Search Engine Watch
SEO News

Go Back   Search Engine Watch Forums > General Search Issues > Search Technology & Relevancy
FAQ Members List Calendar Forum Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
Old 06-09-2005   #1
VMG
Member
 
Join Date: Jun 2005
Posts: 30
VMG is on a distinguished road
What are Hitbots

What exactly are Hitbots and why can't search engines tell if its coming from an actual human or some sort of software?
VMG is offline   Reply With Quote
Old 06-09-2005   #2
xan
Member
 
Join Date: Feb 2005
Posts: 238
xan has a spectacular aura aboutxan has a spectacular aura about
They're little programs that constantly hit a site to create fictional traffic. Its used in pay-per-click fraud quite a lot. Most blocking programs work on the basis that a human surfer will follow a number of different links in a site, but hitbots do that too now. They fake http refferrer headers. You can try to spot them in different ways, one is consecutive IP addresses coming up. Another way is your traffic going through the roof!

You can block them from your site by using .htaccess
Or you can use cookies or javascript.
xan is offline   Reply With Quote
Old 06-09-2005   #3
Jenstar
 
Jenstar's Avatar
 
Join Date: Jun 2004
Location: Starbucks!
Posts: 345
Jenstar is a glorious beacon of lightJenstar is a glorious beacon of lightJenstar is a glorious beacon of lightJenstar is a glorious beacon of lightJenstar is a glorious beacon of lightJenstar is a glorious beacon of light
They are more commonly referred to as clickbots.
Jenstar is offline   Reply With Quote
Old 06-09-2005   #4
VMG
Member
 
Join Date: Jun 2005
Posts: 30
VMG is on a distinguished road
Thanks for the info. Do you think a lot of people are using hitbots for click fraud and how do they get them? Are the search engines actually doing it as well?
VMG is offline   Reply With Quote
Old 06-09-2005   #5
mcanerin
 
mcanerin's Avatar
 
Join Date: Jun 2004
Location: Calgary, Alberta, Canada
Posts: 1,564
mcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond repute
Hitbots usually refer to programs that generate fake traffic to a site (back when people paid money for traffic, rather than conversions)

Clickbots usually refer to programs that click on certain things - typically PPC ads. Sometimes this is done on your own site in order to generate revenue, and sometimes it's done on other sites in order to cost competitors money, thus removing them from competing with you for the ad slot.

The simple ones sit on a specific computer and repeatedly click on ads, but these are usually easily detected (especially by Google and Overture) because all the clicks come from a single IP address.

Current ones run automatically on a lot of different computers, sometimes owned by the clickbot owner in question, but more often by virus style "malware" that turns the computer in question into a zombie. In short, they take over your computer and use it for their own purposes. Since this creates thousands of different computers with different IPs that have no obvious connection to the scumbag in question, they are much harder to detect.

Most "viruses" today are not written by kids playing around, or hackers, they are made by professionals that use them to make money in this manner.

Ian
__________________
International SEO
mcanerin is offline   Reply With Quote
Old 06-10-2005   #6
VMG
Member
 
Join Date: Jun 2005
Posts: 30
VMG is on a distinguished road
Thanks for the info. So search engines track the computer IP address or the Internet IP address? I heard there is software that allows you to change your Internet IP address from one computer, search engines can detect this as well I hope and see it could be click fraud?
Thanks
VMG is offline   Reply With Quote
Old 06-10-2005   #7
mcanerin
 
mcanerin's Avatar
 
Join Date: Jun 2004
Location: Calgary, Alberta, Canada
Posts: 1,564
mcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond repute
The problem with changing your IP address using software is simply the volume necessary to make it worth your while. Your ISP will have a number of IP blocks, and at the most simple level you can just type in "ipconfig - renew" into your windows box repeatedly until your ISP gives you a different dynamic IP address, then click, then do it again. The problem is that this is very slow, very time consuming and since all the IP's come from the same ISP, fairly easy to detect (what are the chances of only users from one C block clicking on one single ad group repeatedly? There is an easily detectable pattern there).

The 2nd tier PPC engines are not as good at this type of detection, so you will see it happen more on them.

To do it on a wide scale, you would have to have access to hundreds or thousands of compromised machines - comprimised either via a virus or by paying people to use their home computers to click on ads. That's usually what those "Get Paid To Surf The Web" ads you see in newspapers are all about - click fraud.

Google and Overture can detect this, too, though it's harder. Often it's the website owner that notices first - they usually have a good idea of what type of traffic they can expect, and easily notice sudden unusual click patterns.

In short, most click fraud is on a small scale - your competitor clicking on your ads, for example, or a very large scale (hundreds of compromised machines and custom software) - it's pretty hard to get into, otherwise.

It's also against the TOS of most ISP's to do this - I haven't seen a lot of action in this area, but I can foresee in the nearish future that people will be losing their internet connections over this. that should be fun, especially if a virus is doing it without your knowledge. I'm not very sympathetic to people who connect to the internet without updated virus and malware checkers, though: IMO it's contributory negligence at the very least.

Ian
__________________
International SEO
mcanerin is offline   Reply With Quote
Old 06-13-2005   #8
VMG
Member
 
Join Date: Jun 2005
Posts: 30
VMG is on a distinguished road
Why don't Google and Yahoo track the computer ip's instead of the internet ip's to track click fraud?

Thanks
VMG is offline   Reply With Quote
Old 06-13-2005   #9
mcanerin
 
mcanerin's Avatar
 
Join Date: Jun 2004
Location: Calgary, Alberta, Canada
Posts: 1,564
mcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond repute
I think you are confused as to what an IP is. There are many types of networking models, most of which are faster than the one used on the internet, which is TCP/IP, which stands for Transmission Control Protocol/Internet Protocol.

The advantages of this protocol are not speed, they are reliability and the ability to work with a LOT of different computers, especially when you factor in certain ranges of numbers that are non-routable (ie local).

The long and short of it is, from an internet perspective, there is no difference between a computer IP and an internet IP. AS far as the internet is concerned, the only one that exists is the IP address assigned to that node - what you are calling an internet IP.

I'm assuming the idea of a "computer IP" is, in the context of how you are using it, the IP address that a router or other NAT (network address translation) machine assigns a computer. Although they look similar, the function very differently when related to the internet.

Think of TCP/IP being a phone number for your office. Now, lets assume that you have 5 people in your office, but there is only one phone number. How do you keep your phones organized? Easy, you use "extensions". So you would be 555-1234 extension 2, or whatever.

Following so far? There can only be ONE 555-1234 within the entire phone system, else it would be very confusing. But there can be millions of "extension 2"'s because each one is associated with the unique phone number the phone company assigns you.

On the internet, your IP address assigned to you is totally unique. There is no other one in the world. However, you may want more than one computer to connect to that connection, so you use a NAT router, which assigns an internal IP address to a computer. This happens within the NAT and is not accessable to the internet.

Now imagine if I wanted to cost a competitor money by repeatedly phoning their 800 number and hanging up (this is similar to some types of click fraud). If I picked up the phone and dialed and hung up repeatedly, they would soon trace my call. What would happen if i started going from phone to phone in my office building? It's a different extension every time. Would that fool them? No.

Because the telephone system doesn't trace your extension, it traces your companies phone number. Therefore you are not accomplishing anything by changing your extension, anymore than you would fool someone by changing your computer's internal IP address but not it's internet IP.

Open up your windows console right now and look at your IP address.(Start>Run>CMD>ipconfig) if you are behind a NAT node, it will probably start with a 192.xxx.xxx.xxx or 23.xxx.xxx.xxx - usually 192.168.0.xxx

Now go to this website: http://www.ipaddressworld.com/

This will display your internet IP address. Now change your internal address all you want. The internet address won't change. That's why we track internet IP - we can't see the computer IP and it would not matter at all if we could.

With that IP address, I can locate your ISP and your probable city. With a warrant I can locate the customer that IP was assigned to at a specific date and time, with that I can locate you, unless you are warchalking or otherwise have broken into someone elses network.

Ian
__________________
International SEO

Last edited by mcanerin : 06-13-2005 at 10:20 PM.
mcanerin is offline   Reply With Quote
Old 06-16-2005   #10
jpchrysler
Member
 
Join Date: Jun 2005
Posts: 15
jpchrysler is on a distinguished road
There are plenty of bot-based techniques that can grab disparate IP addresses to run automated clicks through AdSense and Findwhat, etc. As long as there is an incentive, and the engines don't take steps to eliminate it, which they aren't doing, there will continue to be a lot of fraud.

But it doesn't take a sophisticated professional to perpetrate click fraud. Anybody with an AdSense account, $12, and very basic computer skills could be scamming Google to the tune of a few hundred dollars a month and the big G wouldn't notice (if you want to know how, feel free to PM me or shoot me an email, I'd rather not make it public on this forum)

Heck, they might even send you a Christmas gift.
jpchrysler is offline   Reply With Quote
Old 06-16-2005   #11
mcanerin
 
mcanerin's Avatar
 
Join Date: Jun 2004
Location: Calgary, Alberta, Canada
Posts: 1,564
mcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond reputemcanerin has a reputation beyond repute
That's true, if you keep the fraud to a small amount every month instead of trying to get rich quick, then, unfortunately, you can get away with it for quite some time if you are careful.

Not all fraud is big fraud. The little stuff can add up over time.

Ian
__________________
International SEO
mcanerin is offline   Reply With Quote
Old 06-16-2005   #12
jpchrysler
Member
 
Join Date: Jun 2005
Posts: 15
jpchrysler is on a distinguished road
The scary issue to me is that so many people could be perpetrating this sort of low level fraud. Yeah, it may only be $500 bucks per individual, but there are plenty of people who are willing and able to do it, particularly because it's not even technically illegal, as far as I can tell.

Do it intelligently, and you could be doing a lot more volume than that, though.
jpchrysler is offline   Reply With Quote
Old 05-21-2007   #13
ECV
Newbie
 
Join Date: May 2007
Posts: 1
ECV is on a distinguished road
Wink The big G spot

Quote:
Originally Posted by jpchrysler
the big G wouldn't notice (if you want to know how, feel free to PM me or shoot me an email, I'd rather not make it public on this forum)
Heck, they might even send you a Christmas gift.
Sssshhh been at it tiny for while. Can we swap ideas? UK has advantage of ability to have more than one G account so not end of world if account lost.
ECV is offline   Reply With Quote
Old 05-23-2007   #14
nekit
Newbie
 
Join Date: May 2007
Posts: 1
nekit is on a distinguished road
Quote:
Originally Posted by jpchrysler
There are plenty of bot-based techniques that can grab disparate IP addresses to run automated clicks through AdSense and Findwhat, etc. As long as there is an incentive, and the engines don't take steps to eliminate it, which they aren't doing, there will continue to be a lot of fraud.

But it doesn't take a sophisticated professional to perpetrate click fraud. Anybody with an AdSense account, $12, and very basic computer skills could be scamming Google to the tune of a few hundred dollars a month and the big G wouldn't notice (if you want to know how, feel free to PM me or shoot me an email, I'd rather not make it public on this forum)

Heck, they might even send you a Christmas gift.
Yes. it is a true! I it heard too!

Last edited by evilgreenmonkey : 05-23-2007 at 02:58 AM. Reason: Removed sig
nekit is offline   Reply With Quote
Old 05-23-2007   #15
Reflection
Member
 
Join Date: May 2007
Location: Bhubaneswar, India
Posts: 139
Reflection is on a distinguished road
Hi all,

Nice information, thank you.
Reflection is offline   Reply With Quote
Old 05-23-2007   #16
Reflection
Member
 
Join Date: May 2007
Location: Bhubaneswar, India
Posts: 139
Reflection is on a distinguished road
I think due to this reason some google adsense account is spammed. This indiacates us that search engine can detect any spammy or fraud technique.
It may take some time.
Reflection is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off