Web security company shows sophisticated web of bad actors.
Earlier this year, shortly after Google announced it was opting all advertisers out of AdSense for Domains, I issued a warning: this would be bad for web security.
A new research report confirms my hypothesis. As traditional pay-per-click domain parking becomes less profitable, more people are turning to zero-click (aka direct) advertising.
With zero-click, visitors to a domain bypass pages of ads and are instead forwarded directly to an advertiser. Often, these domains forward to scam or malware sites.
Web security company Infoblox has discovered that “many times” is a lot. Whereas a decade ago, malicious redirects were a small minority, they are now the norm, according to the company. It determined that, over 90% of the time, visitors to a parked domain would be directed to illegal content, scams, scareware and anti-virus software subscriptions, or malware.
Infoblox doesn’t implicate the domain parking and zero-click companies themselves. Some of these companies run their advertisers through Know Your Customer tests to make sure they are legitimate. The problem is that advertisers often resell the traffic. It’s not unusual to bounce through five or more redirects after visiting a domain; any of these resellers and affiliates further down the chain can sell the traffic to bad actors.
The company cited sophisticated networks that try to hide their activities depending on who is visiting the domains. Some only send through zero-click when the visitor is from a residential IP, for example.
In another case, a person uses a typo of GoDaddy’s domaincontrol.com nameserver to capture traffic. Ironically, the typo domain is registered with GoDaddy.
The death of AdSense for Domains means more domains will be monetized through zero-click. This is a danger to the domain industry and domain investors. It will create ill will.
Domain investors who use parked domain servers should verify how their traffic is being monetized to ensure their domains aren’t forwarding to bad sites.
It’s also imperative that companies that use zero-click parking explain precisely how they prevent bad actors from infiltrating their traffic streams.
Leave a Comment