "Top Contributor".  (No it doesn't give me any magical powers in the real world.)

Google of course has issues and challenges, notably from social networking sites.  The AdSense program as currently designed is not compatible with the web of relationships built from close (and nearby) personal connections.  You can't mix AdSense accounts and friendship -- the risk is simply too great of clicks being done for support (or click bombings for spite). 

Realistically, we have the tool to both maintain and protect our account from malicious attack -- specifically the "allowed sites" function.  I would like the system to have built in stats reporting tools rather than (as at present) expecting publishers to use third-party software to complete this monitoring, and there are certainly improvements that can be made in notifying and adjusting for invalid clicks.  But we can also take charge of our situation and do what we need to do now.  And, as my presence here indicates, there actually is a "second chance" for disabled publishers provided you think in a business-like way and work at understanding the rules while you build a site(s) worthy of the costs of going at it again.
Re: The crash course emergency strategy for click bombing attacks fijinet 7/29/10 7:10 PM
You can't mix AdSense accounts and friendship -- the risk is simply too great of clicks being done for support (or click bombings for spite).  

Well Said Publisher1, agree with you 100% on that one. Congrats on your new TC Status now :D
Re: The crash course emergency strategy for click bombing attacks StevenG 7/30/10 1:18 AM
Remember, any valid clicks they keep, but invalid clicks they return the money.
So let's say you pulled in $100 and 50% of it was invalid due to some click bomber or whatever.
Google is still going to keep 50% that was valid and disable your account, returning the other 50% to the advertisers.
So what if it's $10,000? Same thing.

So anyway, with click fraud, Google needs to give us better tools to combat this. Nobody can't seem to not agree with me on that. So why argue that Google is somehow right for doing nothing?

I mean it's great that the webmaster tools was upgraded and all so we can see actual queries and how our pages show up in those queries (even if nobody clicks on them), so I applaud them for that, but I think we all can agree it's not too much to ask for some click fraud protection that can be automatically set by the publisher. What if you were away at some internet conference? We're supposed to check our stats 24/7, even on Sunday while we're at church? Imagine while you're at church, somebody bombs your site and you get suspended immediately. Imagine in a few short hours your account gets suspended so that you can't even email Google to let them know you noticed some suspicious click activity and was about to remove your site from your allowed list, but.....too late, Google saw it first. Sorry you were praying to Jesus at Church. No more Adsense forever because you didn't bring your laptop and checked your stats between hymn's.

It's kinda funny how Google created a blocker for their analytics, updated the webmaster tools, came out with Google Voice and Google wave, is now working on a social networking thing, but doesn't seem to care much about click fraud. Maybe it's making them a bunch of money and they really need to keep their mouth shut? I mean after all, their #1 remedy is to suspend the account. So any valid click money, they still keep. Google wins either way. So why spend more money to combat a problem that actually allows them to take away any valid money from the publisher's anyways when a substantial amount of invalid clicks are detected?
Re: The crash course emergency strategy for click bombing attacks StevenG 7/30/10 1:23 AM
I'll add that this is like when the banks round your transaction down instead of up in dealing with fractions of a cent.
Over time, the banks walk away with millions.

So if you added up all the valid click activity from disabled accounts due to invalid click activity, you'd probably see millions they profited over a period of time. So where is the incentive for Google to lift a finger more? I'd like to give them one of mine actually..... :)
Re: The crash course emergency strategy for click bombing attacks PakHacky 8/8/10 6:30 AM
we cannot do anything to survive our account...
google will have to do something... may be google should not pay for the clicks which are wrong and same for the impressions or can charge the publisher a little but it is not good that go to the admin area and just block the publisher from adsense...

i had $25 in my account and all are gone... you'll think that this is too less but this is hopeful amount for me...
and what about those who have 100$ or 200$ or even more...
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/8/10 6:34 AM
Again, as I posted here, we have a responsibility to monitor our account and take measures to deal with the problem before the account is disabled. 

The emergency measures here are rather easy to implement but the basic issue underlying this point is the fact that if you see an unusual surge in revenue, especially after some sort of threat to your account, you should waste no time in stopping that revenue from pouring into your account.  You should not see it as a windfall, but as a disaster-about-to-happen. 

After you are disabled, unless you took measures before the disabling, your account is toast.  If you are disabled despite taking remedial measures (for example, you stop the attack a few days into the process and report the matter, but the "bots" still catch up with you at payout time, your chances of being able to reinstate your account on appeal, while not guaranteed, are relatively high.  But you can't decide to deal with the problem only after your account is disabled.
Re: The crash course emergency strategy for click bombing attacks heartuvgold 8/22/10 2:50 PM
I think it's a little unfair for Google to disable an account for invalid clicks where there's no revenue paid to the publisher or the advertiser. Nothing ventured, nothing gained, and it was on a page that was only accessed by members and wasn't being run in any type of mechanical site. I never made a dime from adsense. My account was disabled before I even got a chance to make any money. Apparently one of my members thought it was a good thing to "help me out" by clicking on my ads. They did it without my permission or knowledge and I have no way of knowing who it was. If there was any income at all it was only a very few cents. Also they don't disclose for sure why the account was disabled, and I was new to this when I first started. Do you treat all newbies this way just because you can?
Re: The crash course emergency strategy for click bombing attacks heartuvgold 8/22/10 2:51 PM
I don't even own the site that this happened with any more. How do I know that whoever bought the domain didn't do it in the first place?
Re: The crash course emergency strategy for click bombing attacks StevenG 8/22/10 4:56 PM
Google needs to explain why some publishers are getting banned and everything taken away while some are only getting some of their income deducted and can continue using Adsense. I've always suspected it was due to the ratio of invalid activity vs valid. If it surpases a certain ratio, your account gets banned, if it's less, then only the invalid click money is deducted and returned to the advertisers affected. No way of knowing for sure, but the theory sounds solid based on what I've heard from publishers on here.

It's quite obvious to me (and I'm sure most people) that Google can detect invalid clicks after they occur, and audit before any payment is issued. So why is click bombing such a threat? Google knows it's happening, where it's coming from, can use their technology to prevent it, or at least audit it, and shouldn't have to involve the publisher with any of it.

If we're going to be responsible for it, at least give us a way to combat it that doesn't involve us being log owls.
We should get alerts when Google thinks something is suspicious. Lately, publishers are just getting banned.
Not even a warning either.

Shouldn't we get an email like.....

Hey, it's Google.
Just wanted to let you know that we are showing suspicious click activity on your websites.
While we cannot discuss the suspicious click activity in detail because we need to protect our proprietary system,
we wanted to give you the heads up that if this activity continues for much longer we will be canceling your Adsense account.


Re: The crash course emergency strategy for click bombing attacks Publisher1 8/22/10 8:16 PM
StevenG, I expect it comes down to a risk/reward issue.  We need to remember that Google would not make any money if it spent virtually any human time on small AdSense accounts.  At a roughly 70/30 split, Google is going to receive something like $40 when it pays out the first $100.00.  Hardly enough for even a brief "human" review.

So the bots are programmed to look for suspicious things and probably the ratio of traffic to clicks is one of the key things -- the automated systems send out the disabled notice jst about the time payment processing is about to begin.  Larger accounts, clearly, get more leeway, but then again, there is more money involved for both Google and the AdSense publisher.

Warning systems, I think, are unjustified for the small accounts -- especially since these systems could also invite some degree of gaming.  they might be warranted for medium-sized AdSense accounts, I suppose.

The "cure" to this problem is to raise the entry threshold; if it is harder to get in, then it will be easier to allocate some resources to communicate about potential problems.  But that "solution" would cut off many thousands of smaller publishers who rightfully head to Western Union in third world countries for sums of money that would be tiny by North American or European standards, but are probably lifesavers for some families.  Alas, with this relatively easy accessibility, some people will try to game the system and others may be victims -- simply the law of large numbers at work.

(These forums serve a useful control and management purpose, of course.  Today, I reviewed a publisher who received a disabling email very similar to my more recent experience, but as I dug deeper, I saw a "Made for Adsense" site and, while I appreciate the publisher's plight, didn't feel that eager to push extra buttons to help.)
Re: The crash course emergency strategy for click bombing attacks StevenG 8/23/10 1:11 AM
I agree that there should be more better vetting of applications.

I don't see a problem with cutting off many thousands of smaller publishers if their websites are nothing more than filled with informational junk that you can find on just about every other website of their type. Cutting them off at the application time rather than cutting them off right when they're about to get their first check would be the time to do it. I'd rather have conversations with people on how to build an adsense compliant website than hear them complain about how Google ripped them off.
Re: The crash course emergency strategy for click bombing attacks 12123 8/23/10 4:43 AM
I think if there's more than 3 clicks from an ip address in 24 hours it should automatically ban it and if there's more than 5 clicks the revenue should be gone, but the problem with this is that I'm on a shared IP address.
Re: The crash course emergency strategy for click bombing attacks StevenG 8/23/10 3:32 PM
Think about it....

Somebody attacks your site and your thresholds set for clicks kicks in and instead of not seeing ads, they still see the ads, however no revenue is collected from those clicks. So as time goes on, the click attacks stop as the jokester realizes that either he's done the damage and Google will review the traffic and ban you later, or he was unsuccessful because his/her ip was banned. They don't know because the ads keep showing up.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/3/10 11:39 PM
Have you shut down the ads?
Re: The crash course emergency strategy for click bombing attacks Publisher1 9/4/10 4:09 AM
I appreciate that my "answer" for clickbombing doesn't seem to be effective for Youtube which (as far as I know) doesn't have an "allowed sites" function and where you don't directly control the adserving like you would with your own live website.  I wish I had an answer to these questions but simply don't know what to suggest.  I have raised the issue elsewhere to see if we can provide some answers but don't expect a quick response.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/4/10 9:59 AM
Google's take on this whole click bombing thing is if you don't protect your account, you're as guilty as the click bomber is.
Or at least that is how they treat you.

You'd think they would just suspend ad serving for your youtube videos, but their option is to let it continue or ban you (which will happen if they let it continue. Catch 22 kinda thing.)
Re: The crash course emergency strategy for click bombing attacks Publisher1 9/4/10 10:22 AM
As I'm not part of the Youtube program, I don't know what resources are available to publishers to defend their accounts.  If everything is hosted by Google and the publisher has no control over the site/account outside of Google's systems, then obviously it is unfair for the publisher to be expected to control and manage click-bombing type situations (I don't think the "allowed sites' function would help in the case of Youtube.)

this is one situation where my understanding of the best rules of the game within the AdSense silo isn't too helpful.  I've raised the matter on internal forums for Top Contributors but don't expect a quick response in part because of the interdisciplinary issues here.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/4/10 1:33 PM
It's the same old thing.
As publishers we can't trust even Google's own websites to protect us from click bombing attacks. So why bother creating content and put your Adsense account at risk should somebody hate that you get a lot of views and they don't? I'm not saying nobody shouldn't create content and find ways to get traffic to your sites because of it, but it's not worth the few dollars to put your Adsense account at risk to revenue share with Youtube. Let Google handle all the click bombing attacks and keep your account safe by not revenue sharing with Youtube. To be honest, you need a whole lot of views to get a few clicks to earn a few dollars here and there. The risk is not worth the reward (if you can call a few dollars a reward).

This is like a random shooting and a cop telling you it was your fault for getting shot.
...and here I am thinking maybe it's the guy with the gun who's fault it was for shooting you? How silly of me.
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/5/10 5:08 PM
Greetings Fellow Adsense Enthusiasts!

I must say that this has been a very interesting and informative (although absolutely BAFFLING) read.

The points made by both sides of this debate have definite merit.  As busines owners, we must be diligent with regard to our accounting, yet how can we be expected to police our sites without the proper tools with which to do so?

I simply do not understand why there is not already an automatic shutoff device installed in the Adsense program.

It would seem to me, based on my extremely limited knowledge of programming, that setting up an automatic detection device that will automatically determine whether account click activity is spiking, and then automatically remove the offending clicks from the income statement, would be relatively easy to have installed and automatically functioning within the Adsense/Adwords software.

This would PROBABLY take one single programmer at Google less than a week to code, a month to test, and a minute to implement.

My mind is simply reeling from the knowledge that some third party, over whom I have absolutely NO control, could visit my website while I am sleeping, click repeatedly on my ads, and I would wake the next morning to find my site, which I love dearly and depend on the revenue from for my survival, would be banned from using Adsense forevermore.

To those of you who managed to detect these happenings in time and took the appropriate actions to reduce the damage done by these nefarious individuals I applaud you.  However you must know that the VAST majority of individuals using the Adsense program wouldn't even know how to begin to combat such an attack, regardless of your instructions.

I would like to make a humble request to those of you who actually are able to contact living people who work on the Google Adsense program.

PLEASE ask them on behalf of all of us who are not nearly as computer literate as Publisher1 in a straight forward, respectful manner to kindly implement simple software that will automatically detect click-bombing attacks, and then automatically remove the charges that were to be made to the advertisers, and the payments that were to be made to the publisher.

And please stop punishing innocent patrons of the Adsense program who are completely unable to deal with the threats presented by immoral third parties.

Thanks for reading.
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/5/10 6:35 PM
Or even an imposed limit of 2 clicks per IP per day that would be charged would work...

Re: The crash course emergency strategy for click bombing attacks Publisher1 9/5/10 7:47 PM
Shirlok, I agree the systems are not perfect but still believe publishers have the responsibility and obligation to work to resolve click attacks.  The reason is that these are individually directed -- they are an attack on the publisher, and vary in circumstance and cause.  The publisher needs to isolate and solve the problem and the solution in most cases is not technological.

However, I also appreciate that we need the tools and level of control to deal with these situations, which is why I've asked for some more attention to the Youtube partners who are concerned about the issue.  Unlike regular AdSense publishers, they can't simply use the "allowed sites" function, so they are at a loss. 

Automated cut-offs and invalid detection resources are already in place, the problem is, they could still leave a small publisher vulnerable because too many invalid clicks invites the "account disabled" email.  "An imposed limit of 2 clicks per IP per day" may not be right or rational -- depending on the situation, a legitimate viewer might click on several ads within a site as the visitor explores the options available.  Different sites have different click through characteristics which can all be "normal" within the AdSense guidelines.
Re: The crash course emergency strategy for click bombing attacks Zoilter 9/5/10 8:04 PM
@Shirlok

I am currently working on this that limits 3 clicks per IP Address. Unfortunately I cannot get this to work with opera browser. But it is working great with other browser except opera.

My script is capable of banning an IP Address once 3 or more clicks is detected. I happen to develop this kind of script to protect my adsense account because I was a victim of click bombing before resulting to the termination of my account. Now I am using my friends adsense account to earn income from my blog.

I am thinking of selling my script but as of now I am working on it to support opera browser. Other option is do not display ads in opera browser as it has a little traffic compare to other browser.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/5/10 10:49 PM
It's become apparent now that not only is using Youtube a bad idea, but so is using any of those free content hosting revenue sharing sites.
If your ads get attacked your account will be banned.
Re: The crash course emergency strategy for click bombing attacks BarrachObama 9/5/10 11:27 PM
StevenG

The last ten posts of yours on this forum do nothing but belittle the services of YouTube offered by Google corporation

I can understand critique where its due but you are overstepping by telling YouTubers who are coming on here to find help and those others who come looking to join adsense that somehow YouTube Partner program isn't such a good idea

Well let me put it this way, if I were the guy or gal who reinstated your adsense account recently I would be thinking about pulling the switch off once for good
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/5/10 11:29 PM
@Publisher1

I agree that a certain amount of responsibility falls on the shoulders of the publisher, however I completely fail to understand how a publisher can be held accountable for an attack that was created by an anonymous third party for the sole purpose of adding another shut-down website to their list.

This boggles my mind that a company with the resources and programming capabilities that Google has would not have considered a one-time cost out-lay to program in a manageable safeguard that the publishers could then implement or not at their own discretion.  I am sure that the cost would be recouped nearly instantly by the sites that would no longer be shut down and would still be running Adsense ads.

You were very fortunate to have been able to detect the problem on your site within a short frame of time, as well as to have the resources and computer know-how to freeze your account and then receive help from various contacts and peers that were able to help you to track down the culprit.  I would speculate that fewer than 1% of the rest of the Adsense users would have those resources available to them should they find themselves in a similar situation.

However, if you were on vacation, or volunteering in a third world country with limited internet, or camping for a week in the woods when that attack on your website took place, you would not have been able, even with all the resources at your disposal, to keep your Adsense account.  I would also suggest that you would not be a top contributor on this forum either as Google would have just cancelled your account rather than rewarded (and justly!) your competence in preventing your site from being canceled.

I greatly appreciate the steps you took and the problem-solving skills that you were able to implement in time to prevent the cancellation of your account, however I question exactly how you would expect us to police our sites in the manner you describe when the lives we live are all so different, and the demands placed upon us by time, location, and internet availability basically eliminate any possibility of regularly checking on our Adsense accounts.

Are we to no longer go on vacation for fear of losing our Adsense accounts? Are we to no longer volunteer in the parts of the world that require the most aid for fear of losing our Adsense accounts? Are we to no longer be able to take a long weekend away with our families for fear of losing our Adsense accounts?  Of course not!  I have faith in Google's ability to solve these problems in the efficient and forthright manner that I have come to expect from the organization.

I feel as though publishers are being blamed and punished for the immoral actions of an elusive few whose actions are resulting in absolute destruction of perfectly functioning websites.  I have researched other pay per click organizations and I know for a fact that given a choice, I choose Google Adsense over ALL of them every time!

Google's current policy regarding click-bombing seems similar to blaming a victim for being targeted by a criminal.  Does this truly seem right to you? This policy would seem to go directly against Google's primary mandate of "Don't Be Evil".

If possible, would you please forward these questions to the Adsense team?  I would like them to understand that not everyone is able to constantly monitor their Adsense accounts as often as I now see is required to safeguard the contracts that we have entered into with Google Adsense.  I am more than willing to work with them to resolve this issue as I am certain that this is a prominent concern to many Adsense users.

Thanks again for your time,

Shirlok

 
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/5/10 11:30 PM
@Zoilter

I am interested in your script and how it interacts with the Adsense program.  Until I decided to improve my Adsense knowledge base and read random forum entries, I had no idea that such attacks could take place and your program sounds like something that could be implemented as a safeguard for an Adsense beginner like myself.  Also that program seems like it could take the power to destroy completely away from the unhappy people who are trying to bring misery to those of us using this wonderful program.

I would gladly trade the few extra ad clicks that I might miss out on for the security of knowing that no such bombing attack could ever be implemented against my site.

Would it be possible to set the ban for a period of time rather than as a permanent one?  Or perhaps a click limit warning to the user in question stating that they are nearing their maximum daily ad viewing limit that I can impose upon my site?

The last thing I want is to have some angry destructive individual end what is becoming a wonderful relationship with a wonderful company without me being able to do anything about it, especially if I am asleep!

Shirlok
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/5/10 11:50 PM
BarrachObama

I was just re-reading that section of the terms of use when I got the notice of your response. Fun coincidence! 

I am certain that Google has quite a few brains at work on this particular challenge, I just don't like how someone I don't know is currently able to destroy something that I have spent quite a bit of time and effort building without my being able to do anything to stop them if I'm away from a computer for an extended period of time.

This concept is very frustrating for me and I hope that a speedy resolution can be reached by the people who implement the programming and policies for Google Adsense as they can only win by keeping more publishers as clients.

Thanks for the response,

Shirlok
Re: The crash course emergency strategy for click bombing attacks Zoilter 9/5/10 11:54 PM
@Shirlok & BarrachObama

The technique I use is the same with OpenX. If OpenX doesn't comply with google adsense terms then all of the publisher using OpenX to display their adsense ads will be banned. As I read carefully about the terms and policy of  google adsense I believe that my script did not interfere on the adsense code. It is just like statcounter that records a statistics like # of clicks.

The only difference is that my script will banned those IP Address that exceeds the maximum # of clicks.

I'm still open for any ideas as to whether a third party script is prohibited or not in google adsense policy.
Re: The crash course emergency strategy for click bombing attacks Publisher1 9/6/10 12:04 AM
We should remember that in managing a site with AdSense on it, we are operating our own business.  Business owners certainly can take vacations, but we don't expect our clients to monitor our business for us!  We build in control and management systems and either work with employees or trusted consultants/suppliers to help out.  Google, in the context of AdSense, is our client.  It is our responsibility, not Google's to prevent abuse.

That said, right now I think if you are a Youtube "partner" you are taking an inordinate amount of business risk in the existing arrangements with Google because you simply lack the ability to manage and contol your business relationship in the most fundamental way.  If someone elects to click-bomb your video hosted by Google on Google's servers, with Google controlling all the coding and tools associated with your creative work, well, you are truly in a mess if something goes wrong.  I think in these circumstances you would be wise to forgo the revenue offered by Youtube until you have the right or Google guarantees the resources you need to conduct your business effectively.  On this issue, I have asked for clarification and hopefully we will get some useful answers.  The louder the chorus seeking assistance in this important issue, the better the chance we will find a solution reasonably soon.

For AdSense, my recommended solutions do not require exceptional resources or time and yes, you can still take breaks.  Generally, a daily check of your account is in order.  If you expect to be away for a long time and your account is valuable (and the income is significant), hopefully you will have trusted employees or contractors who can watch things for you.  Alternatively, you can turn your "revenue" off while on vacation -- a reality that most self-employed extremely small business owners face when they take breaks.  Finally, you can simply build in your own daily checks while on vacation, something I have certainly been able to do.  (One or two minutes a day certainly doesn't ruin a vacation -- and I generally build some controls in my vacation schedule to allow me to connect with my business back home; I can still enjoy my break but don't think I need to totally disconnect.) As I've noted earlier, it is hard to expect Google to manage this stuff for us in micro-detail because there are many variations and differences in what might be acceptable and also, if Google shares too much information, the not-so-honest people will use this information in harmful ways.
Re: The crash course emergency strategy for click bombing attacks Publisher1 9/6/10 12:13 AM
While you cannot alter the AdSense code you certainly can build in controls on your site to manage and observe who is visiting your site and to block/restrict access to specific IP addresses etc.  if you are concerned about whether your actions would be in violation of Google policy, you can seek clarification from Google with this form.

https://www.google.com/adsense/support/bin/request.py?contact_type=policy_clarification
Re: The crash course emergency strategy for click bombing attacks Shirlok 9/6/10 12:15 AM
@Publisher1

The squeaky wheel gets the grease!

Everything you say makes perfectly logical sense, and I certainly understand that Adsense is constantly evolving.  I just had no idea until earlier today that such a thing as click bombing even existed!

To think that I could lose my account in such a way IS unsettling and I will take appropriate action to prevent this from happening to me as best I can.  I can't help but wonder about those who use Adsense who have no idea that such a thing can happen to them...

Thanks for bringing this topic to the attention of the Google-ites in charge, and I shall continue to raise my voice in song until these hymns of need are met by the Adsense Team.

Shirlok
Re: The crash course emergency strategy for click bombing attacks Publisher1 9/6/10 12:42 AM
Well, I'm a somewhat extreme example of a "squeaky wheel" but simply applied some basic principals by hanging around these forums and volunteering to help others who had been disabled after surviving my own account disabling, by having the good fortune to hold both a personal and business AdSense account at the same time.  I justifiably lost the business account for policy reasons because I wasn't monitoring the rules at some crappy sites I had with active AdSense code; but the personal account survived.  

So as I learned the ropes of how things really work with AdSense, I started helping out here and after a while, some people started taking notice.  There are informal processes and intriguing (only partially visible) peer support systems on these forums so after you work in these spaces for a while, long before you get the special 'Top Contributor" badge, you can connect with others who can help if needed.

And I certainly needed some support when a click-bomber decided to put me to a real test in the spring.  I doubt anyone in these parts has experienced so many squeaks in the wheel as I did those two weeks -- so, yes, I was able to ask for, and received, some grease!


Re: The crash course emergency strategy for click bombing attacks StevenG 9/6/10 2:07 AM
As long as the code never hits the page, then there is no interruption of the Adsense code as it's never hits the page when the script finds the threshold to be met and doesn't display the code. It's perfectly ok as the code never gets sent to the visitor's browser to be executed. Let's say also that after X page impressions from the same visitor you want ads other than Adsense, I'm sure your script could be modified for that as well.
Re: The crash course emergency strategy for click bombing attacks Zoilter 9/10/10 7:35 AM
@shaynahertl

I'm afraid you will be banned if they keep on click bombing on your ads. All you have to do is disable all your ads before google ban your account.

In my case I created a script to ban the IP Address of the attacker. So now I am at ease even when I'm away from my computer 'cause it automatically ban the attacker.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/10/10 12:43 PM
It's an outrage that Google's only defense is to not make money with Adsense.
I think we all agree on that.
What to do about it, is also agreed, remove the ads, or remove your domain from your approve site list, and report it to Google.

Either way it halts your income making abilities from Adsense and this seems to be the official Google response as to how to deal with it.

If they keep on doing this for days, weeks, or even months, then you can't make income from Adsense while it's happening.

I would log all the ip's they are coming from and investigate further if it's from proxy sites or direct.

If it's direct and from a lot of ip addresses that look like normal visitors, I would suspect it's some click bomb malware bot that has infected their personal computers. I'm sure a network admin from whoever their isp is would love to help you stop it since it's an attack that's originating from their network.
Re: The crash course emergency strategy for click bombing attacks jchollins 9/11/10 7:11 PM
 Where exactly is the "allowed sites" function?  How do I get to it to allow or disallow sites?  Thanks.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/11/10 8:03 PM
Adsense Setup Tab.
Re: The crash course emergency strategy for click bombing attacks tushi 10/3/10 3:57 AM
I have just started  using adsense
and i have 20-30 clicks per day
i have $10 in 2 days
I thought this is too much

Pls tell me whether it is fine. When do I need to worry about click bombing? How many numbers of clicks would be called as click bombing
Re: The crash course emergency strategy for click bombing attacks Publisher1 10/3/10 4:05 AM
Tushi, it is wise to start your own thread for new issues.

Are you monitoring the source of your traffic using stats measuring software (such as statscounter.com)?  Until you do and can satisfy yourself about its legitimacy, I recommend you "deny" income to yourself by using the allowed sites function to "ban' your own account (you will need to create a page/site with NO adsense ads on it, to give as your one "allowed site" to do this.

The income is high for a new site if you haven't established traffic or visitors.  It isn't unreasonable for a well-developed and successful site (but these are rare for new adsense account holders these days).
Re: The crash course emergency strategy for click bombing attacks tushi 10/3/10 1:14 PM
I have statcounter enabled on my website and monitor my account through it
but I could not understand this banning my account thing. why is it needed?

Re: The crash course emergency strategy for click bombing attacks Publisher1 10/3/10 2:57 PM
you need to prevent harm to AdWords advertisers through invalid clicks.  By removing your site from the "allowed sites", your ads remain on your site and everything appears normal to outsiders including the click bomber, but you don't earn a cent of revenue -- and of course the AdWords advertisers don't suffer any harm from the malicious activity.  This prevents your account from running into problems.  Of course you will want to solve the problem of the click bomber or you won't earn any revenue with AdSense -- but it is far better to stop the revenue short term while you solve the problem than to allow the money to arrive in your account, only to receive the "account disabled" notice later (usually about the time you are expecting your next payout.)
Re: The crash course emergency strategy for click bombing attacks venn99 11/4/10 10:16 PM
ALL THE CLICK BOMBER HAS TO DO IS TAKE YOUR ADSENSE CODE AND CLICK THE ADS ON WHATEVER SITE IT IS ON THERE IS NO PROTECTION AGAINST THAT, THAT IS WHAT IS HAPPENING.
Re: The crash course emergency strategy for click bombing attacks StevenG 11/4/10 10:30 PM
Actually there is if you have been paying attention.
Re: The crash course emergency strategy for click bombing attacks Shirlok 11/5/10 6:38 AM
It would seem to me that Google could easily and simply solve this problem by doing what they are already doing when payment time comes.  They verify the authenticity of the clicks made anyway, and when they see that a HUGE number came from the same source why not just automatically not include the revenue from said clicks? Google does this ANYWAY already!

To delete an account when there are already protective measures in place doesn't make any sense.  Why not just use the software that Google already obviously has in place to remove the charges from fraudulent clicks?

It seems silly to delete users who really have no legitimate way (regardless of the suggestions made here) of protecting themselves from malicious individuals when there are already safety measures set in place by Google that can deal with exactly this type of problem.

Hopefully one of you top contributors will get in touch with a living breathing Googlanarianite and perhaps suggest that they simply use the programming that they already have in place to deal with this problem and ease the minds of every single Adsense user from this point forward...


Re: The crash course emergency strategy for click bombing attacks Publisher1 11/5/10 7:23 AM
Shirlok, I disagree with your observations because Google's first responsibility is to its advertisers not to publishers -- and our responsibility as publishers is to respect the needs of the Advertisers and Google.  Certainly, within limits (which Google will never disclose publicly), there is tolerance for some invalid clicks and special circumstances, but there are far too many publishers trying to game the system with "fast money" from friends and family.  More seriously, some more sophisticated operators set up systems to avoid detection and Google needs to spend significant resources and effort to overcome these scammers.

The result is that Google cannot and will not explain "why" it catches something irregular but Google most certainly will respect pro-active efforts by publishers to deal with the problem if we are up front and quick to respond to the situation.  We need to take responsibility for our own pages and accounts and not simply rely on Google catching the problem.  (I realize there are problems with the YouTube situation as there at present as far as I know not similar solutions to the Allowed Site measures outlined at the start of this posting.)

There are human beings behind the Google "borg" as I thankfully discovered some months ago when I started this thread after surviving an incredibly severe click bombing attack.  The same alogrithims "caught" me as well, and indeed I received the "account disabled" email.  But of course I had observed the suggestions I made here, so it didn't take long for the disabling to be reversed (and, much to my surprise, to receive a "Top Contributor" nomination.)

The latter ability allows me to offer practical help and sometimes a direct line to Google when I see a problem in progress -- but I simply cannot "help" people who waited until they they received the "account disabled" email BEFORE taking pro-active measures to deal with the click bombing issue.
Re: The crash course emergency strategy for click bombing attacks Shirlok 11/5/10 10:59 AM
I understand and agree that being pro-active is an excellent stance to take with regard to reducing the potential damage caused by these click bombers, however I would like to point out that regardless of whether you do block your personal site or not,  the Google program that determines whether a click is valid or not will remove all the clicks made by the bomber from your income statement anyway.

This problem is already solved by the existing programming.  It makes no sense to disable accounts for click bombing when the click bombing income is automatically removed by the click validity software after reaching your payment threshold anyway.

Seems silly to disable accounts for something that really is not a problem at all anyway. 

S.


Re: The crash course emergency strategy for click bombing attacks cecilioamar 11/5/10 11:28 PM
Shirlosck- Now that is the mystery that makes everyone neurons spark so fast  that help decrease serotonin levels in your brain. But what you wrote is a solution that is not used in it's full potential. Why it is not done is for the moment a mystery. But I guarantee you by all laws of deductible reasoning, someone will come out with the secret. Part of being a human being.
Re: The crash course emergency strategy for click bombing attacks danielanaidu 11/29/10 5:58 AM
I am currently going through a situation that I would call more of an "impression" attack than a "click" attack. The home page of one of my sites averages 800 page impressions in AdSense per day. On November 27, that page had 90,000 impressions reported in AdSense, but only about 700 impressions reported in Google Analytics. The problem continued on November 28 and is still continuing today. I had my hosting company check my stats and there is no unusual activity and certainly no spike in traffic. I removed all AdSense ads from that page on the 28th, but I am still getting impressions. I used the allowed sites setting, but I am still getting impressions. I even removed the channel for my home page from my AdSense reporting and I am still getting impressions. On the 28th I submitted a notification to Google, but I haven't heard back yet. Does anyone have any idea what could be happening? And also, how long before you think I will get a reply from Google? I am not getting clicks (so no increase in revenue), just impressions which is really hurting my eCPM and my CTR. Any advice would be greatly appreciated.
Re: The crash course emergency strategy for click bombing attacks umainthirty 12/10/10 11:31 AM
Publisher1 @ Thanks for your suggestions.Recently I have seen my account report that 263 impressions 164 clicks in my a particular site.It has been noticed by me with in 4 hours and I have informed it to Google with particular form (got here in your article).But it noticeable that my earning is not increased which is fully normal less than other days .Just it is increased the CTR .Kindly suggest me what i will do in this type activities. This is the first time happened for me .My other sites are doing normal and general .  
Re: The crash course emergency strategy for click bombing attacks kevstone 12/10/10 3:48 PM
I just had the dreaded email: "We recently detected a significant level of invalid activity on your AdSense ads"

I've been advised in another thread to remove all sites from my Allowed Sites section, which I have done so whilst I figure out the problem, which might be a 'click bomb'.

Do you know if/how I can check the IPs of people who click my ads using the logs from IIS (the web server that runs on Windows machines)?

Re: The crash course emergency strategy for click bombing attacks Publisher1 12/10/10 4:24 PM
umainthirty, it is possible that Google determined the intense volume of clicks were invalid, and simply didn't pay for them.  However, you cannot rest easy until the attack subsides. You are right to report it, and you should have a stats program to see if you can get additional information about the excessive clicks.  Also, keep your site off the Allowed Sites list until you have the situation under control.  While the Allowed Sites is not recognizing your site as valid, of course, all of your clicks will register zero income, but you can still track and assess from where they are arising.

Keystone, I don't know anything about IIS logs so I can't help you directly there.  I've used statcounter.com, which provides a free service (maximum number of retained records is 500), which, if you check it frequently enough, should provide you with the information about the source of the trouble.
Re: The crash course emergency strategy for click bombing attacks kevstone 12/10/10 4:31 PM
If I use statcounter.com I'm presuming that this doesn't modify the AdSense code at all, and so I stay within the current terms and conditions.

Does statcounter.com list the IPs and the number of adverts they've clicked - making it easy for me to see who the culprit is?

I've had a number of problems with a few IPs this week doing other things, and I suspect that they might be the cause of the invalid clicks.

What is the best way of contacting AdSense to let them know what I'm doing to address the problem? Thanks.
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/10/10 4:44 PM
Statcounter certainly doesn't alter your AdSense code.

It will tell you where people are coming from (that is, which IP address etc), and probably which pages they are viewing.  If they click on ads, you may also see "exit link" indicators and get some more information (though I'm not sure if you can use it to isolate the specific site.

Attached is information on reporting invalid clicks.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/10/10 5:12 PM
Publisher1, That's one message that doesn't seem to get through too much unfortunately.

PakHacky, If you see anything goofy for which you believe you're being attacked you're supposed to use the approved site function in Adsense and make sure any domain that is being attacked "IS NOT" listed on the list. What that does is still allow the ads to show up, but no clicks or impressions will go towards your earnings as long as those domains "DO NOT" appear on the list. Once you are certain or suspect that the behavior has stopped, you can place the domain on your list and start earning again. Alerting Google is only part of the deal and you should first immediately use the approved site list in the method I described to protect your account. What if it takes a week or longer for them to respond while you were just letting the behavior occur?
Re: The crash course emergency strategy for click bombing attacks umainthirty 12/10/10 5:17 PM
Publisher1 @ Thanks for your advice .I have already keep a few site in allowed site list which are few visitors and known to few people .My higher traffics sites are not allowed .But one thing i have to ask that how many days i will keep it (allowed site option). In case of tracking i just use feedjit.com which gives only 40 nos tracking .your  suggested statcounter code affected site opening (some are stated here and there forums).Please suggest me which one is better for me as I am a smaller publisher who earn $2 to $20 daily .
Re: The crash course emergency strategy for click bombing attacks StevenG 12/10/10 5:22 PM
Usually with the free versions of the tracking systems they have a paid option so you are not limited to how many visitors or pages they will track in a day or month. You may wish to look into paying for one of them so you can see the additional click traffic you are not seeing when you run over the free limit.
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/10/10 5:47 PM
It depends on your traffic and activity.  My sites and revenue aren't huge either (I earn a bit over the minimum each month -- thankfully I don't rely on AdSense as my primary income source), and the 500 limit with Statcounter is enough for a day or two (and you can download logs to keep permanent records). 

As for the length to keep your site off the  "Allowed Sites" list that depends on what happens -- as long as irregular things are happening , it should stay there; also if you expect to be away from the sites for more than a day (or half day, even) during the time when you are concerned.  You need to be exceptionally vigilant until the problem ends.

Now, when the problem "ends" is (as I learned during my own crisis) is frankly a human not a technological issue.  In other words, you either need to find a way to convince the click bomber to stop, or you need to find an effective way for him to be ineffective.  Each situation will be different.  In some cases, the troublemaker will simply tire out and move on.  In others, you might need to get law enforcement involved.


Re: The crash course emergency strategy for click bombing attacks umainthirty 12/10/10 5:58 PM
Publisher1@ Thanks for your quick suggestion !!! i have created statcounter .com tracker now.Then now can i say that my account is save mood !!! I have done all precautions as it is suggested by you and other contributors of this forum .Thanks again for the advice and help.
Re: The crash course emergency strategy for click bombing attacks kevstone 12/12/10 3:56 PM
Re: Statcounter

I've tried statcounter, but I have too many exit links and I can't sensibly check them all as I have to click in the magnifying glass to see each one in turn and there are too many. The downloadable log file doesn't contain this information, and an email from statcounter support seemed to confirm this.

Also, the exit click information doesn't appear to be in the raw IIS logs from the web server either.

Are there any other ways of finding out if I'm the victim of a click bomb? Can you get this information from Google Analytics?
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/12/10 4:20 PM
Do the exit links correlate with anything in common?  Do they seem to be abnormally higher or increasing over time?  You are looking for signs of irregularities and some degree of consistency within the irregularities. Do you notice anything irregular in your inbound traffic? For example, I received a surge of visits from various particpants in a link-sharing/clicking scheme from around the world, but they all showed common antecedents -- and I was able to reach the operator of the service (based in Ohio).  He "turned the bomber off" (only to set up another stage of the attack.)

If there isn't anything out of the ordinary in your visits/traffic/frequency (including repeated clicks in short spans of time from similar locations) then maybe your problem with invalid clicks relates to site design, causing people to click mistakingly and then move on before they should.  That is not a click bomb situation; that is a site design problem.

I don't believe Google Analytics provides more useful tools than statcounter to assess the issue but it is a worthy resource, nevertheless.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/12/10 8:04 PM
The problem with scripts is going to be always the same, they can be disabled.
I have disabled analytics on all the browsers for all machines here in the office.
Mostly because I don't want to record my own traffic on my own site through analytics.
I have too many sites to keep adding them to the list, so I just block analytics on all sites.
However I'm well aware all my impressions show up in Adsense, of which I don't care, else I'd block Adsense too.
Hmm.....nah.

The problem with Analytics is it doesn't show exit links.
So something like Statcounter does.
On our main site we use Clicktracks, and eventually we'll be using it on all our other sites, but it's a bit costly, but effective.
If there is one thing I've learned about stat programs, it's that never one will do. What is great in Analytics is poor in clicktracks, but what Analytics doesn't have clicktracks does, which is exit links.
Re: The crash course emergency strategy for click bombing attacks senthilmd 12/16/10 9:04 AM

What will be the case where our sites are accessed through net cafe (India) or universities or office proxy server? I hope Google should understand and avoid these kinds of clicks and will not charge the advertiser. But now its keep on banning accounts. For me I have just opened account and started to market and participate in general forum and social networking. How can I know my link is clicked from same IP and it is easy for Google to avoid these clicks.

Another case my account have articles and many links. People coming to website for knowledge gaining sure will try to explorer all Google ads. Even when I was reading some articles I did this. In that case that adsense of that guy should be banned.

 

Google should rethink this kind of ban.

 

Senthil Kumar M.

http://www.kanthanmmills.com/

 

http://stores.ebay.in/Ticson-Kids-Wear

Re: The crash course emergency strategy for click bombing attacks Publisher1 12/16/10 11:58 AM
First, once you are disabled, you really are out of luck if you didn't deal with the problem before you lost your account. 

Where and how the clicks originate, doesn't matter if they are invalid.  If there is a clickbombing or other sort of attack, your first and crucial objective always must be to avoid harm to AdWords advertisers.  In other words, you must stop the clicks from generating revenue for YOU.  Once you have done that, you can explore what measures you need to take to solve the problem.  If you cannot find a solution, you should not have an AdSense account.  AdSense's priority is always for the AdWords advertisers, not us as publishers.  After all, they are paying the bills here.

If someone goes to your site and explores a number of ads, this in itself isn't a problem.  But Google's computers can detect if this sort of activity is going beyond norms -- that is, if the click through rate, on the whole, is "too high".  If this is happening for legitimate reasons, you will need to document  exactly why this is happening.

Also, realzie that some parts of the world have more problems than others with this sort of problem.  In India and other areas where the money from Google can truly provide a significant income boost where you wouldn't otherwise earn this sort of money, naturally there can be a temptation to bend the rules and hope you won't get caught.  Alas, almost always, you will be.  And once you are, it is too late.  (I am not accusing you individually of wrongdoing here -- I am speaking in generalities only.)

Re: The crash course emergency strategy for click bombing attacks seamist61 12/17/10 5:05 PM
Question for Publisher 1
 
I am a small time Adsense publisher. I normally barely make the payment threshold each month.
 
Shortly before Thanksgiving, I was locked out of my yahoo email, adsense/gmail account, amazon account, and Hubpages account. Although I was able to restore access to my yahoo email and amazon account, I was not able to restore access to my adsense account. Unfortunately, the hacker somehow changed my passwords and the secondary email address to reset my password. Although I posted about the problem on the Adsense help forum, it took four days to get my account flagged for an adsensepro, and even longer because it happened right before Thanksgiving.
 
By the time I was able to finally get access to my adsense account again, much damage had already occured. From Nov 17 through Dec 1, instead of showing my usual $100 of earnings, my account showed over $1200.00 with earnings. I reported that to the Adsensepro. On Dec 2, I recieved a notice from Adsense stating ads had been disabled to an account, but it didn't say what account. I also recieved a notice from Adsense stating that my payment info had changed from delivery by standard to mail to a bank account transfer.
 
During this time, I have not been able to maneuver around in my adsense account, and I still cant. When I try to access something, my computer just get stuck even though I have tried logging out, clearing the temp internet files, checking the other settings they advise, and logging back in. Consequently, I have had to use my bf's computer. When I got on my bf's computer, the hacker had put a payment hold on my account and changed the payment to an electronic bank transfer going to a bank in Palm Desert, California. Consequently, I restored the setting to where they were suppose to be. 
 
During this time, I also recieved a notice from adsense stating ads had been disabled on an account, but it didn't state what account. On the Dec 13, I recived another ads disabled notice. This time it listed the site.
 
While browsing around the adsense account, I noticed youtube was under access sites in addition to Hubpages so I disabled you tube. Since then, I also engaged the allowed sites feature. It has shown an unauthorized site called guardafilm.. From December 1 through 11, the clicks and page impressions returned to normal again. Then for three days I normal page impressions but sky high clicks --- on day I had a ctr of 5000%. 
 
Now I've removed everything from my allowed sites except one site which they require.
 
I feel so helpless about all of this and what to do. I have to commend you for trying to educate adsense users about what to when this happens because I think until it happens to them most adsense publishers have no idea what to do.
 
My question is even though I informed the adsensepro about all of this, is it more than likely my account is still going to get disabled come payday time?
 
Secondly, is google going to do anything about catching whoever is doing this illegal click activity or is there only concern not paying for any invalid clicks?
 
Thirdly, I still can't access anything except the daily earnings in adsense account. I keep telling them on the forum that I have alreadylogged out, cleared my temp internet files and cookies, checked my setting, and logged back in, but they keep sending me the same advice.
 
I don't what the answer to this click bombing is. Since my earning site is Hubpages I can't install a stats counter.
 
 
 
 
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/17/10 6:41 PM
First, I read that you were able to access your account through your friend's computer but not your own.  In that case, the issue is with your computer, not AdSense.  You presumably should take it to a local service provider to be checked for viruses, comprimises or other problems.  i wouldn't use it until you have it thoroughly checked as you may have various forms of malware installed on it.

Regarding the "cause" of your problem, you cannot nor should not expect Google to solve this issue for you.  You will need to figure out what the problem is, and how to solve it.  If you are using the allowed sites system properly and have control over your account/password and other resources, the troublemaker should not be able to cause damage to your account if you use the allowed sites function properly.  If, despite using the Allowed Sites resource on all of your sites, you are still seeing some unexplained income, please let me know.  This is a special kind of problem -- one which I encountered during the attack on my account, which led to the intervention and assistance of an AdSense Pro (who couldn't actually solve the problem, but at least reassured me that it wasn't my fault!)

Now, if you are lucky, the bomber will grow tired and just leave, or your code will be stuck on a variety of sites which won't matter at all because AdWords advertisers won't pay for these clicks. 

In my case, the AdSense pro arranged to remove the unearned revenue (from the click bombing) from my account through some sort of manual process, and then everything seemed fine -- only for me to receive the automated disabling email a few weeks later.  But, like you have, I had the email address of the Pro, who communicated with the fraud detection people elsewhere in Google and helped me restore my account within 24 hours.  I can't be 100 per cent sure you will or won't have the same problem/situation, but the fact that you dealt with the situation, there is obvious evidence of hacking, and you have started using the allowed sites resource properly is a good sign.  But I should note during the 24 hours offline several of my forum peers were very concerned for my future because sometimes things just don't work out the way they should.  All I can say, if that worst case happens, if you are only earning near the minimum, I can't imagine that the loss of the AdSense revenue will change your life.

So, in conclusion, have your computer checked by someone locally for viruses and malware, ensure your allowed sites function deny access to your account until you sense things are under control, then gently allow the sites where the visits should come from (ie your hubspot addresses) and let us know if you are seeing unexplained revenue especially on sites where you have not allowed access. 

It's a mess, but you can get through it.
Re: The crash course emergency strategy for click bombing attacks richards1052 3/3/11 4:15 PM
Publisher1: My Google Adsense acct. has been disabled because of click fraud at my blog.  I can't review any information about my acct. to answer any of the questions you raise above.

I've appealed to Google to reinstate the acct. but don't know what will happen.  If they do reinstate me what can I do to prevent malicious visitors who don't like the political views of my blog fr damaging my reputation?

Another thing I noticed: I get regular extended length visits from Valueclick in which they visit multiple pages on my site.  Is this legitimate traffic or part of the click fraud scheme?
Re: The crash course emergency strategy for click bombing attacks Publisher1 3/3/11 8:58 PM
Richards 1052, Unfortunately, if you haven't taken measures to manage the situation BEFORE your account was disabled, there isn't much anyone can do to help.  Your appeal will likely fail.  This is because Google must put the advertisers interest first. 

Adsense is generally not a good idea for controversial sites where people will take a strong enough stand to clickbomb in anger.  These sites either need to be non-profit or you need to get support from your actual supporters.  The Adwords advertisers, rightfully, don't want to be caught in the crossfire.

I don't know about valueclick.
Re: The crash course emergency strategy for click bombing attacks richards1052 3/3/11 10:45 PM
I had no idea there was any click fraud going on.  My Adsense acct. is very small as my site gets a modest amt of traffic.  I never earned more than $100-200 per yr fr. it.  So I never monitored it seriously.

But clearly someone who hates my politics wanted to mess me up.

I do get support from my readers.  But there are many advertisers too interested in the subject of my blog, which is the Israeli-Palestinian conflict.  Unfortunately, there's also a lot of hate out there as well.

And yes, my appeal did fail.
Re: The crash course emergency strategy for click bombing attacks Publisher1 3/4/11 3:30 AM
Richards1052, yes, the combination of a highly controversial subject (in which you take a clear position, perhaps, plus relatively infrequent monitoring of your account, is not a good match for AdSense.  I' pretty sure you can see why.  In the offline world, of course, some of the same issues exist:  I'm sure you are well aware of the Israeli boycott or buycott battles (but nowhere as severe as what would happen if you put a group of West Bank fanatic settlers in the same room as Hamas or Hizbollah militants (terrorists/freedom fighters), or for that matter, innocent civilians on the 'other side', either Israeli or Palestinian.)
Re: The crash course emergency strategy for click bombing attacks StevenG 3/4/11 8:58 AM
Richards1052,

It's like if you owned a billboard and some damn kids kept on spray painting over the current ad. Do you blame the advertisers for backing out when you can't deliver as promised, or do you blame the kids? I'll agree that the topic probably brought some bad apples to your site that took it out on the ads, so instead of voicing their opinions, they decided to commit fraud in hopes of shutting down your site. Seems to me if all you earned was a couple of hundred a year, then maybe Adsense wasn't such a good fit anyways, and what was done didn't do much harm.

Install a donate button from paypal (if you have an account) and you'll probably earn just as much in donations to help support the site every year as you were earning from Adsense.
Re: The crash course emergency strategy for click bombing attacks richards1052 3/4/11 5:39 PM
StevenG: I've been blogging for 7 yrs. so I've done just about everything you can think of to secure funds including Adsense & a Paypal button.  The latter doesn't do what the former does.  Some people give donations directy through Paypal & others click on ads (some do both).  I do get some donations, but not terribly much more than the Adsense revenue.

The stupid thing is that they didn't shut down my site (someone actually did that once too through a DOS attack).  They only shut down Adsense, which in the scheme of things is a minor annoyance.

But the idea that juvenile delinquents (adults, mind you, at least in age) should win such a battle offends me.
Re: The crash course emergency strategy for click bombing attacks StevenG 3/4/11 8:39 PM
It offends me too.

Google can build this new layer for their search engine in regards to the "Farmer" update of their algorithm, and yet they can't stop a site from having the ads attacked? They have to know it's an attack versus some click fraud ring. Listen, I'm not asking they give up some insider secrets, just protect both the advertiser and the publisher when the site is attacked. If evidence shows that fraudulent clicks are occurring but not from an attack, well then ban the publisher.
Re: The crash course emergency strategy for click bombing attacks wwwwebstar 3/24/11 6:21 AM
it is impossible to monitor the site all the time,so an automated solution should be made for this 
Re: The crash course emergency strategy for click bombing attacks Comichron 4/2/11 1:58 PM
I agree with Vyperlook -- there needs to be some automated response to warn publishers when this happens.

I'm in the $100-200-a-year boat with Richards1052. I don't and can't check the account every day. By the time I caught that I was click-bombed this week, it was too late. I have just appealed, but it doesn't sound from everyone else here that it will be successful.

The smaller sites are part of what made Adsense the business it is today, in my opinion. If hobby-publishers aren't welcome, they should probably require full IT departments and round-the-clock monitoring when we sign up. Or stop prodding every user of Blogger, a hobby-publishing platform, to monetize with Adsense.

I'm hopeful this will turn out for the best, as it's a pain to recode the sites. But this kind of trouble leads me to want to double down with Amazon. This isn't a problem with affiliate ads, and I'm not held responsible for the actions of people I can't track or stop.
Re: The crash course emergency strategy for click bombing attacks StevenG 4/2/11 2:05 PM
Actually if you get a lot of traffic and no sales from affiliate programs, you'll end up with them terminating the affiliation. If you get a lot of sales through affiliate programs with a lot of fraud/chargebacks the same thing could happen as well. So it's not much different. It's just easier to get your site and/or account suspended with PPC because it's measured in clicks only.
Re: The crash course emergency strategy for click bombing attacks Comichron 4/2/11 3:27 PM
I do much better with affiliate programs than I do from Adsense, so maybe that's simply where I need to be focusing more of my attention anyway. My sites are about books, after all.

I am curious about one thing: I have Adsense for Search codes in my sites, and the search engines did NOT disappear and do still appear to work. I am hopeful that continues to be the case, because I still want the search engine even if I don't get paid for it.
Re: The crash course emergency strategy for click bombing attacks StevenG 4/2/11 3:34 PM
You should switch to the non-ad version. http://www.google.com/sitesearch/
It's like $100 for up to 20,000 queries a year.
Re: The crash course emergency strategy for click bombing attacks Comichron 4/2/11 5:19 PM
Actually, it looks like it kicked the old Adsense engines into their free Custom Search Engine platform... http://www.google.com/cse/ ...where there are still ads, but Google gets the money from them.
Re: The crash course emergency strategy for click bombing attacks Rab Nawaz 5/19/11 2:29 PM
this is great. I just hope that is was not too late for me to read this. Peggy K helped me. I just hope that i am saved
Re: The crash course emergency strategy for click bombing attacks like11 5/22/11 10:24 AM
What is "allowed sites function". Thanks
Re: The crash course emergency strategy for click bombing attacks PeggyK 5/22/11 12:04 PM

Re: The crash course emergency strategy for click bombing attacks Brights 6/8/11 7:30 AM
very helpful tips but question is what is the main object of click bombing attack ? what they will earn out of doing so ?
 
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/8/11 7:35 AM
Click bombing attacks are intended to cause harm to the publisher.  Sometimes a competitor will do it.  Sometimes someone just gets angry and wants to take down someone else (this could happen, say, in a divorce or, in my case, telling a former publisher that his disabling was actually justified because of his own behaviour.) 

Some AdSense publishers stretch the rules, either clicking on the ads themselves or having friends 'help' them -- then, when they receive the "account disabled" email, they blame the problem on click bombers.  This in part is why Google wants to see publishers take proactive measures as soon as they discover the problem, while their accounts are still active.
Re: The crash course emergency strategy for click bombing attacks StevenG 6/8/11 10:16 AM
Yes, but then if you take those measures can you still blame it on clickbombers if you're actually causing this to happen on purpose? There is no real way for Google to absolutely know that a publisher didn't do this on purpose.
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/8/11 1:47 PM
Steven G you are moving into the world of conspiracy theories. In fact, the click bomber who attacked me started posting in the help threads that he had heard of someone who was "faking" that he was click bombe when he was really doing it himself.  The attacker, of course, was referring to me!  But this is a rather big exercise in futility if you are ensuring that you aren't earning a cent in revenue while the attack is under-way, which is why my advice works to help publishers.  I mean, if you can show that you are denying the revenue from flowing into your account, clearly you aren't trying to cheat the system.  (And, yes, Google staff manually removed the "extra" income that appeared in the account despite my efforts -- they clearly could see where the unwanted and inappropriate earnings were.)
Re: The crash course emergency strategy for click bombing attacks StevenG 6/8/11 4:34 PM
It's just that not a day goes by somebody isn't crying about invalid activity and I'm beginning to think that Google really doesn't know who's doing what. That it's very difficult for them to determine if the activity was done by the publisher or not, so they're coming on here to test Google and see if they really end up earning everything they did on purpose or if Google catches it and takes all or some of the money away. If they say nothing, then they look guilty, but if they come on here, there might be a chance of getting their account back since they made an attempt to contact somebody at Google about it, for which Google requests to be notified here. They might even send in their server logs to them and do all this other stuff to seem innocent while they are not. While the traffic and actions speak for itself, how do you determine if a publisher was simply testing the system or if they were really attacked. I just don't believe that Google can and that's why some publishers get their accounts banned, others get warned, and still others only get a single domain banned.
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/8/11 4:46 PM
We can't read into the fraud detection alogrithms but I think they are fairly robust.  If any of a number of measures is out of whack, the account is disabled.  Clearly, in my cases, some measures indeed sent red flags to the Google bots when, two weeks after solving the problem (and achieving the direct intervention of the AdSense pro responsible for these forums), I received the dreaded email.  I'm not going to read too many things into the motives of publishers.  If they take reasonable and prompt measures to deny income through the allowed sites function AND they have good solid and useful sites, they have some chance of success on appeal if a similar problem occurs as I experienced.  If they are gaming the system with MFA sites they won't return (I saw one case where he pleaded he had taken all of the measures in this thread -- but he only posted AFTER his account had been disabled, and when I viewed his site, it was indeed MFA crap). 

It would take a really insane con to play a game like this.  Test invalid clicks, implement allowed sites function after crying for help on these forums, then learn the limits, and play again and again, gathering just enough money before saying there is a problem.  Sheesh.  If you wanted to get rich in crime, I can think of wiser approaches (like transferring a diversity of hard assets held in the name of a major international bank into a few million bucks in kruegerrands, someone I who I know personally did.  When he got out of the pen, he set up another financial business, just on the right side of the law, and lives in luxury in New Jersey today with his young family.)
Re: The crash course emergency strategy for click bombing attacks StevenG 6/8/11 8:40 PM
Being that Google doesn't prosecute publishers for reasons of keeping their secrets secret it sounds to me the only downside is getting caught and having to start over.
Re: The crash course emergency strategy for click bombing attacks Rab Nawaz 6/13/11 9:21 AM
Google Sucks!!
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/24/11 4:11 AM
Great post I am 100% agree with StevenG. There should be a tool for the publishers. It does not means that Publisher1 is wrong at his point, He is also right. we must have to take care of our account and we are doing it. but sometimes its no possible.
"Think if i am driving and one another big truck comes and hit my car then from that day i should not drive !!!!!!"
Why publishers pay for invalid clicks?? If they are not done any thing wrong.
Re: The crash course emergency strategy for click bombing attacks Jimsefton 6/24/11 4:33 AM
I think Google put the burden of responsibility onto the publisher because they have the virtual monopoly on the market at the moment. Sure, there are some other alternatives but from what I can see Google provide the best system that rewards the best.... all apart from their policy on instant bans, not helping victims of click bombing etc.

I do wonder, if Facebook decide to enter the market and a large number of people jump from the adsense ship, will Google decide to be a little more helpful in partnering with their honest publishers? Perhaps a little competition in the arena would be a good thing?
Re: The crash course emergency strategy for click bombing attacks StevenG 6/24/11 10:44 AM
Excuse me, what if Facebook decided to enter the market?

Who's ads do you think are showing up on Facebook pages?
Adsense ads? Didn't you hear all the times they were offering $25 in free ads just to try it out? I believe they even brought in something like a Billion dollars in revenue last year, maybe it was 2 Billion? It was a lot of money in ad revenue they didn't share with an ad network.
Re: The crash course emergency strategy for click bombing attacks Jimsefton 6/24/11 1:35 PM
StevenG: Chill dude, it wasn't a personal attack on you.. I was referring to facebook entering the same market as adsense i.e. offering ads in the same way adsense do, on any pages, not just facebook ones. Google need some competition on the private website market, that's al I was saying
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/24/11 1:46 PM
NO one compete Ad sense, Facebook is only good for social networking. Its every-buddy knows facebook users only do sharing and chatting that it.
Its not an easy task, If you have traffic then you could do any thing. Don't Remember those daYs when Google orkut is better then Facebook.. I knew its time to PHP(Facebook).
Re: The crash course emergency strategy for click bombing attacks StevenG 6/24/11 2:11 PM
Sorry, just sounded like you didn't know about Facebook having ads.
I was like....is this guy blind or something?

They're probably not offering their ads to 3rd parties or ever will because advertisers come to Facebook just because it's a social networking site and have a lot of members.
 
If you can even keep things only in house, you end up making more money and deal with less problems. Seems to me that would make a site more profitable by keeping things in house than having to deal with 3rd parties and the problems that come along with that.

I wouldn't trust Facebook ads on my site either. If the like button fiasco is an indication of the lack of quality software and bad testing that Facebook is pushing out the door to publishers, I want no part of their ad network should they allow 3rd party publishers. Besides, if you're not logged into Facebook and surf the internet and then you log in, Facebook takes all the traffic information of any page that had a like button on it and merges that with your Facebook profile. So much for anonymous surfing if you ever visited a page with a like button on it. Yes, even if you never clicked a like button in your life but still have a Facebook account it still will merge that data with your profile through the use of cookies.
Re: The crash course emergency strategy for click bombing attacks RegularMember 6/24/11 5:15 PM
if you are big website there is no way to understand small click bombings. for example my clicks were ranging between 500 and 1k a while ago. so i can not determine even if there are invalid 500 clicks. also stat counter is not an option for big websites unless you pay money.

Google has to add invalid click monitoring tool i believe.
Re: The crash course emergency strategy for click bombing attacks StevenG 6/24/11 7:59 PM
You can link your Analytics and Adsense account together. But only 1 Adsense and Analytics accounts. Make sure it's the accounts you want linked together as well, because it's a pain to get an employee to unlink them. While this may not be the cure all to the click bombing visitor identification problem (as Google never reveals ip addresses), it does give you better reporting and might help you identify problems. Sometimes a temporary jump in ctr is nothing more than due to the ads that are displaying. Like for example of an ad I saw not that long ago on another site, something about free shipping with every order. People might actually be attracted to some ads because of what they are offering and simply get more clicks. It would be nice if Google were to simply warn publishers of invalid activity so they can protect their accounts against it by using the allowed site function and taking their site off the list temporarily or removing the ads off the site completely. However, that would mean the scammers could test the detection methods of Google to see if they can get past them. So I don't know that there is a real solution that Google can even offer for this.
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/24/11 10:30 PM
NO, Why google help publishers. They even can't reply to any thread here. We are just guessing  No one knows real truth and solutions.
Please Google Help honest Publisher for invalid click activity. Launch panda 2 to remove scammers, But take care of honest publishers.
My two points:-
1:- Publishers must take care of advertisers.  Its our responsibility. Even Invalid click also. Is it not face !!!
2:- Due to scammers honest publishers are not helped.. Only Guesses are going on.

Is there any Google employ reply...
Re: The crash course emergency strategy for click bombing attacks bluelou08105 6/24/11 11:49 PM
why does not google help us against this type of threat.
Re: The crash course emergency strategy for click bombing attacks Jimsefton 6/26/11 4:23 AM
@StevenG: I agree with what you say and I by no means trust Facebook at all, in fact I dislike them more so than Google. The only thing I meant is if they entered the same arena as Google then it would provide some much needed competition. The reason Google is shafting a lot of people is because there really is not a lot of competition.
Re: The crash course emergency strategy for click bombing attacks StevenG 6/26/11 11:11 AM
Yeah, but still I don't see Facebook doing it. It's just wrong for them on so many levels, and I believe would be their downfall as a social networking site if they did loose focus on their core. Google has lost a lot of focus on it's core and so instead of the quality search engine we all came to love that kept on getting better, we're seeing crappy algorithms that take good sites and mash them up with the bad sites. So much that everybody is complaining, not just a few people. See in the beginning only the large content farming sites were complaining, now everybody is. It seems they are manipulating the search so much that nobody knows what's going on and so they feel forced to pay for advertising with Adwords just so they can get higher up on the page and get traffic to their site. So as you see, Google is loosing focus on it's core and money seems to be more important than quality. Well why wouldn't it be? The economy is in the tanks and so they're doing things to increase their revenues. Just look at their quarterly reports after the first round of Panda updates. It seems to be working for them. That's why the DOJ and SEC is investigating them. So many people complained to the DOJ and SEC about there being a connection between the Panda updates and their latest earnings reports. It didn't seem right to them that while a bunch of sites were loosing money, Google should be showing increases in revenue. Gee I wonder where that money came from. Google's own search engine perhaps due to the increase in advertiser spending immediately after the first round of Panda updates perhaps? Of course that's where it came from! Sorry, they just make me so mad sometimes.
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/26/11 11:25 AM
Ha Ha ha you are Right StevenG. I don't Believe you thinks soo much about Google updates & alogs. Good Keep posting really important news.
Re: The crash course emergency strategy for click bombing attacks BBilal 6/29/11 1:51 PM
How do we know the clicks was valid or not?
Re: The crash course emergency strategy for click bombing attacks shake707 6/29/11 1:52 PM
It would be nice to see some reply from the only person with answers... GOOGLE! Where are you at Google? This thread has been going for almost a year and Google still cannot provide answers. Google is wronging publishers everyday with their unfair and corrupt system. GOOGLE IS PROVIDING NO SUPPORT
Re: The crash course emergency strategy for click bombing attacks Publisher1 6/29/11 1:58 PM
Why should Google provide "support".  Why aren't you providing the "customer service"and support to the organization paying the bills ... Google!

For regular websites Google provides the tools we need to manage click bombing attacks.  I agree the situation for YouTube is not satisfactory and for that would simply decline to offer my services to Google.
Re: The crash course emergency strategy for click bombing attacks BBilal 6/29/11 2:07 PM
Publisher1,

My account was disabled because of invalid click reports but I can't find a single way to locate the invalid clicks?

How google find invalid clicks exactly, How it works, there should be some method to find out invalid clicks for users as well?

Google said "If you want to secure your account your CTR and ePCM must be average" I got both average but still my account disabled
Re: The crash course emergency strategy for click bombing attacks svfoxx 6/29/11 2:15 PM
  You can't spot mini click bomb attacks.
 Now with statcounter screwing up their program, it's over.
  If you get 1 million views a day you can't use statcounter the way it is now.
 It was so perfect.
  So I can move to aol, casale, value click, there are plenty others.
Re: The crash course emergency strategy for click bombing attacks StevenG 6/29/11 3:11 PM
Publisher1,

Agreed.

The more aware of what publishers are getting into, the better informed they will be on their decisions. Everybody is right on the "How can I make money with this?" gravy train and doesn't think about things like "What if something goes wrong? What kind of things could go wrong?"


BBilal,

The just of what I get is that Google is well aware that click fraud pretty much happens all the time and there really isn't a way for them or a publisher to stop it, except for Google to ban a publisher or for the publisher to take the action we've all described earlier in this thread. Google is pretty good at catching it because they have more data beyond your website about the visitor. What you should be looking for is any unusual behavior you may spot. Too much traffic from direct/bookmarked vs search engines/referral sites, or even as your traffic climbs your click rate is going up as well instead of down. If you get 1,000 page views in a typical day and wake up to see 5,000 by 8am, you have to be thinking something is not right. If you don't know what an average day should bring in any of your stats, then you haven't been looking them over on a daily basis much. Any of them could be a signal that something not right is going on. The better you look over your stats and understand what they mean, the better you are able to spot things like what people like the most, what people don't like so much, and what makes you the most money and what needs to improve upon.
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/29/11 3:32 PM
StevenG,
"Too much traffic from direct/bookmarked vs search engines/referral sites"
We can't control traffic from bookmarks and search engines !!!!!I
If people likes they stuble up or dig it soo is its our fault if any buddy likes content on our website.

I am not saying. All is wrong. At last all is also not right.. Google must listen publishers now after Panda update........!!!!
Re: The crash course emergency strategy for click bombing attacks StevenG 6/29/11 3:48 PM
If people use stumble upon or dig, it shows they came from that site as a referral. Direct means they used a bookmark in a program or typed in your url directly to the address bar. I would think that if return visitors use bookmarks that's one thing, but if you are getting a lot of brand new visitors to your website and they are direct/bookmarked (especially more than your search/referral traffic combined), then you have to admit that does seem irregular for any website. Where did they find out about your website that they came to it from entering a url or bookmark over seeing your link somewhere? If people did that, then we wouldn't need search engines or to post links on other sites. One publisher here was getting 90% of his traffic from Facebook, which is referral traffic.
Re: The crash course emergency strategy for click bombing attacks rinaqw 6/30/11 1:57 AM
"If people did that, then we wouldn't need search engines or to post links on other sites."
Ya right but getting traffic from bookmarking website is also comes from search engines.. many bookmarking website are indexed in google search people found bookmark links then they visit website.
I am just asking referral traffic from bookmarking website is good or bad in way of adsense and advertisers ???

"if you are getting a lot of brand new visitors to your website and they are direct/bookmarked (especially more than your search/referral traffic combined), then you have to admit that does seem irregular for any website"
That the point again if anyone like content then what publishers do ??? Is they remove that page which was liked by users.


Fact is that traffic from bookmarking website is greater then search engines traffic some time in case of stumble and dig. Soo there is any solution for that ?? I know advertisers likes search engines traffic because its more targeted.
Re: The crash course emergency strategy for click bombing attacks RegularMember 6/30/11 2:58 AM
@
rinaqw i believe you can have as much as traffic from referring sites as long as it is not traffic sharing
Re: The crash course emergency strategy for click bombing attacks aammuk 6/30/11 3:23 AM
Hi guys,

My adsense account was blocked since google thought it poses a risk to invalid activity. I appealed and it was rejected. Now I tried another adsense account on my website and it doesn't display ads. Is there any way I can check if my domain has been blocked?

Thanks.
Re: The crash course emergency strategy for click bombing attacks Jimsefton 6/30/11 4:45 AM
aammuk: if you were blocked for invalid activity, creating a new account will not help. I would imagine if Google twigged what you are doing then that account would be banned. The reason the ads are not displaying is likely the fact that the sites were blocked by the activity of the first account.
Re: The crash course emergency strategy for click bombing attacks aammuk 6/30/11 5:12 AM
Thank you for your answer Jim. However is there anyway I can check it?
Re: The crash course emergency strategy for click bombing attacks Jimsefton 6/30/11 6:05 AM
I'm not sure, although if you put adsense on a website and ads don't show after some time then I would say that's a pretty good indication of being blocked?


Re: The crash course emergency strategy for click bombing attacks StevenG 6/30/11 10:59 AM
Jimsefton,

There are some issues which may cause ads to not display that isn't Google blocking your ads from your website. Such as your robots.txt telling all the bots to go away. If the Adsense bot cannot visit your pages then the ad script won't return any ads to display.
Re: The crash course emergency strategy for click bombing attacks xXxpert 6/30/11 6:53 PM

hello,
i have only 1 website where i placed adds
today i have received a click attack of 31 clicks.. google counts only clicks and did not give money for that clicks
i have removed my that site from allowed sites and add my 1 blog where i am not displaying adds.. everything ok?
how much time i have to stay removed my main site from allowed sites?
because if my site remain removed from allowed sites. i will not going to pay for valid clicks too..
as i already earn very low income from adsense, and i am a student.. how can i afford the server cost? which is $36 a month.. and my current revenue from adsense is only $40 to $50 a month.. :(

i think google have to do something for youngsters like me...


Re: The crash course emergency strategy for click bombing attacks Publisher1 6/30/11 8:12 PM
It is important to have an appreciation that "our needs" count far less than those of the advertisers paying the bills.  We are providing a service to AdWords advertisers (through Google) and are paid for this service.  We need to put into practice the expectations we have as consumers -- and turn them the other way around -- we need to deliver the service that advertisers have the right to expect.  And they care not a bit about the hardship a click bombing causes us; they only care that they don't want to be paying for advertising which has no relation to genuine potential client interest.

This is a truly simple concept, when you come to think about it, and it shaped my thinking when the incident occurred which resulted in this thread.  My first reaction, when I saw the attack on my account, was "How can I prevent harm to  AdWords advertisers."  I then set out to use the Allowed Sites function as described here and began the search for the culprit causing my problems. I didn't expect Google to solve my problems, I accepted that I would need to work out the solution on my own. 

As it turns out, I ended up needing some assistance, for a reason I won't ever post publicly -- the same reason that Google won't really explain "why" accounts are disabled.  Publishing certain information just provides ammunition to the bad guys.  They will take the information and use it to devise additional devious fraudulent schemes.  And, yes, there are bad guys out there. I certainly "met" one a year ago, when I faced the attack.

I learned through the incident that help is available when you really need and deserve it.  I realize that "deserve" implies some moral issues and judgement.  Not everyone is experienced in business; not everyone is capable of understanding and applying the concepts in this posting (and thread).  All I ask you to do is to put your own needs aside and focus on the ultimate AdWords client's real needs -- if you do, and you still have difficulties, you will find plenty of support in this place. 

I certainly did.  Not only did I survive the attack (and a brief disabling when the bots encountered the problem I won't explain here) but a few weeks later I received the TC nomination because of this challenge.  Google does not have to do anything for any of us.  We need to think about what we are doing for Google -- and the AdWords advertisers.
Re: The crash course emergency strategy for click bombing attacks Jimsefton 7/1/11 2:45 AM
Publisher1: This is indeed the crux of the matter I think. A lot of people sign up for AdSense and take it lightly because it is so easy to do. They treat the T&C's in the same way as the ones that you never read when installing a piece of software (the legal jargon ones).

What is quite clear (mainly once you get disabled, or ads stop appearing) is that AdSense is something to be taken seriously, very seriously if you are actually starting to rely on the income as anything more than a hobby.

I am hoping eventually that my ads will start serving again and I will be earning once more, but the experience of the past week or so has certainly opened my eyes to the way things are.

The thing is, you can disagree with the way things are as much as you like, but you are not going to change it, so the best way is to work with it (if you want to, if not then AdSense may not be for you). 

Unfortunately Google does not have the staff to jump on every little instance of unfairness straight away, or react as fast as we can, hence I have been working over the past week to make sure every aspect of my accounts are bullet proof, every ad placement is justifiable,labelled where necessary etc... so I can minimise the risk of having ads disabled, because realistically that is all we can do, minimise the risk.

There is good money to be earned through AdSense if you are willing to tow the line, and if like Publisher1 says, you are willing to recognise that you are a provider and not a client.
Re: The crash course emergency strategy for click bombing attacks xXxpert 7/1/11 4:52 AM
hello, after enabling the allowed sites i got these sites as unauthorised sites
translate.googleusercontent.com
www.facebook.com
Re: The crash course emergency strategy for click bombing attacks xXxpert 7/1/11 4:54 AM
means someone is nusing my publisher id on facebook?
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/1/11 5:16 AM
If computerized Google has the function and capacity to detect invalid clicks, why should a publisher have to remove their website from the "allowed sites" list? The publisher is no longer receiving revenue from the invalid clicks and the click bomber is no longer effective for that website.  If the publisher removes their website from the "allowed sites" list, then the valid clicks are also disabled, and the publisher does not receive revenue from the valid clicks, either. Most publishers do not have the know-how or systems to isolate and deal with the click bombers to resolve the problem. I would think that Google, with its vast technical and monetary resources, would be able to do this, however. There appears to be something fundamentally wrong with this picture, and it would be nice if Google could be forthcoming to its publishers and explain IN PLAIN LANGUAGE why publishers have to remove their sites from the "allowed sites" list for who-knows-how-long and not benefit from the valid clicks.   
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/1/11 6:21 AM
@ Danmclerran
 NO one knows why... But you must... No one from Google reply here...If anyone says its rule then it becomes rule. All are guessing and learning. No one knows facts...

@ xXxpert
Yes add translate.googleusercontent.com to your allowed website its safe. But for facebook i am not suggesting you.

@ Publisher1

Everyone is fighting for invalid clicks. No one survive even he/she may also honest. big example like you..I know you are the star for those disable account honest or dishonest people.  But my point is not every one get chance to get back. I know you are licky one by Google. Now Google gives you TC tag to help forum people but tell me one thing at one stage you also in the same boat as other disable publishers are.  How much of you worked hard to get back your account.( i read you previous posts).
I will show you many examples they are true but they can't back why???? we will take care of Adword advertisers, But how much you give surety we will get back like you ?

To be true i am also helping people in this forum and many TC are also working day night.. But conclusion comes what? We are guessing...what is the need of Adsense forums?? We will guess on DP or other forums...Google should clear the picture at-lest TC like you..
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/1/11 6:35 AM
A few simple points need to be clarified.

1.  Google owes us no service, no favours, no "love".  We are selling to Google, not buying.  This means we need to be "nice" to google.

2.  This doesn't mean we need to be stupid.  However, it means we must think like business owners rather than consumers.  When you start thinking and acting like a business owner, the answers to your problems with disabled accounts will become quite apparent.

3.  This is because, as a business owner, you must have a product or service that is of value, fairly priced, and delivered in a manner that your customers wish.  (Google, to a business owner, should be one customer, not our only client.)

4.  As business owners, we have the right not to sell or provide our services when we think the terms and conditions are unreasonable, or when the risk to our business is too great.  In my opinion, YouTube is presently too risky for anyone with an AdSense account, for example.

5.  Finally, and this is most important, Google provides a "second chance" to disabled publishers.  It did to me.  You are allowed both personal and business accounts, and if one is disabled, the other can survive.  The problem is, that you should never set up an AdSense business account for a business totally (or even primarily) depending on AdSense.  That is just dumb business.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/1/11 6:56 AM
Thanks for again giving a great reply..All are points are true.... I know all business rules and i also have adsense account in good position from 4 years. but after reading this most popular thread in Forum, I m little bit afraid about invalid clicks. Before reading this article i never take care of invalid clicks in my account if i got some time many clicks then i report it to Google.

But Days by days every human begin learn some thing. i read almost all thread of invalid click but conclusion is i don't know any thing proper...Please publisher1 ask Google adsense team to save honest publishers. Like for removing spam they introduced Panda update but for Adsense  publishers there is nothing..

At last i am not depending on google but i need to know all rules.Also clear this one.
"You are allowed both personal and business accounts, and if one is disabled, the other can survive."
Is this is true ??? one person got disable their personal a/c then he/she will again get account with same name in adsense as business ?
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/1/11 7:06 AM
I cannot "advise Google to save honest publishers"  No one has that power.  In any case, many slimy publishers consider themselves to be "honest". I'm not going near that topic.  In any case, as suppliers, publishers have very limited power to "change" our clients -- we can sometimes influence them by deciding to stop doing business with them, but we certainly can't get them to do what we want for our own interests.  Why should Google, or for that matter, anyone care about what we need as individuals.  They are buying the service, not selling it to us.  (The story is much different of course for AdWords advertisers -- except those trying to game the system with arbitrage, in which case, Google will take the advertising money and possibly ban your account; not a good deal at all for the publisher.)

The business account is actually totally separate from a personal account.  It requires a truly distinctive identity, including tax registration, email, contact and banking information.  You can't simply recycle a personal account into a business account.  But as an owner of a business -- especially a distinctive incorporated business or LLC -- you can certainly have another account.  However, this work-around only makes sense if your business doesn't 'need' AdSense, so the solution is not practical for most of the people whose accounts are disabled.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/1/11 7:23 AM
I understand all facts about publisher and advertises, And even Google never listen us because of thousands of spammers. Today i understand fact that "DUE TO BAD PEOPLE HONEST ONE IS ALSO EFFECTED" very bad.
I am sure all the spammers also go caught some day but i know they servive more then honest.

"The business account is actually totally separate from a personal account.  It requires a truly distinctive identity, including tax registration, email, contact and banking information"

but what about the name? If same person name comes with same address with company name is can not be detected by google system ?? If yes then how he/she will servive?
Re: The crash course emergency strategy for click bombing attacks Jimsefton 7/1/11 7:26 AM
"DUE TO BAD PEOPLE HONEST ONE IS ALSO EFFECTED"... Stand in the queue at airport security, remove your belt, shoes, go through x-ray etc... it's all the same thing, because of bad people we all must suffer... problem is, that's just the way it is. I'm sure Google would love to "trust us", but until there is a reliable way of doing that we all must be treated with suspicion.... that's why you have a lock on the front door of your house, right?!
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/1/11 7:31 AM
To have a business account you need to have a legally registered business with its own name.  It is best to have a distinctive address as well.  The bots will generally detect and find links between the two.

Recently people have been coming to the forums with this problem and, if the account is truly and validly a business account (and not a game to work around disabling), TCs refer the matter to the pros (Google staff) for review. 

Businesses are relatively easy to establish and register in western (capitalist) nations though there are still legal and procedural processes you need to follow to create the business (and its own bank accounts, etc.)  The rules may be more challenging in other parts of the world especially where goernment corruption is the rule rather than the exception.  Most people contemplating starting a real business need to learn things they didn't know -- and they must go through a thought and mind transformation to understand the way successful business owners really think and operate.  In other words, again, I cannot repeat it often enough, the business account is not a solution for AdSense disabling --  but if you have a real business, indeed, you can have a "second chance" with AdSense.
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/1/11 6:35 PM
What StevenG is saying makes absolute sense. Moreover, I have no personal relationships with most of the individuals or organizations visiting my site and clicking on ads, and even with my stat counter analytics, I cannot isolate any suspects as click bombers. I am in an area here where the water is over my head and I need practical help on how a click bomber can be identified AND THEN DEALT WITH EFFECTIVELY. I am sure there is an inventory of scenarios or strategies that could be communicated in PLAIN LANGUAGE to publishers to help them actually pinpoint click bombers and then deal with them so the problems are corrected. I don't mind taking that responsibility IF I KNEW HOW TO DO IT!  Meanwhile, my site stays off the "allowed sites" list forever, earning nothing even for valid clicks (is Google earning nothing?). Is Google really an advertiser's friend, and not the publisher's? Please help! Someone! I need to know more than "every situation is different" and the "first step is to take your site off the allowed sites list", or that the responsibility is mine. 
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/1/11 8:17 PM
Dan, I wish I could wave a magic wand and tell you exactly what you are seeking to know.  But the real world here is much more murky.  In some cases, as in my situation, the click bombing attack was "obvious" -- with clear indications of who and why the situation occurred.  If you are noticing a seemingly large number of invalid clicks but cannot determine a common denominator, I agree, this is a more frustrating challenge and is one that is over my head.

I believe you can, assuming you host your own site, design some protective measures which wouldn't violate Google policies but can't tell you exactly what these may be or how they can be executed (I simply lack that level of technical knowledge).  You might want Google to provide the answers but Google won't.  The trade-off for relatively easy access to a widespread program which pays out rather small amounts quickly is that everything must be systematized, but fraud detection systems must remain under wraps (because the bad guys will use every bit of information to their advantage.)

If you are concerned about the problem, you will need to do your own investigating and problem solving.  The "allowed sites' answer I provided will secure your account while you work on the issue.  Google doesn't earn any money on these ads -- the advertisers effectively get a free ride.  (If you are into conspiracy theories you might think that AdWords advertisers might set themselves up with publishers removing their ads from the "allowed sites" list and sending a kickback to them, but this would be practically impossible considering the scope and number of sites in the content network.)

If you don't like my answer, I'll fall back on the basic point that we are suppliers to Google, providing a service for which we are compensated (but volunteers posting on these forums are not -- even Top Contibutors only receive some very limited perks.).  We need to be responsible for our own businesses.  And, of course, if you are able to solve the issues you describe here and outline your solutions on the forums, others will certainly appreciate your initiative.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/1/11 8:33 PM
Well there is the point that if you're going to make it up to the publishers to stop it from happening, perhaps Google should write help articles on how to use the reporting in Analytics to spot potential problems.
Re: The crash course emergency strategy for click bombing attacks svfoxx 7/1/11 9:47 PM
 Most people are jealous and root against you.
  I've been saddened by most of the things I've run into.
  They have this same attitude in their business and wonder why they are failing......
 We just had a Congressman send pictures of his bleep across his mobile phone....
And yet he isn't kicked out of Congress.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/2/11 4:44 AM
Svfoxx, my views about the world and other individuals are much more positive.  Sure, there are plenty of cons, scum-bags and losers out there (and some actually 'succeed' in life) but, by and large, most people I've met are honorable, most of the time.  (Crowd mentality can sometimes distort human behavior -- I'm sure most of the Stanley Cup rioters in Vancouver, for example, are pretty good people.)

Perhaps my life view is shaped by experience; for example, this thread started when someone sought to cause me harm because of my voluntary efforts to help others; but clearly the attacker failed largely because of the support I received from others -- including some people who, frankly, were breaking virtually every rule in the AdSense book.  (The link exchange operator and 'crappy' get-rich-quick site host quickly understood my problems with the click bomber who started the trouble and stopped him in his tracks.)

I think it is way too simplistic to say you make your own fate but I'm still confident that the Golden Rule really works quite well.

Re: The crash course emergency strategy for click bombing attacks danmclerran 7/2/11 11:22 AM
Publisher1 and StevenG, both of you were very helpful. Thank you.  I especially liked StevenG's suggestion that Google provide training on how to use Google analytics to spot the trouble. I am still curious, though, as to why, if Google can spot and act on invalid clicks automatically anyway through their system, why publishers are recommended to remove their sites from the "allowed sites" list and lose revenue from the valid clicks, as well. It appears to be a rather "draconian" way to help publishers. It certainly protects the advertisers, which makes sense, but really creates a disincentive for publishers like me to continue to use Google adsense. Any clarification?  
Re: The crash course emergency strategy for click bombing attacks StevenG 7/2/11 11:32 AM
Google looses their revenue too. It's not like they keep the revenue while your domains are not on the allowed site list and only you don't earn the money. It's their loss too.

See, the whole problem is if Google were to not ban a publisher who was getting a significant number of invalid clicks, then there would be no downside if you decided to throw in a few extra clicks here and there. If you didn't get banned, well throw in a few more. Maybe tomorrow, you'll increase the amount, because if Google never catches them as invalid, maybe you've figured out a way to get past their detection systems. If they do catch them, well no harm right? Google will take care of that and let you keep your account right? Doesn't seem like a very good solution to stopping fraud. I'm not saying what they currently have is a good solution to helping publishers stop fraud as well, but it's at least something.
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/2/11 2:48 PM
StevenG, your scenario doesn't make much sense to me, but thank you very much, anyway.  I greatly appreciate your insight and help. 

What I was saying is that if Google can automatically detect invalid clicks and subtract them from the revenue flow in the first place (which is built into their system), it would seem that they are already taking the click bombers out of commission, anyway. The click bombers can click all they want, thinking they are effective, but go nowhere. If a competitor wants to see my site lose revenue,for example, then by forcing me to remove my site means they have won, because, most likely, I will never find out who they are. Why penalize the publisher for the VALID clicks they are getting by having them remove their site from the "allowed sites" list? 

I must be missing something, here?
Re: The crash course emergency strategy for click bombing attacks StevenG 7/2/11 6:03 PM
Yes your competition could do that to you, and you could also do that to them.

How about all the publishers that are going around posting free links and paying for links for their competitors with link farm sites? That hurts a site too.

The problem isn't invalid clicks as they happen no matter what you do. Every site gets at least a few of them here and there. It's when there is so many that to Google it ends up costing them to serve ads to your site and they can't make any profit in return. The more websites they let this continue with, the more they end up simply seeing those websites as nothing more than profit draining sites.
Re: The crash course emergency strategy for click bombing attacks fembat 7/3/11 5:29 AM
I would just like to say how fabulous the suggestion of statcounter.com was for me -  I have now put it on some of my sites and the information provided is superb - and I can imagine will come in really handy in dealing with any click bomb attacks on my sites.

I would just like to thank Publisher1 for providing this suggestion and, equally, advise others who use adsense and are concerned about some of the click activity on their sites to install this.

It is invisible on my sites and I can access the stats of each via my wordpress panel via the use of a statcounter plugin. Thanks!
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/3/11 6:20 AM
In dealing with click bombers: Does statcounter.com, or any other analytics software, tell you who is clicking on ads and what their IP address is? Furthermore, is there a function or software that will provide publishers with a means to block certain IPs from their websites?

If not, is there a way of looking at statcounter stats to isolate IP addresses or users/visitors of your website WHO ARE CLICKING ON ADS?

Getting helpful answers to these questions may be a long shot, but I thought I would ask on the outside chance that someone would have some answers.
Re: The crash course emergency strategy for click bombing attacks fembat 7/3/11 6:34 AM
Statcounter provides a wide range of information on the behaviour of your visitors - but the most useful for me has been the area "exit links" and "exit links activity" which, essentially, provides the ways in which visitors are leaving your site - Google Adsense clicks are shown up here including the size of the ad they clicked on. You can often view specific information regarding that click - which often reveals if they have clicked ads several times - it certainly has helped me understand where my visitors are going and which pages are drawing in the most clicks.

With this feature yo could easily utilise it to see if a click bomber is active on your site.

So, in answer to your question, yes statcounter.com does have information on who is clicking your ads and what their IP is - as well as where they came from, what page they were on and how many of which ad they clicked on.
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/3/11 8:19 AM
Thank you, fembat. If what you are saying is true, then this is the most helpful information I have received thus far on the forum about click-bomber issues. 
Re: The crash course emergency strategy for click bombing attacks fembat 7/3/11 8:42 AM
No problem. I am no expert on click bombing or google adsense in general so can only speak from recent experience. It seems very useful to me and I have learned a lot about visitor behaviour on my sites from using this statcounter which I never got from google analytics or similar.

If you do install take particular notice of Exit Links and Exit Links Activity - clicks on adsense will actually stipulate "Google Adsense" and then the size of the ad clicked on. When further information on that visitor is available a small magnifier will be next to it - this link leads to information on your visitor - IP address, referral url plus a lot of other information I am sure will be of interest

This page will also highlight if one IP has clicked an ad repeatedly - and thus, I believe, would definitely help reveal a climb bomber
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/4/11 5:49 AM
Thanks again, fembat. Now there are only two things that might complicate the issue beyond identifying the click bomber: If the click bomber, as in my case, is referred to  my news article, for example, by clicking on a link to it from a news aggregator site, would not the "visitor" be recorded as the news aggregator, rather than the person who clicked on the link at the news aggregator site? If so, then this would not work.  Secondly, even if I did accurately identify the click bomber, how could I then prevent that person from continuing to click away? How could I disable their IP address from accessing my website and/or the ads on my site?

It seems that identifying is one thing. Taking effective action to actually stop the click bomber is another. Any suggestions, anyone?
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/4/11 6:01 AM
Dan, I think it would be rare that a click bomber would generally and consistently access you through a news aggregator site.  Usually, they will go to your site directly or set up activities with verifiable link exchange or other services to generate the unwanted clicks. 

"Taking effective action" indeed is an individualized thing.  I would asser that the click bomber is generally an individual who "knows" you.  Your task is (a) to identify the individual and (b) create the circumstances where the bomber realizes that it is time to stop.

Sometimes, "doing nothing" is the best solution.  That means, you take your sites off the allowed sites list and feign ignorance.  Then you watch the account activitiy.  The attacker may try to step things up for a while but perhaps wonders why your account doesn't lose its AdSense ads or you don't seem to be doing anything at all.  So he/she gives up -- or resorts to more loud and dramatic measures.  Again, you should be able to track this activity thorugh a combination of reports from your allowed sites list and the statcounter.com data.

If the attack doesn't stop on his/her own, you need to figure out who to communicate with in order to have the problem end.  For example, in my case, I solved the issue ultimately with two successful phone calls.  One was to the operator of the link exchange/spamming service who (a) actually identified the bomber for me and (b) disabled the bomber's own account with his service.  The attacker then resorted to using a domain under his control, with an aonymous hosting structure.

However, there was a chat function on that domain (cashontree.com), so I sent an email asking about the service, and then when the operator responded, said police action would be taken if the problem didn't stop.  This certainly attracted attention.  I arranged a phone conversation with the service operator (who turned out to be an unwitting 'partner' of the bomber) and once he understood the problem, he raised the riot act with his former friend.  Problem stopped.

Now, you can see how this example won't help you directly, but this is the way it is with click bombing.  There truly isn't a one size fits all and no magic computer system will solve it.  It requires detective work and initiative on your part.
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/4/11 11:36 AM
Thank you, Publisher1.  Your experience with this is invaluable.  Never expected a "one-size-fits-all" or any "magic" computer system -- just something more than what we were getting.  Somehow I cannot help but think that there would be some technological solutions that could help minimize the problem, however. Requiring the publisher to become an amateur detective or investigator seems a bit much to ask for most of us who are not talented in this way, don't have special training, or are not computer-oriented. But your response is very helpful, indeed.

Curious -- why do you think it would be unlikely that a click bomber would access a news site through a news aggregator site to do the damage? Just want a little education, here.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/4/11 11:58 AM
Dan, in response to your question it is a rather odd and unusual route to go to "attack" a site.... there are exceptional circumstances, sometimes, (in fact, in my fight against the bad guy he did something that rarely happens and for which the "allowed site" function doesn't work) but generally the troublemaker will go directly to your site and do the damage there, or put the code on a site which he controls and attack that way or (if he really wants to be nasty), sign up your code with link exchange services, spam sites, and the like -- but all of these things will "record" with the stats management tools.)

We don't need to be computer experts or detectives but we certainly need our wits about us when fighting an attacker.  Remember, usually, we will have done something to provoke the action (the provocation may be justified) and true strangers won't generally randomly click-bomb anyone.  So the problem is personal, and the solution needs to be individual.  This is something that Google itself won't want to deal with -- so it is our responsibility.)
Re: The crash course emergency strategy for click bombing attacks Rab Nawaz 7/5/11 4:07 AM
i am a publisher who has been blocked with no justice... i really hope Facebook launches its own adsense then we will see how this unjustified Google adsense workss
Re: The crash course emergency strategy for click bombing attacks RegularMember 7/5/11 4:28 AM
@Rab Nawaz if Facebook starts its adsense that would be an epic war :) i would like to see that a lot and we would definitely benefit from this
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/5/11 5:02 AM
Publisher1, I understand what you are saying about "true strangers won't generally randomly click-bomb" anyone and that "we will have done something to provoke the action". In my case, I don't know what that could be, other than that my site is competing with a few others for consumers of the service or product that it offers. In that instance, I suppose a great many of us "have done something to provoke the action". I am hard-pressed to think that click-bombing for such provocation is "justified"........and actually, I do not think that click-bombing would be justified under any circumstances, just as two wrongs don't make a right.  

One more question (I am sure you are getting tired of me): Will the stats management tool record information on the possible click-bomber source if they are attacking using a link back to my site from a news aggregator, or would it only record information on the news aggregator where the click-bomber clicked to access my site? (I don't feel I got a clear answer on this question when I asked it previously).

Thanks again for your invaluable advise and time.
Re: The crash course emergency strategy for click bombing attacks Publisher1 7/5/11 5:11 AM
Dan, I'm separating morality out of the practicality of click bombing.  "Justified" is in the eyes of the beholder.  I suppose a competitor might click bomb you to try to take you out of the business, hardly ethical but I'm sure he would "justify" his action.  In my case, calling a scammer a scammer might make the scammer angry and wish to seek revenge.  He probably feels justified in his actions.  Generally, AdSense is risky if your site deals with sensitive political or social topics which may anger others.

As for your second question I'll give you the simple answer, I don't know.  Now, if your site is legitimately picked up by news aggregators and you are receiving a surge in clicks because of positive publicity, and you can track the activity back to websites and others publicizing your site, then you might be okay, as long as you can prove you didn't set the activity up.  Not all traffic and click surges are from "click bombing" attacks; generally however, your ctr will remain consistent or decline somewhat if this sort of surge occurs. 
Re: The crash course emergency strategy for click bombing attacks fembat 7/5/11 5:37 AM
"Will the stats management tool record information on the possible click-bomber source if they are attacking using a link back to my site from a news aggregator"

As far as I am aware statcounter will record information of anyone who spends actual live time on your site - but it is not the solution of everything. It cannot, for example, assist your ads appear within your news feed - a feedburner feed for example. Nor can it assist if your ads appear on sites other than your own. The person has to actually be on your site in order to provide information.

But, if someone actually comes onto your site, regardless of their origin and then begins clicking ads actually on your site it will provide with you with IP addresses etc generally speaking.

It should be noted this is only a tool and cannot be your only solution for protecting your site from potential climb bombing etc.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/5/11 7:00 AM
Yes statcounter only show details from where clicks are generated,,,Nothing else... i know it is not solution. In my case i have 3 to 4 websites. But my 2 websites have low traffic around 1500 to 2000 page views only in days. From Statcounter i found someone comes from google search and clicks on 3 ads i onetime i think he/she using CTRL key to open ads..

Now is this case also comes in invalid clicks ? How Publisher stop people not to use CTRL on ads... !!!!
Re: The crash course emergency strategy for click bombing attacks danmclerran 7/5/11 11:48 AM
Thank you, fembat. Very helpful about statcounter recording info on a "click-bomber" who arrives at my site from a news aggregator. 

Publisher1: My site receives significant surges in traffic from several news aggregators when I publish an original news piece, and thus the number of adsense clicks naturally go up dramatically when that occurs.  I understand, however, that one key in determining abuse or click-bombing is the number of clicks from the same IP source during the same short timeframe? Sometimes I would receive an unusually large number of clicks on ads even when there was not a surge in traffic (the ctr was unusually high). This is when I got suspicious about a click-bomber and, of course, when Google would not credit me for the clicks. Thanks for confirming that in your last post.
Re: The crash course emergency strategy for click bombing attacks fembat 7/5/11 12:32 PM
No problem. Glad to help. I find that information sharing is the best way to move forward in cases such as this :)
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/10/11 3:03 PM
How to block IP address in adsense ?

how you block people from site??
Re: The crash course emergency strategy for click bombing attacks fembat 7/10/11 3:09 PM
You cannot block an IP address in adsense. However you could, potentially, block an IP or IP range from accesing your site via the .htaccess

To block a single IP
order allow,deny
deny from 127.0.0.1
allow from all



Google how to block IPs and IPs ranges and there is a whole lot of superb tutorials available.

Wordpress users can also utilise a plugin to Ban IPs etc which works fairly well I have found.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/10/11 3:39 PM
If you block one ip, they'll just use another, and another, and another, and another.

In fact, if they have infected a bunch of computers to attack your site's ads, then you are blocking the ip's of unsuspecting visitors who will never be able to legitimately visit your site. If those ip's are assigned by an ISP, then they might actually rotate to another visitor if the lease of the ip address is up. Also if the person spoofs the origination address, you could be blocking legitimate visitors while keeping the attacker free to continue with essentially an unlimited number of ip's to choose from. Basically it's the same thing all the time. Remove your site from the allowed site list while the attacking is happening, remove the ads, or shut down your website. Basically everything which prevents you or Google from earning income. I mean don't you think if Google had a full proof method for blocking bad apples while letting in the good oranges that Google would implement it rather than let publishers stop income generation as the only solution? I would think so.
Re: The crash course emergency strategy for click bombing attacks fembat 7/10/11 3:47 PM
I do not believe blocking IPs is a foolproof means of dealing with the issue but he asked how it was done and I answered :) I personally think blocking an IP isnt much cop for most cases - but it can be handy from time to time whilst you are attempting to deal with the issues in other ways.

Personally I remove the site from my whitelist and continue to observe the site very closely

It is worth mentioning but not all click happy individuals are technosavvy enough to have multiple IPs
Re: The crash course emergency strategy for click bombing attacks StevenG 7/10/11 4:21 PM
No, you simply spoof the ip.
Remember it's a real attack, not somebody trying to hide fraudulent clicks.
So they don't care that the target page isn't being loaded on their browser.
It's about sending requests, not about getting a response back.
Re: The crash course emergency strategy for click bombing attacks gwebmaster 7/11/11 5:31 AM
I detected a click bomber one day and immediately reported it to google adsense team.
They blew me off and said there was nothing they could do about it.

If they then ban my account, im going to flip out.  Im tired of living in fear of google banning me. I work hard to prevent it, but when you run many many sites with a million+ people posting to them, and a single little violation can get you banned, it really doesnt seem fair.

The bigger your sites get, the higher the probability of a ban occurring, no matter how much you monitor and use preventative measures.


Re: The crash course emergency strategy for click bombing attacks Publisher1 7/11/11 5:37 AM
Well, if you have "many sites with a million+ people posting to them" you need indeed be exceptionally pro-active  because of the risk of something going wrong.  But if your volume and revenue is that high, you can of course afford to build in checks and balances and protective measures and I doubt Google will shut you down for incidents which reflect a (relatively) tiny percentage of your overall total.  Exceptionally large sites have account managers where the site owner can connect if necessary with someone at Google. 

In any case, AdSense should NOT be the primary source of revenue for your sites, or any others, for that matter.  It is folly for any business to depend on one major client, especially one which can, by contract, pull its business without notice.
Re: The crash course emergency strategy for click bombing attacks fembat 7/11/11 5:55 AM
@StevenG, Yes the original issue was with a real attack - but I was responding to rinaqw´s very simple query regarding how to block an IP in .htaccess which I answered with how you can do it if required. How you deal with click bombers is quite different.

@gwebmaster With adsense the responsibility with how to deal with a click bomber lies solely with the publisher, with ourselves. Although higher traffic does, naturally, lead to higher risk of invalid clicks it seems to be smaller accounts where a single incident will take up a greater percentage of clicks who are most at risk of account closure.

At least reading between the lines. There appears to be some invisble line, at least invisible to we publishers, where invalid clicks take up a percentage of all clicks where adsense decides to call it quits and judges your account too risky. I could be wrong of course - no expert but reading between the lines it appears this is the case - no one except adsense knows exactly how it all works behing the scenes.

I echo @Publisher1´s sentiments on adsense not being your primary source of revenue - I think to build a business or rely solely on adsense as your income is a risky venture in my book and one I would not entertain - as a subsiduary income, then yes, but most certainly not your primary income!.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/11/11 11:29 AM
@fembat
Thanks for your reply. i found plug-in to Block ip address..

I think small 2-3 invalid clicks are normal in account !!!!
many people use CTRL to open ads soo publishers can't do any thing...
I know its publishers responsibility to make account in good position. But no one tool tells our account in good position or not...
Re: The crash course emergency strategy for click bombing attacks fembat 7/11/11 11:35 AM
@rinaqw I think it is difficult to tell the position your account is in for sure. But you can pretty much assume if you are getting a high level of clicks with no revenue or losing a large amount during finalization that you are in a precarious position. At least this is how I feel this current month owing to two days of issues with traffic last month - its the first time since 2007 when I first signed up to adsense that my account has been in this situation that I know of but still I feel concerned.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/11/11 11:40 AM
What it means "losing a large amount during finalization"
Is it means change in total amount time of payments...

What type of clicks with no reviews you got this month..
I got 17 clicks with only 15 cents...what about this one !!!!
Re: The crash course emergency strategy for click bombing attacks fembat 7/11/11 11:48 AM
Any recorded earnings during the month are estimated - they are finalised in google generally around the 7-10th of the following month. If there is a significant difference between the estimated and finalised amount this can be due to invalid click activity or traffic quality issues (although these are just two of many reasons it appears from reading).

Generally speaking I do not get a great deal of invalid click activity - last month being an exceptional one for me when I noticed strange behaviour going over three days. But, if you are getting 17 clicks with 15 cents, you can safely assume you are experiencing invalid clicks.

I hope this helps you. I would suggest referring to the suggestions by @Publisher1 in this thread. He has far more experience than I and the answers you need are there.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/11/11 12:25 PM
Yes i am agree with you..but there is no solution for invalid clicks only remove website from allowed site...

I think after adsense new interface invalid clicks are in more notice due to CPC.
Re: The crash course emergency strategy for click bombing attacks fembat 7/11/11 12:29 PM
You can take certain precautions - ensuring your site is compliant to adsense terms and you are not unwittingly causing invalid clicks by positioning etc. But yes, if you suspect click bombing is at work (ie getting clicks in sufficient numbers) you can remove website from the whitelist.
Re: The crash course emergency strategy for click bombing attacks Beahan 7/12/11 8:49 PM
If you want to protect your adsense account then contact me. Most especially with gwebmaster and to all publisher who rely most of their income on Adsense.

I just have a javascript to detect the click bomber and ban the IP Address automatically after 9 clicks. I almost give up trying to create this little but powerful script just to protect my adsense account. Just like with "gwebmaster" im going to flip out if my adsense account will ban again. But thanks to my script.

Believe it or not, but Google will not help you if somebody will click bomb your account. And it is true, according to Publisher1 that the publisher has the sole responsibility of the click bombing.

I will not sell my script for a cheap price so please don't try to contact me if you're just a small publisher with little income. I will not accept payment if you cannot try my script first.

Contact me on this email add: beauhan02 [at] gmail.com
Re: The crash course emergency strategy for click bombing attacks Beahan 7/12/11 9:28 PM
I can't believe my message was being deleted. I am just trying to help publisher like me.
Re: The crash course emergency strategy for click bombing attacks fembat 7/12/11 10:31 PM
I think the issue was it read exactly like a sales pitch which, I believe, may be classified as spam here. Quite correctly.
Re: The crash course emergency strategy for click bombing attacks Beahan 7/12/11 11:09 PM
Yes you are right, "like a sales pitch". I'm just trying to help a publisher. But anyway if this is not the right place then I don't care to help you guys anymore.

Everyone here is screaming about how Google can help them. But unfortunately Google can't. Anyway it's all your account and I don't care now if you don't want my script. Before there are lots of script on the internet but they are all useless.

Mine is simply amazing and it works great to combat click bomber.
Re: The crash course emergency strategy for click bombing attacks StevenG 7/13/11 11:37 AM
I'd like to throw something out there I realized not so long ago.

Sometimes invalid clicks are happening due to the ad itself.

There are ads that appear to be forms when they're not, so people click on them assuming a drop down menu will appear and they'll get some options to click on. Well after they click, they are taken to the ad's landing page. It's very deceptive and some of the invalid click behavior could be nothing more than the deception of the ad. They seem like they were maybe a form ad at one time and lazily converted to a standard graphical ad. They most likely will cause visitors to click on the ad, realize they're not being given options and leave in one way or another. The behavior of the visitor could be seen as creating an invalid click and if the ad runs a lot of the site, it could appear to Google that your site is causing harm to it's advertisers, when in fact it's the ad that's causing harm to the publisher.

Google does a piss poor job at policing it's advertisers as they had to sue a bunch of rogue pharmacy sites just to get them to stop using Adwords to scam people. Yes, they were able to keep on creating Adwords accounts and run similar ads to the last batch and Google apparently couldn't keep them off Adwords from doing so. So with this revelation it really makes you wonder if the ads could be the cause at times for some publishers to be banned unnecessarily.
Re: The crash course emergency strategy for click bombing attacks fembat 7/13/11 12:00 PM
I think you could have a point there. I have seen the ads you refer to.
Re: The crash course emergency strategy for click bombing attacks rinaqw 7/13/11 12:10 PM
Yes Right stevenG, Many time i saw scam sites are coming to ad word and advertise...

Even many times links ads are same as the content.. i means its exactly same.. People thinks its a useful link, but they found some crap site..They come back and try again that also cause invalid click..

I also seen many blogspot crap blogs on adword ads...
Re: The crash course emergency strategy for click bombing attacks StevenG 7/13/11 1:39 PM
So it really begs the question if Google takes into consideration what ads displayed and if it could be the ad that's causing the invalid behavior or not. Imagine if that's all it was? Boy would the lawsuits start up like wildfire.
Re: The crash course emergency strategy for click bombing attacks fembat 7/13/11 2:16 PM
I´d really like to see if there is a correlation between particular ad types and a high frequency of invalid clicks. Now THAT would be an interesting report and could give you the answer you are looking for. Now I know its never going to happen but it would be interesting reading - and yes, I can just imagine the lawsuits wanting to take advantage if that were to happen! ;)
Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 1:07 AM
It took me about a week to find the IP who was click bombing one of my sites, i didn't get any email from Google about this issue. I reported each day about the bombing, that guy did it almost everyday for a week, 100+ clicks per day.

My RPM was the same so Google didn't count those clicks and i didn't had to disable my websites and loss income.

I think it's not a good idea to disable your sites when you are being click bombed, Google explain in their FAQ that they can see who is really clicking and who is cheating the system.

I finally banned the bomber with my htaccess. Clicks never showed up on statcounter, only on my adsense account. I believe he was using a program to click.

I still have my account, never got disabled or warned. I'm not a big publisher, i'm making just few thousands $ per month. It would be too easy to ban competitors if you could just click just a hundred times everyday for a week on their ads with a robot or whatever.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/4/11 3:01 AM
Based on what I see here from others who have reported their accounts disabled after clickbombings, you were lucky.  As disabling is generally a lifetime thing, the cost of lost revenue while the attack is under-way is far less than the potential risk to your account.  I wouldn't assume that Google will be "nice". The temporary self-banning through the use of the allowed sites function also helps in diagnosing the source, especially if for some reason it is invisible through statcounter or other services.  If you had followed the advice here, you may have been able to isolate and stop the attack much more rapidly than you did.

For many publishers who are disabled "a few thousand dollars a month" in income would not be considered 'small'. 
Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 10:25 AM
I don't believe Google could ban me because a competitor did arround 500-700 fraudulent clicks on my ads for a few days, as i said, it would be too easy to ban anyone from adsense. And i also didn't get paid for those clicks from the first day, they just spotted them from the first click. I also reported them each day, i did maybe 4 or 5 reports telling them those clicks where incorrect and that i didn't know how to stop this.

People who got banned i believe they had just a few sites with little traffic and no real competitors. So why the hell would someone hurt these people with very very small sites ? A guy with a blog and 5 visits per day, would you believe he has enough ennemies to bomb his account ?

The last day i found that Google was showing clicks by countries... shame on me i didn't see this feature before, then i saw A LOT of clicks from spain where i have absolutely no business and i found the bomber on statcounter even if the clicks never showed up there.

And i really don't wanted to stop adsense on my main site because we should never surrender to terrorism like that. I had a pretty high CTR from those fake clicks but i was still making my NORMAL income, so i believe everything was just fine.
Re: The crash course emergency strategy for click bombing attacks fembat 8/4/11 4:36 PM
"I think it's not a good idea to disable your sites when you are being click bombed, Google explain in their FAQ that they can see who is really clicking and who is cheating the system."

I disagree on this point - mainly because I have spoken to so many people who failed to remove the sites from the allowed list and take action quick enough and ultimately adsense did disable their accounts. Just because they can see who is really clicking and cheating the system doesnt mean to say they will not disable an account if it is deemed too high a risk - very few know the permissable margins as it is kept under lock and key but you can guarantee there is a cut off point when an account is considered too high a risk. They expect you to take action and police your own site.


"I don't believe Google could ban me because a competitor did arround 500-700 fraudulent clicks on my ads for a few days, as i said, it would be too easy to ban anyone from adsense. And i also didn't get paid for those clicks from the first day, they just spotted them from the first click. I also reported them each day, i did maybe 4 or 5 reports telling them those clicks where incorrect and that i didn't know how to stop this."

I have known accounts be disabled for fair less and they too were high traffic sites.

If I were you I would not rely too much on your belief adsense will not disable you for the fraudulent clicks - personally I think Publisher1´s recommendation are the best policy - and since he has significant experience of dealing with this very issue I would be inclined to follow his advice.

Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 5:04 PM
I have nothing to fear as i did nothing wrong. Then if Google decides to disable my account because of this that's mean their system is just not good enough.

They have a lot of data and i believe if someone get click bombed and disabled most of the times we can think that he deserved it.

They click bombed two different sites, they were really trying to get me banned. The last day was the worse and they changed the IP, the first ip they used was from Spain and the second from Belgium. I have nothing to do in those countries, i'm in Thailand and my websites are French.

If you disable your urls you will let them win, you will not make any money also for REAL clicks. Google can handle this kind of problems i believe. I readed their FAQ and it's stated that they will count REAL clicks even if you have incorrect clicks at the same time.

If i'm wrong i would hear it from a Google employee, should we ban our making money sites if someone is trying to get us banned by click bombing hundreds of times per day even if the RPM is still almost the same so the incorrect clicks aren't really counted ? I have my account for 8 years now since December 2003, they know i wouldn't make anything stupid to get 1$ more at the end of the month by trying to click like crazy with the same IP, it's just too stupid to be real. I also reported the fake clicks every day telling them i had installed statcounter but clicks never showed up there so i had no idea how to find the IP of the guy who was clicking.

And i saw the new feature that show clicks by countries... my customers are mostly from France and i had something like 80% CTR for Spain, then i searched for Spain Ip's on Statcounter and i found him.

Do i deserve to be banned from adsense ? I don't think so.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/4/11 5:37 PM
AQCdotCom you are free to take whatever risk you wish, but some background to how this thread came to be -- and the reasoning for my advice -- is in order.

I was clickbombed because I called a scammer on these threads out.  I didn't identify him or cause him direct harm, but he decided to prove that he could defeat me with a vicious, intense, and extended attack.

I wasn't leaving anything to chance.  As the problem accelerated, and recognizing that the most important issue, from the point of our own "client service" to Google (and in this context, Google is our client), I decided I would not risk generating income if it included potential revenue from the click bomber.  I put the interests of AdWords advertisers first, ahead of my own economic circumstances.

Unfortunately, despite these measures, I discovered a rather serious glitch in Google's systems.  Even with the Allowed Sites function set up to deny revenue, some money flowed into my account, every day.  I will never say publicly exactly how this happened, but reported the matter in a daily report within a private forum not operated by Google but accessible to Top Contributors and certain other frequent posters who are invited to be there.  (This allows a useful conduit for information and knowledge sharing.)  Several Top Contributors reported the problems I was experiencing to Google staff through the internal systems available to TCs. Of course I also reported the matter using Google's standard invalid click reporting forms. 

An AdSense employee sent me an email advising that, indeed, I was doing everything right and not to worry.  However, he said he and Google's engineers were, as well, stumped by the anomoly generating income in my account.

I finally was able to get the click bomber to stop and reported this fact to the AdSense employee.  He responded by asking if I would mind posting my experience to help others with similar situations.  So, while my observations are not "official" Google policy, they arise because Google staff asked me to post them!

The AdSense employee then made an adjustment to my account, removing the click bombing earnings that had accumulated, and authorized my monthly payment.

Two weeks later, wham, my account was disabled.  It seems the bots caught up with the irregular income that I had accurately reported and which I could not stop.  The email I received was the dreaded "risk of potential harm" one that is virtually impossible to fight because it is nebulous.  Worried that I was gone for good, I sent an email to my Google contact.  Thankfully, in part because of the rather overwhelming evidence of innocence in my hands -- and because, in effect, I was attacked for my efforts to help around here -- my account was restored.  A couple of weeks later I received the Top Contributor nomination.

I cannot overstate the fact that while you might wish to trust the bots to do the right thing, they are bots.  If Google disables your account, you can only hope your appeal is successful.  I think your chances will be much better if you proactively have shown you put the interests of the advertisers ahead of your short-term revenue.  I simply think it is a foolish risk to take to allow income to flow into your account when you are being bombed, if you haven't been able to isolate and stop the unwanted revenue yourself.

Obviously, there is more tolerance for sites with high volumes than low volumes.  In the case of a high volume site (and in fact, in any click bombing situation), if you can clearly isolate and solve the problem by restricting access by certain countries or sites etc. promptly, and you report the matter, you have effectively stopped the problem in its tracks and thus don't need to self-restrict yourself from the Allowed Sites function. In the early stages of the attack, I tried just those solutions -- but the bomber set me up with a wild flurry of link exchange services and other devious devices to really push the questionable traffic.  "Allowed sites" allowed me to sort out the problem, diagnose it, and ultimately solve it -- and provided evidence of my sincerity when some unwelcome income still arrived in my account.

My advice applies if you have not been able to diagnose and isolate the problem and been able to prevent harm to AdWords advertisers because of it.
Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 5:59 PM
I see your point, but i didn't had any more revenue, those clicks earned almost 0. Taking this into consideration i believe advertisers didn't loss any money, maybe a few cents. They disabled your account two weeks later after this problem ? This could be a problem if i get disabled in two weeks also. They have all evidences that it wasn't me.

It's risky to make money with adsense if you can get disabled like this, for really nothing just because one single guy want to take you down.

The click bomber did a lot of clicks the 20, 21, 25, 29 and 31 of July 2011. On 31 of July he bombed another of my sites with another IP in another country.

My sincerity was to report each day those clicks, i also installed StatCounter (premium account that i need to pay each month). And if they want to cancel all my earnings for those days i will just accept it, even my real earnings. For the moment i still have my adsense account.

I hope it will be enough.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/4/11 6:04 PM
Well, as I explained, the bots sometimes catch up after the event -- and just because you have zero revenue from the invalid clicks, this is not a good sign.  It is a sign that Google has detected invalid clicks!  The bots add up the numbers and if you have too many invalids, you are in trouble.  Your reports may help you of course, but I've simply advocated being proactive on the matter.

Again, if you can stop the actual clicks from registering by blocking them through httacess or other devices, this is quite okay -- and there is no need to self-restrict your income.  But please don't assume just because Google didn't "count" the invalid clicks as income you are scott free -- you are, I'm afraid, playing Russian Roulette with your account. 

And yes, AdSense is risky.   I would never stake the majority of my income on this program.  Diversified income sources are essential for anyone in business.
Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 6:40 PM
I still believe if i get disabled by a bot that all i did will be enough to reactivate the account when a real person will take a look into the issue.

The problem i see with your technic is the sincerity of deleting a url and adding it up again later and again 10 days of revenue is not nothing. The url has nothing to do with the clicks, by deleting your url from your account you are telling Google that this url may be dangerous and it's still showing your ads. This is how i see things. I'm maybe wrong. I still believe Google is not just a bot who ban people because they detected something.

Do you really think they disable accounts without even take a look into it and the reports that have been done with the publisher ID ? If yes then we all here need to run far away from the service because no one will be safe with a system like this. I believe and i hope every disabled account is reviewed with all the reports before take a decision like that.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/4/11 6:51 PM
I'm afraid I believe the bots are quite automatic about the disabling process.  Human review occurs after the fact, on appeal, and that can take weeks. 

This program is highly automated.  Computers act first, and then, sometimes, humans review.  The invalid activity reports, the nature of your appeal, and everything else can then be considered -- but I would rather avoid needing to appeal and prevent the disabling in the first place.  The cliche "better safe than sorry" has merit in this situation.

Yes, it is an insecure system, but it isn't hopeless.  As far as I can tell, no one from Google staff has contradicted my advice -- rather, Google staff invited me to be a Top Contributor.  This status has earned me an all-expenses trip to Mountainview in September.  In other words, while I don't have the magical formula to know exactly what goes on behind the scenes at Google, I'll stand by my original advice.  If you don't know and can't stop the invalid clicks (even if Google rates them at zero), you should pull your sites from the allowed sites function until you can isolate and stop the problem.


Re: The crash course emergency strategy for click bombing attacks Joooh 8/4/11 8:12 PM
Any advice on what i should do now ? 5 days without bombing, still earning income, the ip of that guy is banned in my htaccess.

I don't know if he will try again soon or later. I want to make sure i will keep my account safe and enabled. I don't want to get banned because of 1 people.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/5/11 2:58 AM
Well, if the problem is solved by the banning of the htaccess, there isn't much more you can nor should do.

I've observed that the "significant risk" email often occurs at the time of payment processing for the following month.  So if you make it through that, you are probably okay.

In my opinion, the ideal situation (if there is one) is to be able to truly satisfy yourself that you know who the bomber is, and you have taken measures to ensure the problem won't recur.  Often these are not technological but are personal. (I reached the bomber's facilitator who, on discovering the problem I was having, read the riot act to the trouble-maker.  He stopped.)

You may have dodged the bullet.  I intervened into your responses to this thread because frankly I thought you were giving dangerous advice on a challenging topic/problem.  In truth, I have only seen a handful of non-YouTube click bombing "victims" in the past year who didn't have other skeletons in their (site and practice) closets.  The YouTube situation is more complicated in part because the Allowed Sites function doesn't work for these individuals.


Re: The crash course emergency strategy for click bombing attacks Joooh 8/5/11 12:09 PM
My site is just getting bigger everyday in a very difficult market and i posted some messages on a forum. I believe the bomber got jealous about this and tried to get me disabled. I still don't know what is his name but i got his ip, i banned his ip, and i know what happened.

My monthly income for july is ok, the message on my account say i will get paid on 31 August.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/5/11 3:34 PM
That's a good sign.  Generally, I think you are okay if you can quickly stop the click bomber from causing harm to advertisers by blocking the site.  But if you cannot isolate nor stop it right away, then use the allowed sites function to temporarily "disable" yourself until you solve the problem.  You don't want to have to appeal an auto-bot "account disabled" email -- the time waiting for an answer will probably be far longer than the revenue you lose by denying income temporarily.  And do what you can to organize your affairs so that you don't "need" the AdSense income to survive. 
Re: The crash course emergency strategy for click bombing attacks Joooh 8/5/11 3:48 PM
Well i'm starting a new company in Hongkong, this will allow me to have a second adsense account (personnal + business) and i will divide my business in two. I'm also trying to work with different advertisers but for some sites only adsense will work. My sites are all clean as i check them regularly on the french forum with some TC to make sure everything is ok.
Re: The crash course emergency strategy for click bombing attacks StevenG 8/5/11 4:45 PM
Basically any deductions that are necessary should only deduct out if necessary when your earnings for July are finalized. But use the allowed site function to stop anybody from using your ad code. Then you can immediately even stop your own sties from being authorized in a flash and prevent immediate harm from happening.
Re: The crash course emergency strategy for click bombing attacks Beahan 8/5/11 5:46 PM
@AQCdotCom
 
The only solution to your problem is to create a javascript program to prevent click bombing.
 
If the click bomber will continue to attack your site you will probably banned. 500-600 I think is not that big to be banned from Adsense. If the clicks reach around 5,000 a day then that would be the time you will get banned.
 
Hope you will survive.
Re: The crash course emergency strategy for click bombing attacks Joooh 8/5/11 7:14 PM
Everything seems to be normal for 5-6 days now. July earnings are finalized also, the bombing occured in July.
Re: The crash course emergency strategy for click bombing attacks fembat 8/10/11 7:01 AM
Not to put a dampner on things but I have noticed that people can often be disabled when the payment processing begins around the 15th - this occured with a couple of my design clients a couple of months ago - disabled around the end of the month during payment processing for something which, they believe, occurred during the previous month.
Re: The crash course emergency strategy for click bombing attacks Joooh 8/10/11 8:01 AM
When final earnings are calculated they are finalized and approved. I just had 13$ less than expected on my final earnings, they reduced the incorrect clicks, that's all. I also sent them another email to explain how i reduced the problem by banning the bomber IPs by htaccess deny. I'm also monitoring my account every hour when i'm awake, when i see the bomber trying to click with a new ip i ban him again. I also upgraded to 49$/quarter on StatCounter.

This month (August) i had only 16 incorrect clicks from the bomber, my goal is to reach 0 incorrect clicks on my account by the end of the month.
Re: The crash course emergency strategy for click bombing attacks fembat 8/10/11 8:04 AM
"When final earnings are calculated they are finalized and approved."

That may be the case for earnings but accounts can still be disabled for issues on a previous cycle.
Re: The crash course emergency strategy for click bombing attacks djanpk 8/17/11 11:46 AM
I read half of 1st page of discussion but here everyone responsible for there account protection..
My Question is that why Google is not doing some thing for publishers in this matter??
If Google do a little work for this problem 1000's of publishers can sleep without any fear of invalid clicks..

As i noticed here there is no reply from Google in this topic which is under discussion since 6/15/2010

Where is Google??

Or 

Google don't need Publishers??


Or

Google saving money gotten from blocked accounts??



Google Must Take some responsibility to solve this problem..

Waiting for reply some official person from Google??
Re: The crash course emergency strategy for click bombing attacks fembat 8/17/11 12:09 PM
It is unlikely there be an official response from google on this issue since threads only really obtain their attention when they are flagged by a TC.

I think we would all like to be in a stronger position with regards to Invalid clicks but it is more our responsibility to oversee out sites than Google´s. Our webspace = Our responsbility.


Re: The crash course emergency strategy for click bombing attacks StevenG 8/17/11 12:32 PM
It's not like Google made a website and attracted the click bombers, so I agree.
No publisher wants to take responsibility for when an attack occurs, ok, I get that.
But how about taking responsibility to stop it, even if it means turning off the ads, the site, or whatever?

Re: The crash course emergency strategy for click bombing attacks fembat 8/17/11 12:37 PM
I think it would be great if their was some automatic mechanism which disabled ad serving (or at least prevent further damage to the account) to a site if a suspected click bombing is active - or similar. It would come in extremely handy to stop a click bomber in their tracks.
Re: The crash course emergency strategy for click bombing attacks Publisher1 8/17/11 12:44 PM
Google's response to this discussion I suppose is they made me a "Top Contributor".

One problem is that some people whose accounts are disabled and may have had help from a friend (or even themselves) then go out and say "I've been click bombed".  In the incident which led to this thread, the bomber in fact posted on the forums saying that I had managed the perfect scam of Google -- I would claim I've been click bombed and pocket the money, the bomber asserted. 

Of course Google can and does stop revenue from invalid clicks in most circumstances. (I had a special problem in that even though I tried every way to prevent revenue flowing, by using the "allowed sites" function, some cash still found its way into my account.  This won't happen in most click bombing situations.)  The problem is that publishers still are responsbile for our accounts and we simply need to take measures to protect them.  We can, with the allowed sites function (though this solution doesn't work for YouTube, which continues to be a challenge.)


Re: The crash course emergency strategy for click bombing attacks rinaqw 8/17/11 12:47 PM
As long as i know. If your website Content is good. There are very low chances of Click bomb attach.

My suggestion to all publishers is Allowed site function.
Re: The crash course emergency strategy for click bombing attacks fembat 8/17/11 1:07 PM
@rinaqw "As long as i know. If your website Content is good. There are very low chances of Click bomb attach"

It has absolutely nothing to do with your content. A click bomber can happen to anyone who just happens to attract the attention of someone, for their own purposes, decides to click your ads repeatedly in a bid to have your account disabled. It can happen if your content is good - especially if someone decides to attack your site out of spite, such as a competitor.

@Publisher1 True and I agree with you. But I do not seem the harm in speculating as to how our jobs could be made a little easier.
Re: The crash course emergency strategy for click bombing attacks rinaqw 8/17/11 1:15 PM
@fembat

Actually your are right.. But what to do ?? All publishers are in same vain.....

Google must take action against this issue...This is the best method to get win over competitor...Which is not good at any cost...
Re: The crash course emergency strategy for click bombing attacks StevenG 8/17/11 1:18 PM
I don't see the harm in coming up with ideas on how to help publishers ward off an attack automatically either.

You would need to build an ad server that not only could distribute the adsense code to your site so that Adsense could display an ad, but also moderate if and when that ad code served up in the first place. So you could essentially create thresholds to when the ads would stop and for how long, for example, if too many clicks happened by the same visitor, or by all visitors on your site.

Perhaps somebody that knows how to build an ad server and somebody over at statcounter could collaborate on a system like that.
Re: The crash course emergency strategy for click bombing attacks rinaqw 9/29/11 2:10 PM
Hello Publisher1, StevenG and all TC
Today My Google Adsense account is disabled due to invalid click activity. I am loyal Adsense Publisher from 1 year. I check my stats and account regularly, But today i got this email.

After reviewing our records, we've determined that your AdSense account
poses a risk of generating invalid activity. Because we have a
responsibility to protect our AdWords advertisers from inflated costs due
to invalid activity, we've found it necessary to disable your AdSense
account. Your outstanding balance and Google's share of the revenue will
both be fully refunded back to the affected advertisers.

Please understand that we need to take such steps to maintain the
effectiveness of Google's advertising system, particularly the
advertiser-publisher relationship. We understand the inconvenience that
this may cause you, and we thank you in advance for your understanding and
cooperation.

Please All T.C and Google Employ Help me to Reactivate my account. Here is  my account PUB ID
pub-1861164193864794

Also tell me How to fill appeal forum??
This is my Forum post http://www.google.com/support/forum/p/AdSense/thread?tid=2fb858ac3c083c58&hl=en

I follow all emergency strategy for click bombing attacks and even i am using stat counter for my websites still my is disabled due to invalid click why ? I also daily check my account,i don't found any click bomb activity in my account. Even my 90% traffic source is from Google Search.
Please help me to reactivate my adsense account like publisher1. I am a old adsense publisher and i do around 3000$ above advertising business every month.
Re: The crash course emergency strategy for click bombing attacks StevenG 9/29/11 2:16 PM
The most common reasons for an account to "pose a risk" and not what we were talking about in this thread, which is actual "invalid click activity" is there are violations either by traffic source, ad placement, or something else to do with either ad placement or content violations (broken links, unacceptable content, etc.).
Re: The crash course emergency strategy for click bombing attacks rinaqw 9/29/11 2:20 PM
Ya its clearly says that its a invalid click activity !! But i don't know which type of invalid click activity has done in my account. Every thing is same as before. please SteveG suggest me what to do now ?
Re: The crash course emergency strategy for click bombing attacks StevenG 9/29/11 2:24 PM
In other words, Google isn't saying you had any invalid clicks that caused them to ban you, but that some or possibly all of your pages have the potential to do so. Basically you have to look over your site, find the problems, and fix them, and then file your appeal. If you cannot do so or will not do so, then you're done with Adsense for good. If you find none, then you can still file your appeal, but if you were wrong, then Adsense will turn down your appeal, for which their decision is final. So I hope you can find what the problems are, as Google isn't going to do that for you, or even tell you what they are as if they kept on telling us publishers what they are, then maybe we find violations we could get away with that Google couldn't detect so easily. Basically they give us a set of rules, and so you must use those same rules to determine what is wrong with your site.
Re: The crash course emergency strategy for click bombing attacks rinaqw 9/29/11 2:37 PM
Thanks StevenG, I am using Adsense code into my 2 websites one website is with full privacy-policy page and one is not
Is this also cause my account disabled ??
If i resolve all website issue with appeal forum then i got back my account with all amount in it ??? Have u seen any people, who gets it !!
I have full faith to do best from mine side, But many one says me that its nothing or waste of time, Google don't reactivate account in most cases.

What to do now. I need to fill appeal forum in 48 hour  ???
Re: The crash course emergency strategy for click bombing attacks StevenG 9/29/11 4:22 PM
You need to go over all the rules of Adsense and fix the ones that you are breaking.
Having a privacy policy is one of them, but Google has only been temporarily suspending ad serving for that, so while it's one of the policies your broke by not having one on that one website, while you had one on the the other, I'm pretty sure that's not what they are talking about.

If you need further help from the public, then you need to create your own question, as we're having a discussion that differs from your problem as your site only posed a risk, it did not actually have invalid clicks, it was banned for posing a risk to possibly generate invalid clicks in the future.
Re: The crash course emergency strategy for click bombing attacks rinaqw 9/29/11 8:53 PM
Thanks StevenG. Here is Question
http://www.google.com/support/forum/p/AdSense/thread?tid=2fb858ac3c083c58&hl=en&fid=2fb858ac3c083c580004ae20881a5b81
Re: The crash course emergency strategy for click bombing attacks thesickearth 10/3/11 10:18 PM
I noticed a visitor from Italy, according to statcounter.com he made 27 or 29  clicks  in 2 visits within an hour or so  --  there are no clicks  recorded in my Adsense account as a result of this-- should I report this  or not?
Re: The crash course emergency strategy for click bombing attacks Shaft1234 10/6/11 9:03 AM
Google;
 
It took nearly 20 minutes to sign in here...I almost forgot what I wanted to say..but I remember in part..This whole deal of "adsense" is "nonsense". Simply put.. get rid of paying buy the clicks and set a standard amount per month..
 
I know..you can't do that because you need to know how much traffic is on a site..Why do you sponsor a dead site and plaster adds all over the internet on dead sites?
 
You want to dominate the net but have "no common sense" on such a trival matter as this really is.
 
Stop with the hit counter on the ads and be paid by advertisers monthy..Pay your hosts a set rate monthly also. Also get rid of double click dot net and stop loading ads in users "index dot dat files".
Re: The crash course emergency strategy for click bombing attacks StevenG 10/6/11 11:50 AM
Shaft1234,

There are so many reasons why charging advertisers a flat rate through a system like Adwords would be a bad idea. If you were using doubleclick you could actually charge advertisers a daily rate, or per impression, or even per click. So perhaps you should look into using that.
Re: The crash course emergency strategy for click bombing attacks ExtremeGaming 10/13/11 10:20 PM
Currently I am waiting on approval for Adsence to begin to show on my blog

For now I only have one active website, but never the less I am trying to get all my ducks in a row.

You gave advice on if we strange behavior to remove all our sites from the allowed list except for one "hidden" location.
What is purpose of keeping a hidden page with an active Adsense on it and what does that provide?
Also, I do not believe there is an option on blogger to do this, you can either allow all traffic or none, So what do I do about that?

Is there a certain format we use in the allowed list?, in other words, so we need the http, or will just the domain@com, be good?

If I were to remove my site from the allowed list, will I see any behavior in my Adsence dashboard that they are still clicking the ad?

I am sure my stat counter will show the IP leaving, over and over right?

Lastly, couldn't we just block anyone on a proxy from even entering our sites?
GPT sites all have it installed on their sites.

 
WebRep
Overall rating
 
Re: The crash course emergency strategy for click bombing attacks filipinoachievers 11/5/11 2:25 AM
The best solution to this kind of problem is to find someone who knows how to write a working script that will protect us from click bombing. We have a lot of programmers out there to help us out with this kind of problem.

I have been a victim of click bombing and it hurts a lot because I have put all my resources and time to have a huge following but was just gone away after a click bomber attacked my site.

As a blogger I am willing to pay extra amount just to buy a kind of script that will worked against click bombing. It's an investment that will surely assured us of constant income.

Thank and GOD BLESS.
Re: The crash course emergency strategy for click bombing attacks Publisher1 11/5/11 2:42 AM
flipinoachievers,well, yes, if you can resolve the fact that the solution to controlling click bombing at the receiving end will need to be customized depending on which system hosts your account and whether you actually can control it.  As well, finding the software after the fact won't do your account one bit of good -- your account will still not be restored.

One additional note regarding responsibility:  If your site is prone to click bombing, because of its content or the pecularities of your competitive environment, then it simply may not be suitable for AdSense.  Advertising-supported publishing generally needs to either (a) steer clear of controversy and opposing passion or (b) be strong enough resource-wise that it can sell its own ads and fend off unwelcome intruders.  As a working publisher who earns most of my revenue from advertising in a specialized niche, I know there are some topics which are too hot to handle and even then occasionally get my hands burned. 
Re: The crash course emergency strategy for click bombing attacks suk51 11/18/11 1:35 PM
hello all, 

from yesterday and today i am getting lot's of clicks on one of my allowed site.i probed today and came to know that all clicks were from india.so currently i have removed all the ads from that site.but i am not able to find the clicker's IP address....so any solution to stop this??

"THIS IS HAPPENING ON ONE OF MY ALLOWED SITE"

.............:(....:(....:( PLZ HELP
Re: The crash course emergency strategy for click bombing attacks suk51 11/18/11 1:37 PM
is there any way to know the ip address of the clicker's???
does statcounter show ip of a click bomber?
Re: The crash course emergency strategy for click bombing attacks StevenG 11/18/11 2:08 PM
sukrut,

Yes, statcounter does.
Keep in mind that even sometimes statcounter may miss or report clicks that do not happen.
I'm not sure on why this happens, maybe the people who wrote statcounter do, but it's the best option in my opinion.
Re: The crash course emergency strategy for click bombing attacks suk51 11/23/11 8:16 AM
thanks StevenG for fast response..

well let me tell you that i came to know about that clicks from google adsense reports not from statcounter.i started using statcounter since last two days and it is showing ip's of all the visitors BUT .....

but the question is HOW CAN I FIND CLICKER'S IP??? I MEAN HOW CAN I KNOW WHO CLICKED ON ADS???? and as far as i am concern these clicks are done from any real human and not by any tiny program or bomber...ANY SOLUTION????

THANKS IN ADVANCE....;)
Re: The crash course emergency strategy for click bombing attacks Jayps 11/23/11 8:56 AM
@sukrut

did you try the script that can be found at this site: adsenseprotection.com? It says that it can detect ip address of the click bomber.
(unknown) 11/23/11 9:02 AM <This message has been deleted.>
Re: The crash course emergency strategy for click bombing attacks StevenG 11/23/11 11:55 AM
sukrut,

I believe it's called exit links in statcounter or something like that.
It shows you the ip address of everybody that clicked an exit link on your site, which basically is any link that doesn't lead to an internal page on your site.
Re: The crash course emergency strategy for click bombing attacks suk51 11/24/11 2:18 PM
hmm, this seems helpful many thnks to you @ StevenG

@Jayps...script you told seems interesting but what it does actually?not much information is available on website you gave. and doesn't it violate google adsense TOS?

is there anything else we can do with this fraud clicks??

i mean can we write some code which detects if  X clicks clicked in X times from X ip then ads will disappear or ip of user will be blocked or something.......?

thank you all for your valuable responses.....:)
Re: The crash course emergency strategy for click bombing attacks suk51 11/24/11 2:19 PM
and is this kind of mechanism allowed by google adsense TOS?
Re: The crash course emergency strategy for click bombing attacks StevenG 11/24/11 3:08 PM
Basically what you would need to do is detect the attack and stop the ads from ever hitting the page.
That would be the ideal ad protection script.

There are scripts out there which hide the ads from view and that's not the same as not allowing the code to hit the page at all, and is against Adsense terms of service. Basically you need a way to track that a click to an ad was made so many times from a single ip or too many clicks in so much time from all ip addresses and your script then does not load up the Adsense code to the page at all for a preset time, say 30 minutes or so.

You'd think if anybody could create such a script that would work like that it would be Adsense, or perhaps somebody from statcounter since they can obviously detect clicks from Adsense ads.

While the script that was mentioned before seems like it might work, the demo didn't give me hope that I should shell out almost $100 to see if it will work for what I exactly need it for, which is to either display alternate ads or no ads at all when an attack is detected.

I think the creator of that script should be selling it for $10 at most because I'm going to assume it's not selling like hotcakes at $100.

Basically we all need a script within a script, and the primary script determines if the secondary script is displayed on the page or not for which the secondary script is the Adsense code or whatever ad network you are using. It's like having your own ad server to determine if an ad code should display to the page or not so that a browser can execute it and display ads.
Re: The crash course emergency strategy for click bombing attacks Jayps 11/24/11 4:02 PM
@sukrut

I actually contacted the author of that website and he says that it does not violate the adsense TOS since it will just simply ban the ip address on the visitors in an X number of clicks.

this is the example of the configuration before the click bomber ban from acessing the website:

number of clicks to ban the visitors: 8
number of unique URL to ban visitors: 13
number of unique ip address to notify you of click bombing: 2

the number 1 config is to ban the visitors after 8 consecutive clicks on the same URL.
the number 2 config is to ban the visitors after 13 clicks on unique URL. example if the visitors open www.example.com/page1 or www.example.com/page2
the number 2 config is to email the website owner that there is click bombing occur.

@stevenG

yes you are right. the script is too expensive especially for me that earn only around $200 per month. but the script has a money back guarantee. i am now saving some money so i can buy the script. anyway what is $100 if you can protect your future income?
Re: The crash course emergency strategy for click bombing attacks Jayps 11/24/11 4:14 PM
the owner just replied to my email. i ask him if the script can really detect the ip address. luckily he told me my ip address.

this is how i test the website demo at adsenseprotection.com/demo/:

after 3 consecutive clicks i can no longer click the ads. it will force you to exit the website. and i go back to the demo page and click again and it still will force you to exit the demo page. then i go back again and the website says:

This website is under maintenance.

i ask the owner what it means by this website is under maintenance because i thought the website is DOWN but he says that i am banned from accessing the website because i tested the script by clicking the ads in the demo page.

to everyone here kindly check it if it will also work on you. just try to click the ads more than 2 times and you will be redirected to the link you click. and you will be  ban after 2 test.
Re: The crash course emergency strategy for click bombing attacks StevenG 11/24/11 4:27 PM
I was able to click on the ads 10 times in a row with refreshing the page each time and the site did not stop me on the demo page by showing me I was banned or the site was down for maintenance.
Re: The crash course emergency strategy for click bombing attacks Jayps 11/24/11 4:59 PM
@stevenG

what is the browser you are using? this is interesting. because i was been banned from accessing the site after 5 click on two visits. i can email the author again for this case.
Re: The crash course emergency strategy for click bombing attacks fembat 11/24/11 8:21 PM
It didnt work as described for me either. I was able to repeatedly click the ads by refreshing the page.
Re: The crash course emergency strategy for click bombing attacks StevenG 11/24/11 8:58 PM
I'm using Firefox 8.0
Re: The crash course emergency strategy for click bombing attacks Jayps 11/25/11 4:11 AM
@StevenG

I emailed the author and have not yet received any reply.

I have tried it in firefox 8.0 and I can still access the site. But it works fine with Chrome. The important is the site still work on preventing the click bombing after 3 consecutive clicks. Though it will not prevent you from accessing the site except in Firefox.
Re: The crash course emergency strategy for click bombing attacks suk51 11/25/11 4:48 AM
thank you all..

but i think in this case google must do some trick in it's code.....because after banning your account they will not answer you at all.they've just created a BAN-sense program with stupid 
machine replies..

i can't understand why google is reacting like "hippo in the water" in this case???

EVEN IF WE GET SOME TRICK TO STOP FRAUD CLICKS WITHOUT VIOLATING ADSENSE TOS,GOOGLE WILL BAN YOU FOR SURE..BCOZ THEY ARE HERE TO JUST BAN....BAN...AND ONLY BAN...................:(
Re: The crash course emergency strategy for click bombing attacks Publisher1 11/25/11 6:34 AM
I'm not arguing against publishers exploring third-party systems to manage potential fraudulent attacks, but again re-iterate a few points:

Most publishers will encounter this problem rarely, if ever.  If you are in a situation where you are likely to face attack, then I would argue your site(s) are probably not suitable for AdSense.  (Too risky for advertisers, after all.)

Most publishers who complain about click bombing do so after the fact; it is a convenient story, but just doesn't check out in most cases.

Generally, if you are in a situation where a 'nutcase' is about to attack, you will see some warning signs.  You can take appropriate defensive measures as I've advocated here.  In the few cases of live attacks reported on this thread, I know of no disablings which have resulted.

Google will, indeed, give you a total cold shoulder if your account is disabled.  This is a giant machine and some "machines" are causing havoc with various fraudulent tricks, as well.  When you are out, you are out -- and that is the way it should be.  There are a few ways back in, but they require exceptional resourcefulness, and frankly, I don't know of anyone readmitted after click fraud issues were raised (though I have seen some cases, myself included, who survived after policy violation failures.)

Re: The crash course emergency strategy for click bombing attacks StevenG 11/25/11 3:50 PM
Jayps,

So much for that guarantee it will work. I guess he'll have to figure out a fix for that.
Not only that, but Google is always trying to thwart scripts from detecting Adsense clicks, and so what works today may not work tomorrow. That's why I think he should be selling is script for $10 and give lifetime updates for free. Imagine if his script stops working a few months from now because Google changes something in the behavior of Adsense. Is he going to refund the money then? What if he can't figure out how to get around the new changes in Adsense? Too many questions and potential problems to be charging $100 for a script.
Re: The crash course emergency strategy for click bombing attacks SEA_MUFC 12/13/11 2:05 AM
Publisher1, thank you very much for this thread.

Is the "hidden" site in the Allowed Sites list required to have AdSense Ads on it?

I'm going with the safe rather than sorry approach, so want to be sure on things.

Thank you. 
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/13/11 5:44 AM
You actually want NO ads on the one site where the "allowed sites" permits ads.  In other words, you are telling Google that ads on that site would count, but as there aren't any ads there, there is no revenue -- and thus, in the bigger scheme of things, no harm to advertisers.

Re: The crash course emergency strategy for click bombing attacks SEA_MUFC 12/13/11 10:31 AM
Thank you, Publisher1.
Re: The crash course emergency strategy for click bombing attacks Stobesy 12/16/11 6:41 AM
what happend to me is the nightmare youve all been talking about.

5 days ago i recieve confirmation of my YouTube account being linked to an adsense account. best day ever, i always wanted to work for google and youtube was my dread job. how could it be more perfect?

Well, what is sad is how i cannot moniter who clicks the ads and such, because i dont own youtube. Anyway, I take a look at my adsense before i go to sleep, looks nomal, 1.5% CTR.
so anyway, i awake to find my account is dead, and long gone.

whats sad is how vulnerable Small on-the-rise Youtube accounts really are. like i JUST got partnership and now i lose it.

just because a jealous person, or a 'do good-er' decided to bomb me with clicks .

this would also be a good time to raise another issue i have.

you say it is the publishers responsibility to watch your adsense account like a hawk,
but, wouldnt that mean youtube is a publisher? so really, if any channel on youtube gets click bombed, shouldnt it be the resposibility of that website? i find it completely ridiculous how i have lost my DREAM job, just because of a few, easily prevented OR refunded clicks. its just heartbreaking.

The only thing i could possibly do with a dead youtube is to use it to promote my music, which sharing my music on youtube, while generating no ad income, is not something i would wish for at the very most.
Re: The crash course emergency strategy for click bombing attacks Publisher1 12/16/11 8:54 AM
Well, my feelings about YouTube as a business model have been stated many times.  I think it is craps.  (So obviously I don't work for Google/YouTube.)  I wouldn't stake my life or anything but a hobby perspective on the program, at least unless I was a truly huge video publisher who could get some personal attention in the system.

Sorry, but that is the way it is.
Re: The crash course emergency strategy for click bombing attacks Stobesy 12/16/11 9:31 AM
The one thing i really want to know is, if advertisers are in there best interests, why not get their 'specialist' team to crack up some script and save the pockets of everyone,

instead theyre deciding to take away what little trust they gave us and just terminate our accounts on the spot, 

but the sad thing is i know no way of getting to them. and they dont really care of what i have to say because if they elt all the little channels in even with the code, they would only be generatin pocket money, and they cannot visualise these channels growing further.

but pub1, do you know of any way to contact or even complain of the service google provides?
the 'tell us how we're doing' button disappeared when my account was terminated, probably for obivious reasons.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/16/11 4:11 PM
I agree with Publisher1 and would like to explain that many Youtube partners have their videos spammed all over the internet because Youtube does not have adequate sharing restrictions that publishers can set. Now I don't know if they have changed this yet, but when I last looked into the Youtube partner program you were either allowed to share or not share your videos and could not pick and choose who or where your videos appeared and so when you wanted to embed your videos on Facebook and blogs and other websites you were also allowing anybody to basically post your video on a page or website that might be in violation of Adsense policy. Since it is the publisher's responsibility to insure compliance with the policies of Adsense, it is my guess that many of these bans going on may be from traffic that's not even happening directly on Youtube at all. I can't say for certain as neither Youtube or Adsense will say what exactly happened other than what is vaguely said in the email that the publisher's account was banned.

You can't deny that if we placed Adsense ads on a non-compliant site or page we'd be banned, and so the same has to be true for Youtube videos that display a publisher's Adsense code within them that generate ads. Otherwise that's like saying if I made videos and placed them myself on some porn site just so I could get some Adsense ads to show up (even if the videos were not of an adult nature, because that would break the policies of Youtube), that I would not be responsible for the policy violations, but could actually collect any of the revenue it generated while on the porn site. I could put videos up on hate sites and illegal software and movie downloading sites and Youtube/Adsense would do nothing? How would they know if I did it on purpose or if somebody else was doing it?

So where I think the major flaw could be is the sharing feature in Youtube when it comes to the Partner program . So since the publishers are not given any more information to what exactly went on was as publishers have to rule out certain things on our own to figure out what exactly could be the cause. Google has essentially left us with no information and no choice but to play detective and rule out this or that as a reason. The most obvious to me was to first determine what policies I could break of Adsense by being a Youtube Partner and how others could do that on purpose or by accident. So the most obvious to me was what sites are the videos placed and how as publishers we really have little control over that if we enable sharing.
Re: The crash course emergency strategy for click bombing attacks PeggyK 12/16/11 5:36 PM
YouTube Partners are not penalized if their video is embedded on a page that doesn't comply with AdSense policy, because, as you say, they have no control over where their videos are embedded. 

Almost all of the disabled YouTube-linked AdSense accounts I've seen people post about in the forums were disabled for invalid activity. 
Re: The crash course emergency strategy for click bombing attacks Ve3tro 12/16/11 5:38 PM
Hey guys,

Whats a number to be wary of regarding CTR %? I usually have on avaerage a 3.5%-4% CTR with about 70,000 page views a day.

Today though I've had a CTR of 6.2%, it has lowered throughout the day to tonight which is currently at 5.4% with 50,000 views.

Do I need to be worried or is this a fine number? I wondered if it had increased with Christmas coming up.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/16/11 6:14 PM
PeggyK,

I find that hard to believe because the publisher is in control over if the videos are shared out or not. Just like how Adsense publishers are responsible for not using the allowed sites feature in Adsense and somebody goes off and posts their ad code on a site that is not compliant for Adsense use. Youtube doesn't have a feature like that, but they're a 3rd party in all of this and the publisher is responsible for the content in the video so why no earth would they be given a pass to be able to put videos on any site they please?

What about if I simply spammed up my videos all over the internet on purpose? Could I then claim it wasn't me and I shouldn't be held accountable but still believe that all the income those videos earn I should still be paid even though I was violating policy on purpose for the sake of income? See that's what doesn't make sense to me. I've read no policy in Adsense or of the Youtube partnership that does not make the publisher responsible, but I've read many that do make the publisher responsible. Since I can't rule that out I have to assume that it's possible and since people do post videos of just about everybody all over the place it seems to be a likely possibility. Sure there could be a lot of invalid activity going on, and I'm sure that happens as well, but I just can't believe that Adsense would not care if it's policies were being violated just because the ads were inside a Youtube video.

Remember when employee Chris said that Google pays a publisher regardless if an Advertiser defaults on a payment and yet a few publishers have been told by Adsense employees that the deductions that are reported as line item deductions without a reason (or the reason was marked as "other") is due to invalid clicks or advertisers failure to pay up. If it were just due to invalid clicks, why give the reason of it could be also an advertiser failed to pay up? I mean it's even cited as a reason Google dosn't pay the publisher part of the money that was earned. While it's rare, I've even heard of a few publishers seeing a positive adjustment which leads me to believe that one or a few of the advertisers paid up eventually.

So there have been a few rare times when even the employees have said things that contradict the policies of Adsense.
Re: The crash course emergency strategy for click bombing attacks PeggyK 12/16/11 6:38 PM
StevenG: it doesn't matter if you find it hard to believe, it's what I was told by the AdSense policy folks. 

>> What about if I simply spammed up my videos all over the internet on purpose? 

You mean embedding your videos in other peoples' web sites? or creating lots of web sites with your videos? or something else?

The traffic rules still apply, so YouTubers cannot encourage people to click on the ads or artificially inflate impressions on the ads by purchasing views. 

But YouTube encourages embedding of videos as a way for people to promote their channels, and many Partners see a significant chunk of their earnings from embedded videos, so the policy is unlikely to change.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/16/11 8:39 PM
Traffic and clicks aside, encouragement of sharing does not give a free pass to post the videos on any site the publisher chooses, nor does it give the publisher a free pass to allow others to post their videos on sites that are not fit for Adsense use. Youtube simply does not choose to give the publisher much control over this except to allow or disallow sharing for all.

It would be like if Adsense gave us publishers the ability to publish ads on Google sites such as blogger, but if we wanted to post ads on other sites (including our own) we would have to allow anybody to post the ad code on any site regardless of what the content of the site was, and only in the case of inflated traffic or invalid clicks would the Adsense publisher be reprimanded. Content matters of the site that the ad code is being published on regardless if it's because of a Youtube video or not. In other words there is risk involved by allowing a partner video to be embedded other than on Youtube itself, but only because of the advertising contained within.


"YouTube provides our partners with a unique platform that has enormous reach in the U.S. and globally. As a YouTube content partner, we expect you to comply with YouTube’s Terms of Service, Community Guidelines and AdSense Program Policies when you create content and build your audience. Failure to comply with any of these policies may result in YouTube disabling ads from your content, disabling your AdSense account and/or suspending your YouTube partnership agreement, or suspending or even terminating your YouTube account."


So I'm having a hard time finding a policy that allows the videos that contain such ads to be on non-Adsense compliant pages/sites especially when Youtube says right on top of their policy page that publishers must comply with such policies as the Adsense Program Policies which I don't need to tell you they specifically prohibit the ads from being on pages of certain content.
Re: The crash course emergency strategy for click bombing attacks Stobesy 12/16/11 9:25 PM
the publisher can know about it after 1 day of it being on that site, if it generated alot of views, in the video statistics that show where its all embedded.

if you think about it one of the biggest things for youtube are viral videos, mainly made viral by word of mouth and sharing over other decent sites.

i dont think youtube would want to let that traffic go
Re: The crash course emergency strategy for click bombing attacks StevenG 12/17/11 2:57 AM
Of course they wouldn't. I'm not trying to say that they would.

When you don't allow embedding and somebody does actually embed the video, it says on the video "the author does not allow sharing, please visit <link> to play the video, and has a link to play the video on Youtube. So it's not like the ads won't show up if the person plays the video by following the link to the Youtube page.
Re: The crash course emergency strategy for click bombing attacks Stobesy 12/17/11 7:58 AM
i was completely unaware of these embedding options O.o
Re: The crash course emergency strategy for click bombing attacks ltechdatecktv 12/17/11 11:11 AM
Adsense just disabled my account and i don't even click on my own youtube videos. This is some crap. I Can't see why they would just disable you account and not tell you and thing in advance so you can fix it...what ever it maybe. GOOGLE PLEASE FIX YOUR SYSTEM AND LET US "THE PEOPLE" KNOW WHAT WE ARE DOING WRONG! ITS TO MANY PEOPLE GOING THREW THE SAME THING AND NONE OF US KNOWS WHY!!!! CLICK YES SO GOOGLE CAN FIX THIS! AND TREAT US LIKE HUMANS!
Re: The crash course emergency strategy for click bombing attacks PeggyK 12/17/11 12:37 PM
>> So I'm having a hard time finding a policy that allows the videos that contain such ads to be on non-Adsense compliant pages/sites especially when Youtube says right on top of their policy page that publishers must comply with such policies as the Adsense Program Policies which I don't need to tell you they specifically prohibit the ads from being on pages of certain content.

Think of it this way: the ads on a video are associated with the video which is "on" YouTube, not with the content on the page it's embedded on. 

If YouTube Partners could be penalized for having their monetized video appearing on a site that doesn't comply with AdSense policy, they would have to shut off embedding to protect their accounts.  And that would mess up a significant element of YouTube's business model: the ability of videos to go "viral". 


Re: The crash course emergency strategy for click bombing attacks StevenG 12/17/11 2:19 PM
So you're saying that if I monetized an illegal software or movie downloading site by using my Youtube Partner videos that were compliant, but on my non-compliant site, I could earn money that if I had otherwise put Adsense ads on the site by itself I would be banned? Does that even make sense that Adsense would allow such a thing?
Re: The crash course emergency strategy for click bombing attacks PeggyK 12/17/11 3:47 PM
In that case you would not be monetizing the warez site, you would be monetizing the YouTube video displaying ads.

Just embedding the video in a site doesn't generate ad revenue directly. A visitor would need to watch the video for the ads to even appear. And autoplaying the video doesn't count.  So embedding a monetized video doesn't even make sense as a way to monetize a web site.

Of course if the content of the video violated AdSense policy then that would be a problem, but videos are usually reviewed by YouTube before they are monetized, so that doesn't happen very often.
Re: The crash course emergency strategy for click bombing attacks StevenG 12/17/11 8:37 PM
I've emailed Chris about this, maybe he can clarify this. I just find it very hard to believe that a site not fit for Adsense ads can actually be monetized with Adsense ads by having Youtube partner videos on them and earning money that way.
Re: The crash course emergency strategy for click bombing attacks PeggyK 12/18/11 1:00 PM
You might point AP Chris to this thread from back in August:
http://www.google.com/support/forum/p/AdSense/thread?hl=en&tid=31bf80f5b2170d13
Re: The crash course emergency strategy for click bombing attacks StevenG 12/18/11 3:43 PM
Upon searching around the partner forum for the most current publications about policies I found.....

http://support.google.com/youtube/bin/answer.py?hl=en&answer=1312340

In that publication it says:

If we find that a partner is violating an AdSense policy and posing a risk to our advertisers, we may disable their AdSense account in order to protect our advertisers' interests. If you are in violation of AdSense policies and your AdSense account is terminated, your YouTube Partnership status will be terminated as well.

Youtube may not actively be looking for policy violations as a video I saw basically said it was up to the Youtube Community to tell Youtube about policy violations - http://www.youtube.com/watch?feature=player_embedded&v=wud2RPC8Yj0 - but that does not mean that Adsense isn't looking for such violations proactively as we all know they are.

So far everything I have read that Youtube publishes on the subject says that the Adsense policies apply. I have not read anything that comments specifically about monetized partner videos appearing on 3rd party websites and what Adsense thinks about it. I have found many places where Youtube simply says that partners are bound by the community guidelines of Youtube and are also required to adhere to the Adsense policies.

I would hate to think that the policies of Adsense can be circumvented simply because of monetized videos, and really have a hard time believing it's possible to do so without being reprimanded.

The most common reason for being removed as a Youtube Partner is in fact invalid activity, but it's not the only reason that I've ever heard of. There are some publishers that are getting the "posed a risk" emails and are not understanding why, nor is Youtube giving any further explanation other than to offer links to the Youtube community guidelines page and the Adsense policies page.
Re: The crash course emergency strategy for click bombing attacks azonie 1/27/12 5:27 AM
I have never heard of this. Does anyone have phone #
To call google
Re: The crash course emergency strategy for click bombing attacks henrilab 5/4/12 11:23 AM
I am not going to waste my time trying to get this "fixed".  Big Brother is too big for me.  My only solution is to remove all those ads that are annoying the hell out of my legitimate viewers.  How do I do this when my account is "frozen" by BB?
Re: The crash course emergency strategy for click bombing attacks Shannin 5/6/12 8:57 PM
Thank you so much for sharing this information. My acct. has been disabled for "invalid click activity", I've appealed, but after reading so many negative responses here I'm sure I personally will be exiled completely from the the program, but if I can share this to other member's of the You Tube community & hopefully avoid this from happening to them then thats great.
Re: The crash course emergency strategy for click bombing attacks doinmybest 5/7/12 3:19 PM
Wow, I am glad that you guys were able to get ahead of this type of activity before you lost your accounts.  I was totally unaware and I had recently started to aggressively market my channel on Youtube so when I saw a lot of growth I attributed to me sharing my video 50 - 100 times per day for the last 3 weeks. Suddenly my traffic was 50% coming from mobile phones and email clicks. I have never clicked my own videos. I was disabled on adsense after I had a growth spurt but I thought that that was the point. (?) Everyone should be urged to take advantage of these protective steps before they land in my position.

I hope I get my account back.  These posts are very informative.  I hope to get another opportunity to defend my account offensively.
Re: The crash course emergency strategy for click bombing attacks iffi30 9/7/12 11:37 AM
1- I uses the statcounter for tracking of user paths.
2- today i have noticed a sudden increase in clicks in adsense account.
3- when traced on statcounter i found that there are only 3 ad click activities there but in adsense there are more than 30.
4- so i cannot trace the ip or source of this problem.
5- kindly suggest some alternate.
Re: The crash course emergency strategy for click bombing attacks Ali Abrahm 1/7/13 2:17 AM
Thank you so much for the useful tips. Will definitely be more alert. Happy New Year everyone!!
More topics »